Compare commits

..

10 Commits

Author SHA1 Message Date
Drew Ritter ded04a41e3 fix(codex): suppress SessionStart hook auto-discovery with empty hooks object
Codex auto-discovers a plugin's hooks/hooks.json whenever the Codex
manifest has no `hooks` field: load_plugin_hooks falls back to a
hardcoded DEFAULT_HOOKS_CONFIG_FILE = "hooks/hooks.json" and registers
it. hooks/hooks.json is the Claude Code SessionStart hook, it is tracked
in this repo, and the Codex marketplace installs the whole repo root
(source url "./"), so the fallback re-registered the SessionStart hook
and its install-time trust prompt on Codex.

Removing the Codex hook file and the manifest `hooks` pointer (commit
"Remove Codex hooks") did not disable the hook on Codex — it removed the
explicit declaration that was overriding the fallback, so the fallback
took over and found the Claude hooks/hooks.json.

Declare an empty inline hooks object ({}) in .codex-plugin/plugin.json.
It parses as an empty inline hook set and stops Codex reaching the
auto-discovery fallback. An absent field, an empty array ([]), and an
empty inline list all collapse back to the fallback, so the value must
be exactly {}.

Update the test to assert the manifest declares hooks: {} (and that
hooks/hooks.json exists, which is what makes the declaration necessary),
replacing the prior assertion that the field was absent — which passed
while the hook was still being auto-discovered.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-30 15:38:20 -07:00
Jesse Vincent 8554b7215c Release v6.1.0: leaner per-session bootstrap, Codex marketplace install, Gemini removed
Bump all manifests to 6.1.0 and add RELEASE-NOTES for v6.1.0:
- Compress the using-superpowers bootstrap and prune per-harness
  tool-mapping references (lower per-session token cost).
- Add a Codex marketplace manifest so the plugin installs from Codex;
  drop the Codex SessionStart hook.
- Remove Gemini CLI support (Google EOLed the Gemini CLI 2026-06-18).
2026-06-30 10:29:02 -07:00
Jesse Vincent 9c9b9bd7c8 test(codex): assert Codex manifest ships no hooks
Commit 1f0c76e removed the Codex SessionStart hook — dropping the hooks
field from .codex-plugin/plugin.json and deleting hooks-codex.json — but
left test-marketplace-manifest.sh asserting the old hooks pointer, so the
test has failed on dev since. Assert the field is absent instead, locking
in the no-Codex-hooks decision.
2026-06-30 10:28:53 -07:00
Jesse Vincent 98b080041d Compress the using-superpowers bootstrap
The bootstrap is injected into every session, so its token cost is paid
constantly. Condense it without dropping behavior-shaping content:

- Replace the graphviz skill-flow diagram with the prose it encoded (the
  1% rule, the plan-mode to brainstorm gate, announce + checklist to todos).
- Fold the standalone Instruction-Priority section into User Instructions.
- Drop the per-platform 'How to Access Skills' walkthrough.
- Trim the Platform Adaptation pointer to the harnesses that still have a
  reference file (Codex, Pi, Antigravity).

Keeps the full Red Flags rationalization table, skill priority framed as
process-before-implementation, and user-instruction precedence.
2026-06-24 19:35:57 -07:00
Jesse Vincent 4000288dac Prune per-harness tool-mapping boilerplate
The verbose action-to-tool tables and skill-loading explainers in the
per-harness reference files restated guidance modern agents already
follow. Trim each file to the harness-specific notes that still carry
weight (subagent dispatch, task tracking, instructions-file paths), and
delete claude-code-tools.md and copilot-tools.md, which had nothing left
that wasn't generic.
2026-06-24 19:35:20 -07:00
Jesse Vincent 6be431b772 Remove Gemini CLI support
Google EOLed the Gemini CLI on 2026-06-18; the extension can no longer
be installed or updated. Remove Gemini from the install docs, the
subagent-capable platform lists, and the eval-harness description, and
delete its tool-mapping reference.
2026-06-24 19:34:40 -07:00
Jesse Vincent 1f0c76e0b0 Remove Codex hooks
Codex reliably triggers skills on its own, and the SessionStart hook
made the UX worse rather than better. Drop the Codex hook config and
its registration in the plugin manifest.
2026-06-24 19:33:57 -07:00
Ada Sen 321c8cd24c fix(codex): stop bootstrap re-firing on resume (match Claude startup|clear|compact)
Bug: the SessionStart hook matcher in hooks-codex.json included "resume",
causing the superpowers bootstrap to re-fire on every Codex session resume.

