Fix path to install script in README.md #570
Merged
+7
−7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WalkthroughUpdated documentation changes download URLs in README files to reference Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
Tip 🔌 Remote MCP (Model Context Protocol) integration is now available!Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats. 📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 💡 Knowledge Base configuration:
You can enable these sources in your CodeRabbit configuration. 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. CodeRabbit Commands (Invoked using PR/Issue comments)Type Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (4)
install/README.md (2)
6-13: Harden one-liners: fail-fast on HTTP errors and pipeline failures.
- Add -f to curl so 404/5xx don’t get piped to bash.
- Prefer curl variant, or wrap wget with pipefail to avoid false success when wget fails.
Apply:
-curl -sSL https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash +curl -fsSL https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bashOptional (if keeping wget):
-wget -qO- https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash +# Less preferred: ensure pipeline fails if wget fails +bash -c 'set -o pipefail; wget -qO- https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash'
15-25: Consider pinning installs to a tag for reproducibility.Document an alternative that references a released tag instead of main to avoid drift.
Example:
curl -fsSL https://raw.githubusercontent.com/automazeio/ccpm/vX.Y.Z/install/ccpm.sh | bashREADME.md (2)
391-393: Path update is correct; mirror curl hardening.Approve the install/ccpm.sh path. Also add -f to curl (and same note about wget/pipefail if you show wget elsewhere) to fail fast on HTTP errors.
Apply:
- curl -sSL https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash + curl -fsSL https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash - # or: wget -qO- https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash + # or (ensure pipeline fails if download fails): + # bash -c 'set -o pipefail; wget -qO- https://raw.githubusercontent.com/automazeio/ccpm/main/install/ccpm.sh | bash'
395-403: Optional: add pinned-tag variant and checksum note.For deterministic installs, show a tag-pinned command and (optionally) a shasum verify step.
Example:
# Pin to a release tag curl -fsSL https://raw.githubusercontent.com/automazeio/ccpm/vX.Y.Z/install/ccpm.sh | bash # Optional integrity check # curl -fsSL https://github.com/automazeio/ccpm/releases/download/vX.Y.Z/ccpm.sh.sha256 -o ccpm.sh.sha256 # curl -fsSL https://raw.githubusercontent.com/automazeio/ccpm/vX.Y.Z/install/ccpm.sh -o ccpm.sh # shasum -a 256 -c ccpm.sh.sha256 && bash ccpm.sh
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (2)
README.md(1 hunks)install/README.md(1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-08-28T00:16:38.208Z
Learnt from: gsornsen
PR: automazeio/ccpm#545
File: .github/workflows/release-test.yml:54-65
Timestamp: 2025-08-28T00:16:38.208Z
Learning: In gsornsen's CCPM project, the GitHub Actions workflows deliberately install Git Bash and Chocolatey on Windows runners to normalize shell commands across all platforms (Windows, macOS, Linux), creating a unified bash environment that works consistently across the OS matrix.
Applied to files:
README.mdinstall/README.md
📚 Learning: 2025-08-28T00:18:18.000Z
Learnt from: gsornsen
PR: automazeio/ccpm#545
File: Makefile:175-175
Timestamp: 2025-08-28T00:18:18.000Z
Learning: In gsornsen's CCPM project, they prefer to ignore native Windows cmd.exe compatibility issues (like mkdir -p) in favor of their Git Bash approach that normalizes shell commands across all platforms, creating a unified bash environment.
Applied to files:
README.md
🔇 Additional comments (1)
install/README.md (1)
6-6: Path fix is correct.install/ccpm.sh is the right target after the move. Looks good.
