From be9c919fc564baeb031711c9bea7ef029469c8e3 Mon Sep 17 00:00:00 2001 From: AnExiledDev Date: Mon, 2 Mar 2026 05:00:03 +0000 Subject: [PATCH] Add official Anthropic plugins, soften .env.example guard, sync docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add code-review, feature-dev, pr-review-toolkit from anthropics/claude-code - Migrate plugin identifiers from @claude-plugins-official to @anthropics/claude-code - Allow .env.example edits in protected-files-guard (negative lookahead) - Fix protected-files-guard README: "fails open" → "fails closed" - Merge [Unreleased] changelog into v2.0.0, update test counts (241→289) - Update plugin count 14→17 across docs, README, and plugins index --- .codeforge/config/settings.json | 5 +- .devcontainer/CHANGELOG.md | 63 ++++++------------- .devcontainer/CLAUDE.md | 3 + .../plugins/protected-files-guard/README.md | 4 +- .../scripts/guard-protected-bash.py | 2 +- .../scripts/guard-protected.py | 2 +- .devcontainer/scripts/setup-plugins.sh | 2 +- README.md | 2 +- .../docs/customization/configuration.md | 5 +- docs/src/content/docs/features/index.md | 2 +- .../docs/getting-started/first-session.md | 2 +- .../src/content/docs/getting-started/index.md | 2 +- .../docs/getting-started/installation.md | 4 +- docs/src/content/docs/plugins/index.md | 10 ++- 14 files changed, 49 insertions(+), 59 deletions(-) diff --git a/.codeforge/config/settings.json b/.codeforge/config/settings.json index 49d1ad3..ef8420b 100644 --- a/.codeforge/config/settings.json +++ b/.codeforge/config/settings.json @@ -53,7 +53,10 @@ "command": "/usr/local/bin/ccstatusline-wrapper" }, "enabledPlugins": { - "frontend-design@claude-plugins-official": true, + "frontend-design@anthropics/claude-code": true, + "code-review@anthropics/claude-code": true, + "feature-dev@anthropics/claude-code": true, + "pr-review-toolkit@anthropics/claude-code": true, "codeforge-lsp@devs-marketplace": true, "ticket-workflow@devs-marketplace": true, "notify-hook@devs-marketplace": true, diff --git a/.devcontainer/CHANGELOG.md b/.devcontainer/CHANGELOG.md index 1382af8..fba2dec 100644 --- a/.devcontainer/CHANGELOG.md +++ b/.devcontainer/CHANGELOG.md @@ -1,47 +1,5 @@ # CodeForge Devcontainer Changelog -## [Unreleased] - -### Security -- Removed environment variable injection vector in agent redirect log path (S2-01) -- Narrowed config deployment allowed destinations from `/usr/local` to `/usr/local/share` (S2-09) -- Protected files guard now fails closed on unexpected errors instead of failing open (S2-04) - -### Testing -- **Plugin test suite** — 289 pytest tests covering 6 critical plugin scripts that previously had zero tests: - - `block-dangerous.py` (62 tests) — all 33 dangerous command patterns with positive/negative/edge cases - - `guard-workspace-scope.py` (40 tests) — blacklist, scope, allowlist, bash enforcement layers, primary command extraction - - `guard-protected.py` (56 tests) — all protected file patterns (secrets, locks, keys, credentials, auth dirs) - - `guard-protected-bash.py` (49 tests) — write target extraction, multi-target commands, and protected path integration - - `guard-readonly-bash.py` (69 tests) — general-readonly and git-readonly modes, bypass prevention, global flag handling - - `redirect-builtin-agents.py` (13 tests) — redirect mapping, passthrough, output structure -- Added `test:plugins` and `test:all` npm scripts for running plugin tests -- Python plugin tests (`pytest`) added to CI pipeline (Q3-08) - -### Dangerous Command Blocker -- **Force push block now suggests `git merge` as workaround** — error message explains how to avoid diverged history instead of leaving the agent to improvise destructive workarounds -- **Block `--force-with-lease`** — was slipping through regex; all force push variants now blocked uniformly -- **Block remote branch deletion** — `git push origin --delete` and colon-refspec deletion (`git push origin :branch`) now blocked; deleting remote branches closes associated PRs -- **Fixed README** — error handling was documented as "fails open" but code actually fails closed; corrected to match behavior -- Dangerous command blocker handles prefix bypasses (`\rm`, `command rm`, `env rm`) and symbolic chmod (S2-03) - -### Guards -- Fixed greedy alternation in write-target