Fix: align with Claude's hooks/hooks.json matcher "startup|clear|compact":
- drop "resume" (the bug: resume should not trigger re-bootstrap)
- add "compact" (so bootstrap re-injects after context compaction, like Claude)

Before: "matcher": "startup|resume|clear"
After:  "matcher": "startup|clear|compact"
2026-06-23 16:15:56 -07:00
Jesse Vincent bfa3e4137a Keep Codex hooks manifest in plugin metadata
Prompt: Jesse questioned whether the PR should remove the hooks config from the Codex plugin manifest.

Runtime investigation showed Codex accepts a committed plugin manifest with hooks and installs the plugin successfully. Removing the field changes behavior: Codex falls back to the default hooks/hooks.json, which uses the non-Codex session-start hook and CLAUDE_PLUGIN_ROOT path, instead of hooks/hooks-codex.json and the session-start-codex script.

Changes: restore .codex-plugin/plugin.json hooks to ./hooks/hooks-codex.json and update the Codex marketplace manifest test to require that Codex-specific hook pointer instead of rejecting hooks.

Validation: bash tests/codex/test-marketplace-manifest.sh; scripts/lint-shell.sh tests/codex/test-marketplace-manifest.sh; bash tests/codex-plugin-sync/test-sync-to-codex-plugin.sh; bash tests/kimi/test-plugin-manifest.sh; bash tests/shell-lint/test-lint-shell.sh.
2026-06-22 11:51:28 -07:00
Jesse Vincent a17aaaef3a Add Codex marketplace manifest
Prompt: Jesse asked for a new worktree off the local superpowers dev branch to add the Codex manifest after diagnosing why github.com/obra/superpowers did not show installable Codex plugins.

Root cause: Codex marketplace sources expect a .agents/plugins/marketplace.json at the marketplace root. The superpowers repo only had the Claude marketplace file and the Codex plugin manifest, so Codex could configure the marketplace name but found no installable plugin entries.

Changes: add a repo-local Codex marketplace manifest for superpowers-dev that points at this same repository root via the same-root source pattern Codex already accepts; add a focused marketplace manifest test; remove the unsupported hooks field from .codex-plugin/plugin.json so the plugin validator accepts the manifest.