Also applies to: 12-12
stefanlegg
force-pushed
the
fix-install-path
branch
from
3bff66d to
f48ed35
Compare
ranaroussi
added a commit
that referenced
this pull request
Sep 24, 2025
* feat: Add automatic worktree directory fix via pre-tool-use hook Problem: Bash tool resets to main project directory after every command, breaking worktree operations for parallel agent development. Solution: Pre-tool-use hook that automatically detects worktree context and injects 'cd /path/to/worktree && ' prefix to all Bash commands. Features: - Zero-config: Agents don't need special instructions or awareness - Smart detection: Distinguishes worktrees (.git file) from repos (.git dir) - Edge case handling: Background processes, pipes, env vars, etc. - Debug mode: CLAUDE_HOOK_DEBUG=true for troubleshooting - Skip patterns: Avoids double-prefixing and unnecessary injections This enables true parallel development with multiple agents in different worktrees without any manual command prefixing or documentation burden. Tested via shell-shocked test suite: All 7 stress test scenarios passed. Or if you prefer a shorter version: feat: Auto-fix Bash tool worktree directory reset issue Implements pre-tool-use hook that transparently injects 'cd /worktree && ' prefix when operating in git worktrees. Handles background processes, pipes, and other edge cases. Agents need zero awareness of the fix. Enables parallel multi-agent development in worktrees without manual prefixing. * fix: script name in hooks README file * fix: make bash-worktree-fix POSIX-compliant * Update .claude/hooks/config.json Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix: improve bash worktree hook robustness and documentation - Fix critical bugs in worktree detection and command parsing: * Distinguish between git worktrees and submodules (check for /worktrees/ in gitdir path) * Fix TAB pattern bug using proper tokenization instead of brittle globbing * Fix overly broad dot-prefix skip that broke ./script.sh execution * Add proper path quoting to handle spaces and special characters * Capture all arguments with $* instead of just $1 - Improve documentation: * Remove personal paths from examples * Restructure troubleshooting steps for clarity * Switch from jq to python -m json.tool for wider compatibility * Clarify that hook config goes in main .claude/settings.json - Simplify configuration: * Remove redundant config.json * Add settings.json.example showing proper integration * Fix background process detection for both "cmd &" and "cmd&" patterns These changes prevent false positives on commands like "cdbuild", ensure relative scripts work in worktrees, and handle paths with spaces correctly. * docs: fix a path in the instructions for how to enable the bash worktree fix hook * fix: harden bash worktree hook against security vulnerabilities Security and robustness improvements to prevent shell injection and edge cases: - Prevent pathname expansion attacks by disabling globbing during tokenization * Commands like "echo *" no longer expand before parsing - Fix absolute path detection for environment-prefixed commands * Now correctly handles "VAR=1 /usr/bin/make" patterns - Implement secure path quoting using single quotes with proper escaping * Handles paths containing quotes, spaces, and special characters - Optimize .git file reading using shell built-ins instead of cat * Avoids subshell and only reads first line for efficiency - Improve debug mode to accept multiple truthy values (true/TRUE/1/yes/YES) - Add ShellCheck compliance with consistent variable bracing and default cases The hook now safely handles edge cases like: - Paths with single quotes: /path/to/joe's-project/ - Commands with wildcards that shouldn't expand - Mixed environment variables and absolute paths All changes maintain POSIX compatibility while significantly improving security posture and reliability. * refactor: improve worktree hook robustness and portability Major improvements to the bash worktree fix hook for better reliability: Validation & Safety: - Add gitdir path validation to verify the directory actually exists - Normalize relative gitdir paths to absolute for proper resolution - Add pwd directory check to handle edge cases - Use dirname with -- flag for safer path handling Portability: - Replace echo with printf throughout for consistent behavior - Use literal space/tab characters instead of [:space:] for POSIX compatibility - Rename shell_quote to shell_squote for clarity - Maintain set -f protection during pattern matching Simplification: - Streamline skip detection logic with cleaner patterns - Consolidate builtin command checks into single case statement - Remove unnecessary comments while keeping essential documentation - Cleaner whitespace detection using portable pattern The hook now properly validates that gitdir paths exist before treating them as worktrees, preventing false positives. Pattern matching is more portable across different POSIX shells, and printf usage eliminates echo's platform-specific quirks. All security improvements are retained: pathname expansion protection, proper single-quote escaping, and safe handling of background processes. * fix: restore [:space:] patterns and handle CRLF line endings Critical fixes and improvements to the bash worktree hook: Bug Fixes: - Handle CRLF line endings in .git files (Windows compatibility) * Strip trailing CR characters that break gitdir path parsing - Restore [:space:] character class for better Unicode support * Literal space/tab was too restrictive for international locales - Remove absolute path skip logic that broke many commands * Commands like `/usr/bin/npm