- post-edit-typecheck: verify 25-level-deep directory completes without
hanging (tests the max depth=20 walk-up guard)
- cleanupAliases: document behavior when sessionExists callback throws
(propagates to caller, which is acceptable)
Tests the new transcript parsing from PR #215:
- entry.message.content format (string and array content)
- tool_use blocks nested in assistant message content arrays
- Verifies file paths and tool names extracted from both formats
The test was using 'claude-sonnet-4-5-20250929' which isn't in VALID_MODELS
(haiku/sonnet/opus). Use 'sonnet' with a description field containing
colons to properly test colon handling in frontmatter values.
Windows cmd.exe treats single quotes literally, so `echo '...' | node -e '...'`
fails. Switched to execFileSync with the `input` option to pipe stdin data
directly without shell quoting issues.
- hooks.json: add \b word boundary anchors to dev server blocking regex
to prevent false positives matching "npm run develop", "npm run devtools" etc.
- skill-create-output.js: guard box() horizontal repeat with Math.max(0, ...)
to prevent RangeError when title exceeds container width
- Add 13 tests for setup-package-manager.js CLI argument parsing
- Add 14 tests for skill-create-output.js SkillCreateOutput class
- All 333 tests passing
On Windows, os.homedir() uses USERPROFILE env var instead of HOME.
Tests that override HOME to a temp dir must also set USERPROFILE for
the session-manager, session-aliases, and session-start hook tests
to find files in the correct directory.
- hooks.schema.json: add async (boolean) and timeout (number) properties
to hookItem definition, matching fields used in hooks.json
- validate-hooks.js: validate async and timeout types when present
- hooks.test.js: add SessionEnd to required event types check
Bug fixes:
- utils.js: prevent duplicate 'g' flag in countInFile regex construction
- validate-agents.js: handle CRLF line endings in frontmatter parsing
- validate-hooks.js: handle \t and \\ escape sequences in inline JS validation
- session-aliases.js: prevent NaN in date sort when timestamps are missing
- session-aliases.js: persist rollback on rename failure instead of silent loss
- session-manager.js: require absolute paths in getSessionStats to prevent
content strings ending with .tmp from being treated as file paths
New tests (164 total, up from 97):
- session-manager.test.js: 27 tests covering parseSessionFilename,
parseSessionMetadata, getSessionStats, CRUD operations, getSessionSize,
getSessionTitle, edge cases (null input, non-existent files, directories)
- session-aliases.test.js: 40 tests covering loadAliases (corrupted JSON,
invalid structure), setAlias (validation, reserved names), resolveAlias,
listAliases (sort, search, limit), deleteAlias, renameAlias, updateAliasTitle,
resolveSessionAlias, getAliasesForSession, cleanupAliases, atomic write
Also includes hook-generated improvements:
- utils.d.ts: document that readStdinJson never rejects
- session-aliases.d.ts: fix updateAliasTitle type to accept null
- package-manager.js: add try-catch to setProjectPackageManager writeFile
Windows pipes raise EOF instead of EPIPE when the child process
exits before stdin finishes flushing. Added EOF to the ignored
error codes in runHookWithInput.
Integration tests were still passing CLAUDE_TRANSCRIPT_PATH as an env
var, but evaluate-session.js now reads transcript_path from stdin JSON.
Also improves strategic-compact skill with decision guide and survival table.
- Migrate session-end.js and evaluate-session.js from CLAUDE_TRANSCRIPT_PATH
env var to stdin JSON transcript_path (correct hook input mechanism)
- Remove duplicate main() calls that ran before stdin was read, causing
session files to be created with empty data
- Add range validation (1-10000) on COMPACT_THRESHOLD in suggest-compact.js
to prevent negative or absurdly large thresholds
- Add integration/hooks.test.js to tests/run-all.js so CI runs all 97 tests
- Update evaluate-session.sh to parse transcript_path from stdin JSON
- Update hooks.test.js to pass transcript_path via stdin instead of env var
- Sync .cursor/ copies
- New skills: api-design, database-migrations, deployment-patterns
- validate-hooks.js: validate inline JS syntax in node -e hook commands
- utils.test.js: edge case tests for findFiles with null/undefined inputs
- README: update skill count to 35, add new skills to directory tree
Core library fixes:
- session-manager.js: wrap all statSync calls in try-catch to prevent
TOCTOU crashes when files are deleted between readdir and stat
- session-manager.js: use birthtime||ctime fallback for Linux compat
- session-manager.js: remove redundant existsSync before readFile
- utils.js: fix findFiles TOCTOU race on statSync inside readdir loop
Hook improvements:
- Add 1MB stdin buffer limits to all PostToolUse hooks to prevent
unbounded memory growth from large payloads
- suggest-compact.js: use fd-based atomic read+write for counter file
to reduce race window between concurrent invocations
- session-end.js: log when transcript file is missing, check
replaceInFile return value for failed timestamp updates
- start-observer.sh: log claude CLI failures instead of silently
swallowing them, check observations file exists before analysis
Test fixes:
- Fix blocking hook tests to send matching input (dev server command)
and expect correct exit code 2 instead of 1
The prompt no longer lists "Available package managers" (which required
spawning processes) — it now shows "Supported package managers" and
mentions lock file detection as a configuration option.
All 69 tests pass.
- Fix 16 ESLint no-unused-vars errors across hook scripts and tests
- Add eslint-disable comment for intentional control-regex in ANSI stripper
- Update session file test to use getSessionIdShort() instead of hardcoded 'default'
(reflects PR #110's project-name fallback behavior)
- Add marketing/ to .gitignore (local drafts)
- Add skill-create-output.js (terminal output formatter)
All 69 tests now pass. CI should be green.
Fixes#103, #106, #108
Claude Code automatically loads hooks/hooks.json by convention.
Explicitly declaring it in plugin.json causes a duplicate detection
error: "Duplicate hooks file detected"
Added regression test to prevent this from being reintroduced.