Validation: bash tests/codex/test-marketplace-manifest.sh; uv run --with PyYAML python /Users/jesse/.codex/skills/.system/plugin-creator/scripts/validate_plugin.py /Users/jesse/git/superpowers/superpowers/.worktrees/codex-marketplace-manifest; throwaway HOME codex plugin marketplace add/list/add; bash tests/codex-plugin-sync/test-sync-to-codex-plugin.sh; bash tests/kimi/test-plugin-manifest.sh; bash tests/shell-lint/test-lint-shell.sh; scripts/lint-shell.sh tests/codex/test-marketplace-manifest.sh.
2026-06-22 11:51:28 -07:00
26 changed files with 550 additions and 1056 deletions
+1 -1
View File
@@ -9,7 +9,7 @@
{ {
"name": "superpowers", "name": "superpowers",
"description": "Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques", "description": "Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques",
"version": "6.1.1", "version": "6.1.0",
"source": "./", "source": "./",
"author": { "author": {
"name": "Jesse Vincent", "name": "Jesse Vincent",
+1 -1
View File
@@ -1,7 +1,7 @@
{ {
"name": "superpowers", "name": "superpowers",
"description": "Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques", "description": "Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques",
"version": "6.1.1", "version": "6.1.0",
"author": { "author": {
"name": "Jesse Vincent", "name": "Jesse Vincent",
"email": "jesse@fsck.com" "email": "jesse@fsck.com"
+2 -2
View File
@@ -1,6 +1,6 @@
{ {
"name": "superpowers", "name": "superpowers",
"version": "6.1.1", "version": "6.1.0",
"description": "An agentic skills framework & software development methodology that works: planning, TDD, debugging, and collaboration workflows.", "description": "An agentic skills framework & software development methodology that works: planning, TDD, debugging, and collaboration workflows.",
"author": { "author": {
"name": "Jesse Vincent", "name": "Jesse Vincent",
@@ -27,7 +27,7 @@
"shortDescription": "Planning, TDD, debugging, and delivery workflows for coding agents", "shortDescription": "Planning, TDD, debugging, and delivery workflows for coding agents",
"longDescription": "Use Superpowers to guide agent work through brainstorming, implementation planning, test-driven development, systematic debugging, parallel execution, code review, and finish-the-branch workflows.", "longDescription": "Use Superpowers to guide agent work through brainstorming, implementation planning, test-driven development, systematic debugging, parallel execution, code review, and finish-the-branch workflows.",
"developerName": "Jesse Vincent", "developerName": "Jesse Vincent",
"category": "Developer Tools", "category": "Coding",
"capabilities": [ "capabilities": [
"Interactive", "Interactive",
"Read", "Read",
+1 -1
View File
@@ -2,7 +2,7 @@
"name": "superpowers", "name": "superpowers",
"displayName": "Superpowers", "displayName": "Superpowers",
"description": "Core skills library: TDD, debugging, collaboration patterns, and proven techniques", "description": "Core skills library: TDD, debugging, collaboration patterns, and proven techniques",
"version": "6.1.1", "version": "6.1.0",
"author": { "author": {
"name": "Jesse Vincent", "name": "Jesse Vincent",
"email": "jesse@fsck.com" "email": "jesse@fsck.com"
+1 -1
View File
@@ -1,6 +1,6 @@
{ {
"name": "superpowers", "name": "superpowers",
"version": "6.1.1", "version": "6.1.0",
"description": "An agentic skills framework and software development methodology.", "description": "An agentic skills framework and software development methodology.",
"author": { "author": {
"name": "Jesse Vincent", "name": "Jesse Vincent",
+1 -1
View File
@@ -101,7 +101,7 @@ Skills are not prose — they are code that shapes agent behavior. If you modify
## Eval harness ## Eval harness
Skill-behavior evals live in [superpowers-evals](https://github.com/prime-radiant-inc/superpowers-evals/), cloned into `evals/` — see `evals/README.md` for setup. Drill (the harness) drives real tmux sessions of Claude Code / Codex / Gemini CLI and judges skill compliance with an LLM verifier. Plugin-infrastructure tests still live at `tests/`. Skill-behavior evals live in [superpowers-evals](https://github.com/prime-radiant-inc/superpowers-evals/), cloned into `evals/` — see `evals/README.md` for setup. The harness drives real tmux sessions of Claude Code / Codex and judges skill compliance with an LLM verifier. Plugin-infrastructure tests still live at `tests/`.
## Understand the Project Before Contributing ## Understand the Project Before Contributing
+1 -15
View File
@@ -11,7 +11,7 @@ If this sounds like someone you know, definitely send them our way.