regex — `>>` now matched before `>` (Q3-01) -- Unified write-target extraction patterns across guards — protected-files bash guard expanded from 5 to 20 patterns (C1-02) -- Multi-target command support — `rm`, `touch`, `mkdir`, `chmod`, `chown` with multiple file operands now check all targets -- Bare `git stash` (equivalent to push) now blocked in read-only mode (Q3-04) -- Fixed git global flag handling — `git -C /path stash list` no longer misidentifies the stash subcommand - -### Documentation -- **DevContainer CLI guide** — dedicated Getting Started page for terminal-only workflows without VS Code -- **v2 Migration Guide** — path changes, automatic migration, manual steps, breaking changes, and troubleshooting -- Documented 4 previously undocumented agents in agents.md: implementer, investigator, tester, documenter -- Added missing git-workflow and prompt-snippets to configuration.md enabledPlugins example -- Added CONFIG_SOURCE_DIR deprecation note in environment variables reference -- Added cc-orc orchestrator command to first-session launch commands table -- Tabbed client-specific instructions on the installation page -- Dedicated port forwarding reference page covering VS Code auto-detect, devcontainer-bridge, and SSH tunneling - ## v2.0.0 — 2026-02-26 ### .codeforge/ Configuration System @@ -100,6 +58,8 @@ - **worktree skill** — git worktree creation, management, cleanup, `EnterWorktree` tool, `.worktreeinclude` setup ### Plugins +- **Expanded Anthropic official plugins** — added `code-review`, `feature-dev`, and `pr-review-toolkit` from `anthropics/claude-code` +- **Migrated plugin identifiers** — switched from `@claude-plugins-official` to `@anthropics/claude-code` format - **Git workflow** — `/ship` (commit/push/PR with code review and approval) and `/pr:review` (PR review by number/URL, posts findings as comment) - **Prompt snippets** — `/ps` command for quick behavioral mode switches (noaction, brief, plan, go, review, ship, deep, hold, recall, wait); composable (`/ps noaction brief`) @@ -113,9 +73,10 @@ - POSIX redirect, bash-required installer shell, quoted `${TARGET}`, directory pre-creation ### Testing -- **241 pytest tests** covering 6 critical plugin scripts (previously zero tests): - - `block-dangerous.py` (46), `guard-workspace-scope.py` (40), `guard-protected.py` (55), `guard-protected-bash.py` (24), `guard-readonly-bash.py` (63), `redirect-builtin-agents.py` (13) +- **289 pytest tests** covering 6 critical plugin scripts (previously zero tests): + - `block-dangerous.py` (62), `guard-workspace-scope.py` (40), `guard-protected.py` (56), `guard-protected-bash.py` (49), `guard-readonly-bash.py` (69), `redirect-builtin-agents.py` (13) - `test:plugins` and `test:all` npm scripts +- Python plugin tests (`pytest`) added to CI pipeline (Q3-08) ### Authentication - `CLAUDE_AUTH_TOKEN` support in `.secrets` for long-lived tokens from `claude setup-token` @@ -123,6 +84,9 @@ - `CLAUDE_AUTH_TOKEN` in devcontainer.json secrets declaration ### Security +- Removed environment variable injection vector in agent redirect log path (S2-01) +- Narrowed config deployment allowed destinations from `/usr/local` to `/usr/local/share` (S2-09) +- Protected files guard now fails closed on unexpected errors instead of failing open (S2-04) - Protected-files-guard blocks `.credentials.json` modifications - Replaced `eval` tilde expansion with `getent passwd` lookup (prevents shell injection) - Auth token JSON-escaped before writing; credential directory with restrictive umask (700) @@ -153,8 +117,17 @@ - Force push block now suggests `git merge` as workaround - Block `--force-with-lease` — all force push variants now blocked uniformly - Block remote branch deletion (`git push origin --delete`, colon-refspec `git push origin :branch`) +- Handles prefix bypasses (`\rm`, `command rm`, `env rm`) and symbolic chmod (S2-03) - Fixed README — error handling documented as "fails open" but code actually fails closed +### Guards +- **Allowed `.env.example` edits** — `.env.example` is no longer blocked by the `.env.