install` still need correct cwd * Only skip builtins and commands that truly don't need directory context Performance: - Add fast-path exit when not in a worktree * Avoids unnecessary skip checks for common case - Remove redundant set -f globbing protection * Pattern matching doesn't trigger pathname expansion in case statements Clarity: - Streamline comments to be more concise - Quote original_command consistently - Better explain why absolute paths aren't skipped The hook now correctly handles Windows-created .git files with CRLF endings and properly supports all absolute-path commands that depend on the current working directory (which is most of them). * revert: remove dirname -- flag for broader compatibility Remove the '--' end-of-options flag from dirname command as it's not universally supported across all POSIX implementations. While '--' is good practice for handling filenames starting with dashes, dirname rarely encounters such edge cases in practice, and the compatibility issue is more pressing. Some older or minimal POSIX shells don't recognize '--' with dirname, causing the script to fail. Since we're already in a controlled loop walking up directory paths that come from pwd, the risk of dash-prefixed paths is negligible. Trade-off: Prioritizing compatibility over theoretical edge case protection. * Enhance context creation with comprehensive language detection Expand project detection capabilities to support 20+ programming languages and frameworks: - Add detection for JavaScript/TypeScript, Python (pyproject.toml), Java (Maven/Gradle), C#/.NET, Ruby, PHP, Dart/Flutter, Swift (including Xcode projects), C/C++, and Docker - Extend file type detection to include .ts, .jsx, .tsx, .kt, .cs, .rb, .php, .swift, .dart, .c, .h, .cpp, .hpp, and .sh files - Improve test detection to find both test directories and test files with common naming patterns (*test.*, *spec.*, test_*.*, *_test.*) - Exclude hidden directories in test detection for better performance This enhancement enables more accurate project analysis and better context creation across diverse development environments and technology stacks. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Expand comprehensive programming language support across all project components Complete systematic enhancement of language detection and build system support, following the comprehensive approach established in context/create.md: **Testing Framework Detection (.claude/commands/testing/prime.md):** - Add detection for PHP (PHPUnit, Pest), C#/.NET (MSTest, NUnit, xUnit), Java (JUnit/Maven/Gradle), Kotlin, Swift (XCTest), Dart/Flutter, C/C++ (GoogleTest, Catch2), Ruby (RSpec, Minitest) - Expand framework-specific configurations with proper commands and options - Add comprehensive dependency checking for all package managers - Include installation commands for all build systems (composer, mvn, gradle, dotnet, bundle, flutter, swift, ctest) - Add test file discovery patterns for all languages **Context Management Enhancement:** - Update dependency change detection in context/update.md for 11 build systems - Enhance context/prime.md project file analysis beyond basic detection - Maintain consistency with context/create.md comprehensive language support **Build System Integration:** - Expand pm/epic-merge.md test commands from 2 to 12 build systems - Add Maven, Gradle, Composer, .NET, Cargo, Go, Flutter, Swift, CMake support - Enable automated testing across all major development ecosystems **Infrastructure Support:** - Add bash permissions for 10 additional build tools in settings.local.json - Update process cleanup in test-execution.md and testing/run.md for all frameworks - Ensure consistent cross-language development workflow support This enhancement enables full development lifecycle support for 20+ programming languages and frameworks, providing consistent project detection, dependency management, testing, and build capabilities across diverse technology stacks. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Complete comprehensive programming language expansion with final enhancements Add final layer of language support improvements across infrastructure components: **Multi-Language Test Script (.claude/scripts/test-and-log.sh):** - Transform Python-only script to support 10+ languages and frameworks - Add intelligent test framework detection: Python (pytest), JavaScript/TypeScript (npm test, jest), Java (Maven, Gradle), C# (.NET), Ruby (RSpec), PHP (PHPUnit), Go, Rust, Swift, Dart/Flutter - Automatic file extension detection with appropriate test runner selection - Enhanced usage examples showing multi-language support **AST-Grep Language Reference (.claude/rules/use-ast-grep.md):** - Expand supported languages list from basic to comprehensive 50+ languages - Organize by categories: Primary Languages, Web & Markup, Configuration & Data, Shell & Scripts, and specialty languages - Add specific language codes for JavaScript/TypeScript variants, C/C++/C#, web frameworks (Vue, Svelte), and configuration formats (YAML, TOML, XML) **Issue Analysis Enhancement (.claude/commands/pm/issue-analyze.md):** - Generalize package.json references to support all project configuration files - Include build system coordination for Maven, Gradle, CMake, etc. **Test Runner Agent (.claude/agents/test-runner.md):** - Replace pytest-specific fallback with comprehensive multi-language fallback - Support framework detection and execution for all major testing ecosystems These enhancements complete the comprehensive language support initiative, ensuring consistent multi-language development workflow capabilities across all system components, from project detection to testing execution. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Fix ast-grep supported languages list to match official documentation Correct the ast-grep language support documentation to accurately reflect the actual 25 languages supported according to ast-grep.github.io: **Removed unsupported languages:** - Dart (not actually supported by ast-grep) - Vue, Svelte (framework-specific, not core languages) - SCSS, SASS, LESS (CSS preprocessors not supported) - TOML, XML (not in official support list) - PowerShell, shell variants beyond bash - OCaml and other languages incorrectly listed **Corrected to official 25 languages:** - System: C, C++, C#, Go, Rust - Web: JavaScript (js/jsx), TypeScript (ts), TSX, HTML, CSS, PHP - General: Python, Java, Kotlin, Ruby, Swift, Scala, Lua, Elixir, Haskell - Config: JSON, YAML - Other: Bash, Nix, Solidity **Updated examples:** - Use correct language aliases (js instead of javascript, ts instead of typescript) - Align with actual ast-grep command patterns This ensures accurate guidance for developers using ast-grep integration and prevents errors from referencing unsupported language identifiers. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Fix spelling error in README.md (#608) Bit of an inane PR but 🤷 * Fix path to install script in README.md (#570) * Add Chinese documentation and fix typo (#676) - Add Chinese documentation links in README.md, COMMANDS.md, and AGENTS.md - Fix typo: 'mutiple' -> 'multiple' in README.md - Include new Chinese documentation files in doc/ directory 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <[email protected]> * Fix: Prevent local file paths exposure in GitHub issue comments (#631) * Fix privacy issue: Add path standards validation and normalization - Add .claude/rules/path-standards.md with comprehensive path usage guidelines - Add .claude/scripts/check-path-standards.sh for automated validation - Add .claude/scripts/fix-path-standards.sh for automatic path normalization - Add documentation for path standards tools Addresses issue #630: Prevents local file paths from being exposed in GitHub issue comments, maintaining privacy and portability. Features: - Automatic detection of absolute path violations - Safe path normalization with backup support - Comprehensive validation with colored output - CI/CD integration ready - Cross-platform support (Unix/Windows paths) Author: Zephyr <[email protected]> * Fix PR feedback: Improve scripts and documentation - Enhanced shell error handling with 'set -Eeuo pipefail' - Fixed Windows path patterns in regex expressions - Added exclusions for rules and backup files to prevent false positives - Converted all Chinese text to English in documentation - Corrected path examples in standards documentation - Improved script robustness and cross-platform compatibility Addresses feedback from CodeRabbit AI and GitHub Copilot reviews. Author: Zephyr <[email protected]> * Polish: Final micro-optimizations for PR feedback - Fixed grammar issues in path-tools-README.md per LanguageTool feedback - Corrected path transformation examples in path-standards.md to match actual implementation - Ensured consistency between documentation examples and script behavior - Minor improvements for production-ready code quality All CodeRabbit AI and GitHub Copilot feedback addressed. Author: Zephyr <[email protected]> --------- Co-authored-by: dengzefeng <[email protected]> * Fix: Ensure GitHub issues are created in correct repository (#532) - Add explicit --repo flag to all gh issue create commands - Create repository detection configuration file - Handle both SSH and HTTPS git remote formats - Add validation and error handling for repository detection This prevents issues from being created in automazeio/ccpm instead of the user's actual repository. Co-authored-by: jodagreyhame <[email protected]> * Major Cleanup & Issue Resolution - 2025-01-24 (#953) * feat: Major cleanup and issue resolution - 2025-01-24 release ✨ NEW FEATURES: - Add comprehensive LOCAL_MODE.md guide for offline workflow - Auto-create GitHub labels (epic, task) during init - Modernize PM command syntax with !bash pattern - Add context accuracy safeguards with self-verification - Create comprehensive CHANGELOG.md documentation 🔧 IMPROVEMENTS: - Update 4 core PM commands to use efficient !bash syntax - Enhance init.sh with automatic GitHub label creation - Document context accuracy improvements in CONTEXT_ACCURACY.md - Streamline command definitions for better token efficiency 📊 IMPACT: - Resolves 10+ GitHub issues with comprehensive solutions - Enables true local-only development workflow - Reduces AI hallucination in context generation - Improves Claude Code compatibility and performance 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * fix: improve GitHub detection and error handling in init.sh Address GitHub Copilot feedback for better robustness: 🔧 IMPROVED REPOSITORY DETECTION: - Replace string matching with `gh repo view` for robust detection - Handles SSH URLs, GitHub Enterprise, and edge cases properly - Graceful fallback for non-GitHub repositories 🛡️ ENHANCED ERROR HANDLING: - Replace silent failures with meaningful user feedback - Track label creation success/failure individually - Check for existing labels before reporting errors - Clear status messages: success, partial, or failure 🧪 TESTED: - Bash syntax validation passed - Repository detection logic verified - Error handling scenarios tested Addresses high and medium priority feedback from Copilot review. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> --------- Co-authored-by: Claude <[email protected]> * Complete Directory Restructure & PM Command Modernization - Restructure from .claude/ to ccpm/ directory - Update all PM commands to use !bash execution syntax - Modernize command frontmatter for better token efficiency - Complete the missing directory restructuring from previous PRs This completes the architectural shift to the ccpm/ template structure. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * fix: correct script paths from .claude/ to ccpm/ in all PM commands All PM commands now properly reference ccpm/scripts/pm/ instead of the old .claude/scripts/pm/ paths. This completes the directory restructure that was partially implemented. - Fixed 28 script path references across all PM command files - Commands now correctly point to ccpm/scripts/pm/ location - Resolves issue where PM commands couldn't find their scripts 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Update installation script URLs in README files - Changed installation script URLs from GitHub raw links to direct links at automaze.io for improved reliability. - Updated both English and Chinese README files to reflect the new URLs. - Ensured consistency across Unix/Linux/macOS and Windows installation instructions. This change enhances the user experience by providing a more stable source for installation scripts. 🤖 Generated with [Claude Code](https://claude.ai/code) * Update installation script URLs in README files to point to the new install path - Changed installation script URLs from the old path to the new `/install` path for improved clarity and reliability. - Updated both English and Chinese README files to reflect the new URLs. - Ensured consistency across Unix/Linux/macOS and Windows installation instructions. This change enhances the user experience by providing a clear and stable source for installation scripts. --------- Co-authored-by: James Ross <[email protected]> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Steven <[email protected]> Co-authored-by: Claude <[email protected]> Co-authored-by: Connor Adams <[email protected]> Co-authored-by: Stefan Legg <[email protected]> Co-authored-by: cyxer000 <[email protected]> Co-authored-by: Aka mo <[email protected]> Co-authored-by: dengzefeng <[email protected]> Co-authored-by: jodagreyhame <[email protected]> Co-authored-by: jodagreyhame <[email protected]>
ranaroussi
added a commit
that referenced
this pull request
Sep 24, 2025
commit abf5bed Author: Ran Aroussi <[email protected]> Date: Wed Sep 24 18:46:43 2025 +0100 Refactor Bash command patterns in settings commit 1cc603e Author: Ran Aroussi <[email protected]> Date: Wed Sep 24 15:23:43 2025 +0100 Remove outdated Chinese documentation files for agents, commands, and README to streamline project resources. commit 34d7e72 Author: Ran Aroussi <[email protected]> Date: Wed Sep 24 15:23:17 2025 +0100 Revise README with new badge links and documentation Updated links and added Chinese documentation reference. commit 0026086 Author: Ran Aroussi <[email protected]> Date: Wed Sep 24 15:17:22 2025 +0100 RC => Main (stability and usability) (#954) * feat: Add automatic worktree directory fix via pre-tool-use hook Problem: Bash tool resets to main project directory after every command, breaking worktree operations for parallel agent development. Solution: Pre-tool-use hook that automatically detects worktree context and injects 'cd /path/to/worktree && ' prefix to all Bash commands. Features: - Zero-config: Agents don't need special instructions or awareness - Smart detection: Distinguishes worktrees (.git file) from repos (.git dir) - Edge case handling: Background processes, pipes, env vars, etc. - Debug mode: CLAUDE_HOOK_DEBUG=true for troubleshooting - Skip patterns: Avoids double-prefixing and unnecessary injections This enables true parallel development with multiple agents in different worktrees without any manual command prefixing or documentation burden. Tested via shell-shocked test suite: All 7 stress test scenarios passed. Or if you prefer a shorter version: feat: Auto-fix Bash tool worktree directory reset issue Implements pre-tool-use hook that transparently injects 'cd /worktree && ' prefix when operating in git worktrees. Handles background processes, pipes, and other edge cases. Agents need zero awareness of the fix. Enables parallel multi-agent development in worktrees without manual prefixing. * fix: script name in hooks README file * fix: make bash-worktree-fix POSIX-compliant * Update .claude/hooks/config.json Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix: improve bash worktree hook robustness and documentation - Fix critical bugs in worktree detection and command parsing: * Distinguish between git worktrees and submodules (check for /worktrees/ in gitdir path) * Fix TAB pattern bug using proper tokenization instead of brittle globbing * Fix overly broad dot-prefix skip that broke ./script.sh execution * Add proper path quoting to handle spaces and special characters * Capture all arguments with $* instead of just $1 - Improve documentation: * Remove personal paths from examples * Restructure troubleshooting steps for clarity * Switch from jq to python -m json.tool for wider compatibility * Clarify that hook config goes in main .claude/settings.json - Simplify configuration: * Remove redundant config.json * Add settings.json.example showing proper integration * Fix background process detection for both "cmd &" and "cmd&" patterns These changes prevent false positives on commands like "cdbuild", ensure relative scripts work in worktrees, and handle paths with spaces correctly. * docs: fix a path in the instructions for how