## Quickstart ## Quickstart
Give your agent Superpowers: [Claude Code](#claude-code), [Antigravity](#antigravity), [Codex App](#codex-app), [Codex CLI](#codex-cli), [Cursor](#cursor), [Factory Droid](#factory-droid), [Gemini CLI](#gemini-cli), [GitHub Copilot CLI](#github-copilot-cli), [Kimi Code](#kimi-code), [OpenCode](#opencode), [Pi](#pi). Give your agent Superpowers: [Claude Code](#claude-code), [Antigravity](#antigravity), [Codex App](#codex-app), [Codex CLI](#codex-cli), [Cursor](#cursor), [Factory Droid](#factory-droid), [GitHub Copilot CLI](#github-copilot-cli), [Kimi Code](#kimi-code), [OpenCode](#opencode), [Pi](#pi).
## How it works ## How it works
@@ -122,20 +122,6 @@ Superpowers is available via the [official Codex plugin marketplace](https://git
droid plugin install superpowers@superpowers droid plugin install superpowers@superpowers
``` ```
### Gemini CLI
- Install the extension:
```bash
gemini extensions install https://github.com/obra/superpowers
```
- Update later:
```bash
gemini extensions update superpowers
```
### GitHub Copilot CLI ### GitHub Copilot CLI
- Register the marketplace: - Register the marketplace:
-11
View File
@@ -1,16 +1,5 @@
# Superpowers Release Notes # Superpowers Release Notes
## v6.1.1 (2026-07-02)
### Codex
- **Codex no longer re-registers the Claude SessionStart hook.** v6.1.0 removed the Codex hook config and its manifest `hooks` pointer, meaning to stop Codex from installing a SessionStart hook — but with no `hooks` field, Codex fell back to auto-discovering `hooks/hooks.json`, the Claude Code SessionStart hook that the marketplace ships from the repo root, and re-registered it along with its install-time trust prompt. The Codex manifest now declares an explicit empty hooks object (`hooks: {}`), which Codex reads as "no hooks" instead of reaching the auto-discovery fallback. An absent field, `[]`, and an empty inline list all collapse back to the fallback, so the value has to be exactly `{}`.
- **Removed orphaned Codex session-start dead code.** `hooks/session-start-codex` had no caller once the Codex hook config was deleted, so it and its redundant test cases are gone. The worked shell-hook example in `docs/porting-to-a-new-harness.md` moves from Codex — now native skill discovery with no session-start hook — to Cursor, a live shell-hook harness, and the stale `hooks-codex.json` pointer in `docs/windows/polyglot-hooks.md` is corrected. The Codex plugin category is also fixed to "Developer Tools".
### Packaging
- **New `package-codex-plugin.sh` for building the Codex portal package.** A maintainer script produces a deterministic Codex "portal" archive — `.zip` by default, `tar.gz` on request — that normalizes entry timestamps, preserves executable modes, verifies every packaged skill ships its OpenAI metadata, includes the app and composer icons, and refuses to run against a dirty worktree. The packaged manifest keeps the source `hooks: {}` object so a portal-installed plugin avoids the same SessionStart auto-discovery, and the script can rebuild a byte-identical archive from a saved metadata source. Covered by a new test suite.
## v6.1.0 (2026-06-30) ## v6.1.0 (2026-06-30)
### Lower Per-Session Token Cost ### Lower Per-Session Token Cost
+24 -25
View File
@@ -90,7 +90,7 @@ every session, with no per-session opt-in by your human partner.** This is the
one non-negotiable capability. It can take any form: one non-negotiable capability. It can take any form:
- a **hook/event system** that runs a shell command at session start and reads - a **hook/event system** that runs a shell command at session start and reads
its stdout (Claude Code, Cursor, Copilot CLI), or its stdout (Claude Code, Codex, Cursor, Copilot CLI), or
- an **in-process plugin/extension** with a session-start or message lifecycle - an **in-process plugin/extension** with a session-start or message lifecycle
callback that can mutate the message array (OpenCode, pi), or callback that can mutate the message array (OpenCode, pi), or
- an **instructions-file** convention where the harness loads a context file that - an **instructions-file** convention where the harness loads a context file that
@@ -227,20 +227,18 @@ you may **not** do is bridge a gap by editing the user's global config.
The harness has a hook system that runs a shell command at session start and The harness has a hook system that runs a shell command at session start and
reads JSON from its stdout. The configured command runs `run-hook.cmd`, a reads JSON from its stdout. The configured command runs `run-hook.cmd`, a