*` pattern; actual secret files (`.env.local`, `.env.production`, etc.) remain protected +- Fixed greedy alternation in write-target regex — `>>` now matched before `>` (Q3-01) +- Unified write-target extraction patterns across guards — protected-files bash guard expanded from 5 to 20 patterns (C1-02) +- Multi-target command support — `rm`, `touch`, `mkdir`, `chmod`, `chown` with multiple file operands now check all targets +- Bare `git stash` (equivalent to push) now blocked in read-only mode (Q3-04) +- Fixed git global flag handling — `git -C /path stash list` no longer misidentifies the stash subcommand + ### Session Context & Code Quality - **Commit reminder** — switched to advisory (was blocking); tiered logic for meaningful changes; only fires when session modified files - **Advisory test runner** — reads from correct tmp file prefix (`claude-cq-edited` instead of `claude-edited-files`) @@ -198,6 +171,8 @@ - Missing plugin pages for git-workflow and prompt-snippets - Port Forwarding reference, CLI guide cross-link, slimmed Installation page - Documented 4 workhorse agents, cc-orc command, CONFIG_SOURCE_DIR deprecation, CLAUDE_AUTH_TOKEN setup +- Added missing git-workflow and prompt-snippets to configuration.md enabledPlugins example +- Tabbed client-specific instructions on the installation page - MD040 compliance (language specifiers on fenced code blocks) - Architecture docs — `.checksums/` and `.markers/` in `.codeforge/` tree - Troubleshooting — "Reset to Defaults" renamed to "How to Reset", clarified `--reset` behavior diff --git a/.devcontainer/CLAUDE.md b/.devcontainer/CLAUDE.md index c144833..b895519 100644 --- a/.devcontainer/CLAUDE.md +++ b/.devcontainer/CLAUDE.md @@ -50,6 +50,9 @@ Declared in `settings.json` under `enabledPlugins`, auto-activated on start: - **git-workflow** — Standalone ship (commit/push/PR) + PR review - **notify-hook** — Desktop notifications on completion - **frontend-design** (Anthropic official) — UI/frontend design skill +- **code-review** (Anthropic official) — Code review skill +- **feature-dev** (Anthropic official) — Feature development skill +- **pr-review-toolkit** (Anthropic official) — PR review commands + agents - **prompt-snippets** — Quick behavioral mode switches via /ps command ## Rules System diff --git a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/README.md b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/README.md index 364387a..c050951 100644 --- a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/README.md +++ b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/README.md @@ -10,7 +10,7 @@ Intercepts file operations and checks target paths against a set of protected pa | Category | Patterns | Reason | |----------|----------|--------| -| Environment secrets | `.env`, `.env.*` | Contains secrets | +| Environment secrets | `.env`, `.env.*` (except `.env.example`) | Contains secrets | | Git internals | `.git/` | Managed by git | | Lock files | `package-lock.json`, `yarn.lock`, `pnpm-lock.yaml`, `Gemfile.lock`, `poetry.lock`, `Cargo.lock`, `composer.lock`, `uv.lock` | Must be modified via package manager | | Certificates & keys | `.pem`, `.key`, `.crt`, `.p12`, `.pfx` | Sensitive cryptographic material | @@ -60,7 +60,7 @@ The Bash guard parses commands for write-indicating patterns and extracts the ta | Scenario | Behavior | |----------|----------| | JSON parse failure | Fails closed (exit 2) — blocks the operation | -| Other exceptions | Fails open (exit 0) — logs error, allows the operation | +| Other exceptions | Fails closed (exit 2) — logs error, blocks the operation | ### Timeout diff --git a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected-bash.py b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected-bash.py index be43e71..422eb6a 100644 --- a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected-bash.py +++ b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected-bash.py @@ -17,7 +17,7 @@ PROTECTED_PATTERNS = [ (r"(^|/)\.env$", "Blocked: .env contains secrets - edit manually if needed"), ( - r"(^|/)\.env\.[^/]+$", + r"(^|/)\.env\.(?!example$)[^/]+$", "Blocked: .env.* files contain secrets - edit manually if needed", ), (r"(^|/)\.git(/|$)", "Blocked: .git is managed by git"), diff --git a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected.py b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected.py index b8d5eca..3074c34 100644 --- a/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected.py +++ b/.devcontainer/plugins/devs-marketplace/plugins/protected-files-guard/scripts/guard-protected.py @@ -16,7 +16,7 @@ # Environment secrets (r"(^|/)\.env$", "Blocked: .env contains secrets - edit manually if needed"), ( - r"(^|/)\.env\.