to enable the bash worktree fix hook * fix: harden bash worktree hook against security vulnerabilities Security and robustness improvements to prevent shell injection and edge cases: - Prevent pathname expansion attacks by disabling globbing during tokenization * Commands like "echo *" no longer expand before parsing - Fix absolute path detection for environment-prefixed commands * Now correctly handles "VAR=1 /usr/bin/make" patterns - Implement secure path quoting using single quotes with proper escaping * Handles paths containing quotes, spaces, and special characters - Optimize .git file reading using shell built-ins instead of cat * Avoids subshell and only reads first line for efficiency - Improve debug mode to accept multiple truthy values (true/TRUE/1/yes/YES) - Add ShellCheck compliance with consistent variable bracing and default cases The hook now safely handles edge cases like: - Paths with single quotes: /path/to/joe's-project/ - Commands with wildcards that shouldn't expand - Mixed environment variables and absolute paths All changes maintain POSIX compatibility while significantly improving security posture and reliability. * refactor: improve worktree hook robustness and portability Major improvements to the bash worktree fix hook for better reliability: Validation & Safety: - Add gitdir path validation to verify the directory actually exists - Normalize relative gitdir paths to absolute for proper resolution - Add pwd directory check to handle edge cases - Use dirname with -- flag for safer path handling Portability: - Replace echo with printf throughout for consistent behavior - Use literal space/tab characters instead of [:space:] for POSIX compatibility - Rename shell_quote to shell_squote for clarity - Maintain set -f protection during pattern matching Simplification: - Streamline skip detection logic with cleaner patterns - Consolidate builtin command checks into single case statement - Remove unnecessary comments while keeping essential documentation - Cleaner whitespace detection using portable pattern The hook now properly validates that gitdir paths exist before treating them as worktrees, preventing false positives. Pattern matching is more portable across different POSIX shells, and printf usage eliminates echo's platform-specific quirks. All security improvements are retained: pathname expansion protection, proper single-quote escaping, and safe handling of background processes. * fix: restore [:space:] patterns and handle CRLF line endings Critical fixes and improvements to the bash worktree hook: Bug Fixes: - Handle CRLF line endings in .git files (Windows compatibility) * Strip trailing CR characters that break gitdir path parsing - Restore [:space:] character class for better Unicode support * Literal space/tab was too restrictive for international locales - Remove absolute path skip logic that broke many commands * Commands like `/usr/bin/npm install` still need correct cwd * Only skip builtins and commands that truly don't need directory context Performance: - Add fast-path exit when not in a worktree * Avoids unnecessary skip checks for common case - Remove redundant set -f globbing protection * Pattern matching doesn't trigger pathname expansion in case statements Clarity: - Streamline comments to be more concise - Quote original_command consistently - Better explain why absolute paths aren't skipped The hook now correctly handles Windows-created .git files with CRLF endings and properly supports all absolute-path commands that depend on the current working directory (which is most of them). * revert: remove dirname -- flag for broader compatibility Remove the '--' end-of-options flag from dirname command as it's not universally supported across all POSIX implementations. While '--' is good practice for handling filenames starting with dashes, dirname rarely encounters such edge cases in practice, and the compatibility issue is more pressing. Some older or minimal POSIX shells don't recognize '--' with dirname, causing the script to fail. Since we're already in a controlled loop walking up directory paths that come from pwd, the risk of dash-prefixed paths is negligible. Trade-off: Prioritizing compatibility over theoretical edge case protection. * Enhance context creation with comprehensive language detection Expand project detection capabilities to support 20+ programming languages and frameworks: - Add detection for JavaScript/TypeScript, Python (pyproject.toml), Java (Maven/Gradle), C#/.NET, Ruby, PHP, Dart/Flutter, Swift (including Xcode projects), C/C++, and Docker - Extend file type detection to include .ts, .jsx, .tsx, .kt, .cs, .rb, .php, .swift, .dart, .c, .h, .cpp, .hpp, and .sh files - Improve test detection to find both test directories and test files with common naming patterns (*test.*, *spec.*, test_*.*, *_test.*) - Exclude hidden directories in test detection for better performance This enhancement enables more accurate project analysis and better context creation across diverse development environments and technology stacks. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Expand comprehensive programming language support across all project components Complete systematic enhancement of language detection and build system support, following the comprehensive approach established in context/create.md: **Testing Framework Detection (.claude/commands/testing/prime.md):** - Add detection for PHP (PHPUnit, Pest), C#/.NET (MSTest, NUnit, xUnit), Java (JUnit/Maven/Gradle), Kotlin, Swift (XCTest), Dart/Flutter, C/C++ (GoogleTest, Catch2), Ruby (RSpec, Minitest) - Expand framework-specific configurations with proper commands and options - Add comprehensive dependency checking for all package managers - Include installation commands for all build systems (composer, mvn, gradle, dotnet, bundle, flutter, swift, ctest) - Add test file discovery patterns for all languages **Context Management Enhancement:** - Update dependency change detection in context/update.md for 11 build systems - Enhance context/prime.md project file analysis beyond basic detection - Maintain consistency with context/create.md comprehensive language support **Build System Integration:** - Expand pm/epic-merge.md test commands from 2 to 12 build systems - Add Maven, Gradle, Composer, .NET, Cargo, Go, Flutter, Swift, CMake support - Enable automated testing across all major development ecosystems **Infrastructure Support:** - Add bash permissions for 10 additional build tools in settings.local.json - Update process cleanup in test-execution.md and testing/run.md for all frameworks - Ensure consistent cross-language development workflow support This enhancement enables full development lifecycle support for 20+ programming languages and frameworks, providing consistent project detection, dependency management, testing, and build capabilities across diverse technology stacks. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Complete comprehensive programming language expansion with final enhancements Add final layer of language support improvements across infrastructure components: **Multi-Language Test Script (.claude/scripts/test-and-log.sh):** - Transform Python-only script to support 10+ languages and frameworks - Add intelligent test framework detection: Python (pytest), JavaScript/TypeScript (npm test, jest), Java (Maven, Gradle), C# (.NET), Ruby (RSpec), PHP (PHPUnit), Go, Rust, Swift, Dart/Flutter - Automatic file extension detection with appropriate test runner selection - Enhanced usage examples showing multi-language support **AST-Grep Language Reference (.claude/rules/use-ast-grep.md):** - Expand supported languages list from basic to comprehensive 50+ languages - Organize by categories: Primary Languages, Web & Markup, Configuration & Data, Shell & Scripts, and specialty languages - Add specific language codes for JavaScript/TypeScript variants, C/C++/C#, web frameworks (Vue, Svelte), and configuration formats (YAML, TOML, XML) **Issue Analysis Enhancement (.claude/commands/pm/issue-analyze.md):** - Generalize package.json references to support all project configuration files - Include build system coordination for Maven, Gradle, CMake, etc. **Test Runner Agent (.claude/agents/test-runner.md):** - Replace pytest-specific fallback with comprehensive multi-language fallback - Support framework detection and execution for all major testing ecosystems These enhancements complete the comprehensive language support initiative, ensuring consistent multi-language development workflow capabilities across all system components, from project detection to testing execution. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Fix ast-grep supported languages list to match official documentation Correct the ast-grep language support documentation to accurately reflect the actual 25 languages supported according to ast-grep.github.io: **Removed unsupported languages:** - Dart (not actually supported by ast-grep) - Vue, Svelte (framework-specific, not core languages) - SCSS, SASS, LESS (CSS preprocessors not supported) - TOML, XML (not in official support list) - PowerShell, shell variants beyond bash - OCaml and other languages incorrectly listed **Corrected to official 25 languages:** - System: C, C++, C#, Go, Rust - Web: JavaScript (js/jsx), TypeScript (ts), TSX, HTML, CSS, PHP - General: Python, Java, Kotlin, Ruby, Swift, Scala, Lua, Elixir, Haskell - Config: JSON, YAML - Other: Bash, Nix, Solidity **Updated examples:** - Use correct language aliases (js instead of javascript, ts instead of typescript) - Align with actual ast-grep command patterns This ensures accurate guidance for developers using ast-grep integration and prevents errors from referencing unsupported language identifiers. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Fix spelling error in README.md (#608) Bit of an inane PR but 🤷 * Fix path to install script in README.md (#570) * Add Chinese documentation and fix typo (#676) - Add Chinese documentation links in README.md, COMMANDS.md, and AGENTS.md - Fix typo: 'mutiple' -> 'multiple' in README.md - Include new Chinese documentation files in doc/ directory 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <[email protected]> * Fix: Prevent local file paths exposure in GitHub issue comments (#631) * Fix privacy issue: Add path standards validation and normalization - Add .claude/rules/path-standards.md with comprehensive path usage guidelines - Add .claude/scripts/check-path-standards.sh for automated validation - Add .claude/scripts/fix-path-standards.sh for automatic path normalization - Add documentation for path standards tools Addresses issue #630: Prevents local file paths from being exposed in GitHub issue comments, maintaining privacy and portability. Features: - Automatic detection of absolute path violations - Safe path normalization with backup support - Comprehensive validation with colored output - CI/CD integration ready - Cross-platform support (Unix/Windows paths) Author: Zephyr <[email protected]> * Fix PR feedback: Improve scripts and documentation - Enhanced shell error handling with 'set -Eeuo pipefail' - Fixed Windows path patterns in regex expressions - Added exclusions for rules and backup files to prevent false positives - Converted all Chinese text to