polyglot wrapper that just locates bash and dispatches the named script; the polyglot wrapper that just locates bash and dispatches the named script; the
script (`hooks/session-start`, or a harness-specific variant) is what reads script (`hooks/session-start`, or a harness-specific variant like
`using-superpowers/SKILL.md` and prints a JSON object whose **field name and `hooks/session-start-codex`) is what reads `using-superpowers/SKILL.md` and
nesting differ per harness**. prints a JSON object whose **field name and nesting differ per harness**.
- Reference: `hooks/session-start`, `hooks/run-hook.cmd`, and the per-harness - Reference: `hooks/session-start` (and `hooks/session-start-codex`),
hook config `hooks/hooks.json` (Claude Code) and `hooks/hooks-cursor.json` `hooks/run-hook.cmd`, and the per-harness hook config `hooks/hooks.json`
(Claude Code), `hooks/hooks-codex.json` (Codex), `hooks/hooks-cursor.json`
(Cursor). (Cursor).
- Manifests: `.cursor-plugin/plugin.json` is the Shape A manifest example that - Manifests: `.codex-plugin/plugin.json`, `.cursor-plugin/plugin.json` point the
points the harness at `./skills/` and the right `hooks-*.json`. Claude Code's harness at `./skills/` and the right `hooks-*.json`. (Claude Code's
`.claude-plugin/plugin.json` sets neither field — it auto-discovers `skills/` `.claude-plugin/plugin.json` sets neither field — it auto-discovers `skills/`
and `hooks/hooks.json` by convention. Do **not** copy Codex's and `hooks/hooks.json` by convention.)
`.codex-plugin/plugin.json` for Shape A: it declares an empty `hooks` object
specifically to suppress Codex's `hooks/hooks.json` auto-discovery, because
Codex surfaces skills natively and runs no session-start hook.
> **A hook *system* is not a session-start *event*.** A harness can have a > **A hook *system* is not a session-start *event*.** A harness can have a
> `hooks.json` mechanism — and even contain the literal string `SessionStart` in > `hooks.json` mechanism — and even contain the literal string `SessionStart` in
@@ -289,7 +287,7 @@ part of the installed extension** — never substitute "edit the user's global
| If the harness… | Use shape | Copy from | | If the harness… | Use shape | Copy from |
|---|---|---| |---|---|---|
| runs a shell command at session start and reads its stdout | A (shell-hook) | Cursor (`hooks/session-start` + `hooks/hooks-cursor.json` + `.cursor-plugin/`) | | runs a shell command at session start and reads its stdout | A (shell-hook) | Codex (`hooks/session-start-codex` + `hooks/hooks-codex.json` + `.codex-plugin/`) |
| is a JS/TS plugin host with session/message lifecycle callbacks | B (in-process) | OpenCode (`.opencode/`) — or pi (`.pi/`) if it has no native skill tool | | is a JS/TS plugin host with session/message lifecycle callbacks | B (in-process) | OpenCode (`.opencode/`) — or pi (`.pi/`) if it has no native skill tool |
| ships an extension-declared context file it always loads | C (instructions-file) | Gemini (`gemini-extension.json` + `GEMINI.md` + `references/gemini-tools.md`) | | ships an extension-declared context file it always loads | C (instructions-file) | Gemini (`gemini-extension.json` + `GEMINI.md` + `references/gemini-tools.md`) |
| has a plugin install command and a manifest `contextFileName` (or equivalent) the installer keeps | C via the plugin installer | Antigravity (`.antigravity-plugin/``agy plugin install` ships a generated context file; verify the installer preserves it — Part 6) | | has a plugin install command and a manifest `contextFileName` (or equivalent) the installer keeps | C via the plugin installer | Antigravity (`.antigravity-plugin/``agy plugin install` ships a generated context file; verify the installer preserves it — Part 6) |
@@ -311,7 +309,7 @@ patterns below are summaries; the code is the spec.
Create whatever the harness uses to recognize the plugin. Match the existing Create whatever the harness uses to recognize the plugin. Match the existing
ones in spirit: ones in spirit:
- **Shape A:** a `*-plugin/plugin.json` (see `.cursor-plugin/plugin.json`) with - **Shape A:** a `*-plugin/plugin.json` (see `.codex-plugin/plugin.json`) with
`name`, `version`, `description`, author/license/keywords, `"skills": `name`, `version`, `description`, author/license/keywords, `"skills":
"./skills/"`, and `"hooks": "./hooks/hooks-<harness>.json"`. Plus the "./skills/"`, and `"hooks": "./hooks/hooks-<harness>.json"`. Plus the
`hooks-<harness>.json` itself, registering a session-start hook whose command `hooks-<harness>.json` itself, registering a session-start hook whose command