[^/]+$", + r"(^|/)\.env\.(?!example$)[^/]+$", "Blocked: .env.* files contain secrets - edit manually if needed", ), # Git internals diff --git a/.devcontainer/scripts/setup-plugins.sh b/.devcontainer/scripts/setup-plugins.sh index cdb32ac..e2513a9 100755 --- a/.devcontainer/scripts/setup-plugins.sh +++ b/.devcontainer/scripts/setup-plugins.sh @@ -22,7 +22,7 @@ fi echo "[setup-plugins] Installing plugins..." # --- Official Anthropic Plugins --- -DEFAULT_OFFICIAL_PLUGINS="frontend-design@claude-plugins-official svelte@sveltejs/mcp" +DEFAULT_OFFICIAL_PLUGINS="frontend-design@anthropics/claude-code code-review@anthropics/claude-code feature-dev@anthropics/claude-code pr-review-toolkit@anthropics/claude-code svelte@sveltejs/mcp" IFS=' ' read -ra OFFICIAL_PLUGINS <<< "${OFFICIAL_PLUGINS:-$DEFAULT_OFFICIAL_PLUGINS}" for plugin in "${OFFICIAL_PLUGINS[@]}"; do diff --git a/README.md b/README.md index c1c4a9b..11bfeb1 100644 --- a/README.md +++ b/README.md @@ -106,7 +106,7 @@ CodeForge operates in three layers, each building on the one below: **DevContainer** — The foundation. A Python 3.14 container with Node.js, Rust, and Bun runtimes, plus 22 custom features that install development tools (ast-grep, tree-sitter, biome, ruff, and others). -**CodeForge Layer** — The intelligence. 13 plugins register hooks that validate commands, inject context, and enforce safety. 17 agents provide specialized personas. 35 skills offer on-demand reference material. System prompts and rules shape behavior. +**CodeForge Layer** — The intelligence. 17 plugins register hooks that validate commands, inject context, and enforce safety. 21 agents provide specialized personas. 38 skills offer on-demand reference material. System prompts and rules shape behavior. **Claude Code** — The AI assistant, executing tools and coordinating work. CodeForge enhances it through configuration — replacing built-in subagents, adding safety guardrails, and wiring up quality checks that run automatically. diff --git a/docs/src/content/docs/customization/configuration.md b/docs/src/content/docs/customization/configuration.md index 4721fee..8cff84e 100644 --- a/docs/src/content/docs/customization/configuration.md +++ b/docs/src/content/docs/customization/configuration.md @@ -96,7 +96,10 @@ The `enabledPlugins` section controls which plugins are active: "codeforge-lsp@devs-marketplace": true, "git-workflow@devs-marketplace": true, "prompt-snippets@devs-marketplace": true, - "frontend-design@claude-plugins-official": true + "frontend-design@anthropics/claude-code": true, + "code-review@anthropics/claude-code": true, + "feature-dev@anthropics/claude-code": true, + "pr-review-toolkit@anthropics/claude-code": true } } ``` diff --git a/docs/src/content/docs/features/index.md b/docs/src/content/docs/features/index.md index 4ae61ef..ba71e06 100644 --- a/docs/src/content/docs/features/index.md +++ b/docs/src/content/docs/features/index.md @@ -17,7 +17,7 @@ Out of the box, CodeForge gives you: - **38 domain knowledge packs** (skills) for frameworks, patterns, and workflows - **22 CLI tools** for session management, code quality, and development - **3 layers of code intelligence** — AST-based search, syntax parsing, and LSP semantic analysis -- **14 plugins** that wire everything together with hooks, guards, and automation +- **17 plugins** that wire everything together with hooks, guards, and automation All of these features work together. An agent can load skills for domain expertise, use CLI tools for code quality checks, and leverage code intelligence for precise navigation — all orchestrated automatically. diff --git a/docs/src/content/docs/getting-started/first-session.md b/docs/src/content/docs/getting-started/first-session.md index aa9fe06..9da25e1 100644 --- a/docs/src/content/docs/getting-started/first-session.md +++ b/docs/src/content/docs/getting-started/first-session.md @@ -36,7 +36,7 @@ If something isn't working as expected in a CodeForge session, try `ccraw` to se When your session starts, several systems activate behind the scenes. You