English in documentation - Corrected path examples in standards documentation - Improved script robustness and cross-platform compatibility Addresses feedback from CodeRabbit AI and GitHub Copilot reviews. Author: Zephyr <[email protected]> * Polish: Final micro-optimizations for PR feedback - Fixed grammar issues in path-tools-README.md per LanguageTool feedback - Corrected path transformation examples in path-standards.md to match actual implementation - Ensured consistency between documentation examples and script behavior - Minor improvements for production-ready code quality All CodeRabbit AI and GitHub Copilot feedback addressed. Author: Zephyr <[email protected]> --------- Co-authored-by: dengzefeng <[email protected]> * Fix: Ensure GitHub issues are created in correct repository (#532) - Add explicit --repo flag to all gh issue create commands - Create repository detection configuration file - Handle both SSH and HTTPS git remote formats - Add validation and error handling for repository detection This prevents issues from being created in automazeio/ccpm instead of the user's actual repository. Co-authored-by: jodagreyhame <[email protected]> * Major Cleanup & Issue Resolution - 2025-01-24 (#953) * feat: Major cleanup and issue resolution - 2025-01-24 release ✨ NEW FEATURES: - Add comprehensive LOCAL_MODE.md guide for offline workflow - Auto-create GitHub labels (epic, task) during init - Modernize PM command syntax with !bash pattern - Add context accuracy safeguards with self-verification - Create comprehensive CHANGELOG.md documentation 🔧 IMPROVEMENTS: - Update 4 core PM commands to use efficient !bash syntax - Enhance init.sh with automatic GitHub label creation - Document context accuracy improvements in CONTEXT_ACCURACY.md - Streamline command definitions for better token efficiency 📊 IMPACT: - Resolves 10+ GitHub issues with comprehensive solutions - Enables true local-only development workflow - Reduces AI hallucination in context generation - Improves Claude Code compatibility and performance 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * fix: improve GitHub detection and error handling in init.sh Address GitHub Copilot feedback for better robustness: 🔧 IMPROVED REPOSITORY DETECTION: - Replace string matching with `gh repo view` for robust detection - Handles SSH URLs, GitHub Enterprise, and edge cases properly - Graceful fallback for non-GitHub repositories 🛡️ ENHANCED ERROR HANDLING: - Replace silent failures with meaningful user feedback - Track label creation success/failure individually - Check for existing labels before reporting errors - Clear status messages: success, partial, or failure 🧪 TESTED: - Bash syntax validation passed - Repository detection logic verified - Error handling scenarios tested Addresses high and medium priority feedback from Copilot review. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> --------- Co-authored-by: Claude <[email protected]> * Complete Directory Restructure & PM Command Modernization - Restructure from .claude/ to ccpm/ directory - Update all PM commands to use !bash execution syntax - Modernize command frontmatter for better token efficiency - Complete the missing directory restructuring from previous PRs This completes the architectural shift to the ccpm/ template structure. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * fix: correct script paths from .claude/ to ccpm/ in all PM commands All PM commands now properly reference ccpm/scripts/pm/ instead of the old .claude/scripts/pm/ paths. This completes the directory restructure that was partially implemented. - Fixed 28 script path references across all PM command files - Commands now correctly point to ccpm/scripts/pm/ location - Resolves issue where PM commands couldn't find their scripts 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]> * Update installation script URLs in README files - Changed installation script URLs from GitHub raw links to direct links at automaze.io for improved reliability. - Updated both English and Chinese README files to reflect the new URLs. - Ensured consistency across Unix/Linux/macOS and Windows installation instructions. This change enhances the user experience by providing a more stable source for installation scripts. 🤖 Generated with [Claude Code](https://claude.ai/code) * Update installation script URLs in README files to point to the new install path - Changed installation script URLs from the old path to the new `/install` path for improved clarity and reliability. - Updated both English and Chinese README files to reflect the new URLs. - Ensured consistency across Unix/Linux/macOS and Windows installation instructions. This change enhances the user experience by providing a clear and stable source for installation scripts. --------- Co-authored-by: James Ross <[email protected]> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Steven <[email protected]> Co-authored-by: Claude <[email protected]> Co-authored-by: Connor Adams <[email protected]> Co-authored-by: Stefan Legg <[email protected]> Co-authored-by: cyxer000 <[email protected]> Co-authored-by: Aka mo <[email protected]> Co-authored-by: dengzefeng <[email protected]> Co-authored-by: jodagreyhame <[email protected]> Co-authored-by: jodagreyhame <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR corrects the installation script path in documentation to point to the correct location in the repository.
Changes:
The install script was moved to the install/ directory but the documentation still referenced the old root location, causing 404 errors for users trying to install via the provided commands.
Summary by CodeRabbit