@@ -377,24 +375,25 @@ both double-injects). Find the
exact field, nesting, and event-matcher values your harness expects. Then exact field, nesting, and event-matcher values your harness expects. Then
decide: add a fourth branch to `hooks/session-start`, or — if the harness needs decide: add a fourth branch to `hooks/session-start`, or — if the harness needs
a different bootstrap message or env contract — add a dedicated a different bootstrap message or env contract — add a dedicated
`hooks/session-start-<harness>` script. If you add a branch `hooks/session-start-<harness>` script, the way Codex did. If you add a branch
and your harness *also* sets an env var an earlier branch keys on (some harnesses and your harness *also* sets an env var an earlier branch keys on (some harnesses
set `CLAUDE_PLUGIN_ROOT` too), order your branch before the one that would set `CLAUDE_PLUGIN_ROOT` too), order your branch before the one that would
otherwise shadow it. Match the harness's otherwise shadow it. Match the harness's
own event-matcher strings (Claude Code uses `startup|clear|compact`, Cursor own event-matcher strings (Claude Code uses `startup|clear|compact`, Codex
`sessionStart`); wrong matchers mean the hook silently never fires. `startup|resume|clear`, Cursor `sessionStart`); wrong matchers mean the hook
silently never fires.
The **hook-config schema itself varies per harness** — don't assume the The **hook-config schema itself varies per harness** — don't assume the
Claude Code shape is universal. Compare `hooks/hooks.json` and Claude/Codex shape is universal. Compare `hooks/hooks.json`,
`hooks/hooks-cursor.json`: Cursor's uses `hooks/hooks-codex.json`, and `hooks/hooks-cursor.json`: Cursor's uses
`"version": 1`, a lowercase `sessionStart` key, a relative `"version": 1`, a lowercase `sessionStart` key, a relative
`./hooks/run-hook.cmd` command, and omits the `matcher`/`type`/`async` fields `./hooks/run-hook.cmd` command, and omits the `matcher`/`type`/`async` fields the
Claude Code uses. Match your `hooks-<harness>.json` to whichever existing file is others use. Match your `hooks-<harness>.json` to whichever existing file is
closest, not to a single canonical template. closest, not to a single canonical template.
The hook **command string references a harness-provided plugin-root variable**, The hook **command string references a harness-provided plugin-root variable**,
and its name differs per harness: `hooks.json` uses `${CLAUDE_PLUGIN_ROOT}`, and its name differs per harness: `hooks.json` uses `${CLAUDE_PLUGIN_ROOT}`,
`hooks-cursor.json` uses a relative path. Use `hooks-codex.json` uses `${PLUGIN_ROOT}`, Cursor uses a relative path. Use
whatever your harness exports. (The `session-start` script re-derives the root whatever your harness exports. (The `session-start` script re-derives the root
itself via `dirname`, so the script body doesn't depend on this — but the itself via `dirname`, so the script body doesn't depend on this — but the
command in the manifest does.) command in the manifest does.)
@@ -785,7 +784,7 @@ Use this as the live index; when in doubt, read the files, not this table.
| Harness | Entry point | Bootstrap mechanism | Tool mapping | Tests | Distribution | | Harness | Entry point | Bootstrap mechanism | Tool mapping | Tests | Distribution |
|---|---|---|---|---|---| |---|---|---|---|---|---|
| Claude Code | `.claude-plugin/plugin.json` + `hooks/hooks.json` | shell hook → `hooks/session-start` (`hookSpecificOutput.additionalContext`) | native `Skill` tool; `references/claude-code-tools.md` | `tests/hooks/` | marketplace | | Claude Code | `.claude-plugin/plugin.json` + `hooks/hooks.json` | shell hook → `hooks/session-start` (`hookSpecificOutput.additionalContext`) | native `Skill` tool; `references/claude-code-tools.md` | `tests/hooks/` | marketplace |
| Codex | `.codex-plugin/plugin.json` (declares empty `hooks`) | native skill discovery (no session-start hook) | `references/codex-tools.md` | `tests/codex/`, `tests/codex-plugin-sync/` | fork sync (`scripts/sync-to-codex-plugin.sh`) | | Codex | `.codex-plugin/plugin.json` + `hooks/hooks-codex.json` | shell hook → `hooks/session-start-codex` | `references/codex-tools.md` | `tests/codex-plugin-sync/`, `tests/hooks/` | fork sync (`scripts/sync-to-codex-plugin.sh`) |