don't need to configure any of this — it just works. - **System prompt** — gives Claude context about your project, coding standards, and how to communicate. Customizable via [System Prompts](../customization/system-prompts/). -- **Plugin hooks** — 14 plugins fire automatically at key moments: blocking dangerous commands, guarding workspace scope, injecting git state, running code quality checks, and more. See the [Plugins Overview](../plugins/) for details on each one. +- **Plugin hooks** — 17 plugins fire automatically at key moments: blocking dangerous commands, guarding workspace scope, injecting git state, running code quality checks, and more. See the [Plugins Overview](../plugins/) for details on each one. - **Session context** — Claude always knows your current branch, uncommitted changes, recent commits, and active TODOs without you having to explain it. ## What to Try First diff --git a/docs/src/content/docs/getting-started/index.md b/docs/src/content/docs/getting-started/index.md index 789d440..cabfe05 100644 --- a/docs/src/content/docs/getting-started/index.md +++ b/docs/src/content/docs/getting-started/index.md @@ -5,7 +5,7 @@ sidebar: order: 1 --- -CodeForge is a DevContainer configuration that transforms your development environment into an AI-powered workspace. It bundles 14 plugins, 22 tools, 21 specialized agents, and 38 skills into a single `npx codeforge-dev` install. +CodeForge is a DevContainer configuration that transforms your development environment into an AI-powered workspace. It bundles 17 plugins, 22 tools, 21 specialized agents, and 38 skills into a single `npx codeforge-dev` install. ## What is CodeForge? diff --git a/docs/src/content/docs/getting-started/installation.md b/docs/src/content/docs/getting-started/installation.md index bc2f7a5..8274808 100644 --- a/docs/src/content/docs/getting-started/installation.md +++ b/docs/src/content/docs/getting-started/installation.md @@ -51,7 +51,7 @@ your-project/ │ ├── devcontainer.json # Container definition and feature list │ ├── .env # Setup flags │ ├── features/ # 22 custom DevContainer features -│ ├── plugins/ # 14 plugins with hooks and scripts +│ ├── plugins/ # 17 plugins with hooks and scripts │ └── scripts/ # Setup and verification scripts ├── .codeforge/ │ ├── file-manifest.json # Controls config file deployment @@ -187,7 +187,7 @@ A few features ship with `"version": "none"` by default (shfmt, dprint, shellche ### Plugins -All 14 plugins are installed and active by default. They're configured through `settings.json` and managed by the plugin system. See the [Plugins Overview](../plugins/) for details on each plugin and how to enable or disable them. +All 17 plugins are installed and active by default. They're configured through `settings.json` and managed by the plugin system. See the [Plugins Overview](../plugins/) for details on each plugin and how to enable or disable them. ## Configuration diff --git a/docs/src/content/docs/plugins/index.md b/docs/src/content/docs/plugins/index.md index 9065505..52ce57c 100644 --- a/docs/src/content/docs/plugins/index.md +++ b/docs/src/content/docs/plugins/index.md @@ -131,7 +131,10 @@ These plugins connect CodeForge to external tools and add quality-of-life featur | [Session Context](./session-context/) | Injects git state, harvests TODOs, and reminds about uncommitted work | | [Notify Hook](./notify-hook/) | Desktop notifications when tasks complete | | [CodeForge LSP](./codeforge-lsp/) | Language server protocol integration for Python, TypeScript, and Go | -| [Frontend Design](./frontend-design/) | Frontend design patterns and UI component skills (external Anthropic plugin) | +| [Frontend Design](./frontend-design/) | Frontend design patterns and UI component skills (Anthropic official) | +| Code Review | Automated code review skill (Anthropic official) | +| Feature Dev | Feature development guidance skill (Anthropic official) | +| PR Review Toolkit | PR review commands and agents (Anthropic official) | ## Enabling and Disabling Plugins @@ -151,7 +154,10 @@ Plugins are declared in `settings.json` under the `enabledPlugins` key. Every pl "codeforge-lsp", "ticket-workflow", "notify-hook", - "frontend-design" + "frontend-design", + "code-review", + "feature-dev", + "pr-review-toolkit" ] } ```