| Cursor | `.cursor-plugin/plugin.json` + `hooks/hooks-cursor.json` | shell hook → `hooks/session-start` (`additional_context`) | `references/claude-code-tools.md` | `tests/hooks/` | hand-authored | | Cursor | `.cursor-plugin/plugin.json` + `hooks/hooks-cursor.json` | shell hook → `hooks/session-start` (`additional_context`) | `references/claude-code-tools.md` | `tests/hooks/` | hand-authored |
| Copilot CLI | (shares Claude Code hook path; `COPILOT_CLI` env) | shell hook → `hooks/session-start` (`additionalContext`) | `references/copilot-tools.md` | `tests/hooks/` | — | | Copilot CLI | (shares Claude Code hook path; `COPILOT_CLI` env) | shell hook → `hooks/session-start` (`additionalContext`) | `references/copilot-tools.md` | `tests/hooks/` | — |
| Gemini CLI | `gemini-extension.json` + `GEMINI.md` | instructions file `@`-includes bootstrap + mapping | `references/gemini-tools.md` | — | `gemini extensions install` | | Gemini CLI | `gemini-extension.json` + `GEMINI.md` | instructions file `@`-includes bootstrap + mapping | `references/gemini-tools.md` | — | `gemini extensions install` |
@@ -800,10 +799,10 @@ Use this as the live index; when in doubt, read the files, not this table.
- **Wrong JSON field → silent failure or double injection.** Shape A only. - **Wrong JSON field → silent failure or double injection.** Shape A only.
Confirm the exact field/nesting; Claude Code reads two fields without dedup. Confirm the exact field/nesting; Claude Code reads two fields without dedup.
- **Hook-config schema varies per harness.** Shape A. Cursor's `hooks-cursor.json` - **Hook-config schema varies per harness.** Shape A. Cursor's `hooks-cursor.json`
looks nothing like the Claude Code one (`version`, lowercase `sessionStart`, looks nothing like the Claude/Codex one (`version`, lowercase `sessionStart`,
relative command, no `matcher`/`type`/`async`). Match the closest existing file. relative command, no `matcher`/`type`/`async`). Match the closest existing file.
- **Plugin-root env var differs per harness.** Shape A. The hook command uses - **Plugin-root env var differs per harness.** Shape A. The hook command uses
`${CLAUDE_PLUGIN_ROOT}` (Claude) or a relative path `${CLAUDE_PLUGIN_ROOT}` (Claude), `${PLUGIN_ROOT}` (Codex), or a relative path
(Cursor). Use what your harness exports; the script re-derives the root itself. (Cursor). Use what your harness exports; the script re-derives the root itself.
- **System-message injection.** Shape B injects a *user* message on purpose - **System-message injection.** Shape B injects a *user* message on purpose
(#750, #894). Don't "fix" it to a system message. (#750, #894). Don't "fix" it to a system message.
+1 -1
View File
@@ -140,7 +140,7 @@ Check that the script filename is **extensionless** in `hooks.json`. A command l
### Hook doesn't fire at all ### Hook doesn't fire at all
Verify the `matcher` in `hooks.json` matches the event type your harness emits. Claude Code uses `startup|clear|compact`; Cursor uses `sessionStart`. Check `hooks-cursor.json` for the Cursor variant. Verify the `matcher` in `hooks.json` matches the event type your harness emits. Claude Code uses `startup|clear|compact`; Codex uses `startup|resume|clear`. Check `hooks-codex.json` for the Codex variant.
## Related Issues ## Related Issues
+1 -1
View File
@@ -1,6 +1,6 @@
{ {
"name": "superpowers", "name": "superpowers",
"description": "Core skills library: TDD, debugging, collaboration patterns, and proven techniques", "description": "Core skills library: TDD, debugging, collaboration patterns, and proven techniques",
"version": "6.1.1", "version": "6.1.0",
"contextFileName": "GEMINI.md" "contextFileName": "GEMINI.md"
} }
+26
View File
@@ -0,0 +1,26 @@
#!/usr/bin/env bash
# Codex SessionStart hook for superpowers plugin
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PLUGIN_ROOT="$(cd "${SCRIPT_DIR}/.." && pwd)"
using_superpowers_content=$(cat "${PLUGIN_ROOT}/skills/using-superpowers/SKILL.md" 2>&1 || echo "Error reading using-superpowers skill")
escape_for_json() {
local s="$1"
s="${s//\\/\\\\}"
s="${s//\"/\\\"}"
s="${s//$'\n'/\\n}"
s="${s//$'\r'/\\r}"
s="${s//$'\t'/\\t}"
printf '%s' "$s"
}
using_superpowers_escaped=$(escape_for_json "$using_superpowers_content")
session_context="<EXTREMELY_IMPORTANT>\nYou have superpowers.\n\n**Below is the full content of your 'superpowers:using-superpowers' skill - your introduction to using skills. For all other skills, follow the Codex skill-loading instructions in that skill:**\n\n${using_superpowers_escaped}\n</EXTREMELY_IMPORTANT>"
printf '{\n "hookSpecificOutput": {\n "hookEventName": "SessionStart",\n "additionalContext": "%s"\n }\n}\n' "$session_context" | cat
exit 0
+1 -1
View File
@@ -1,6 +1,6 @@
{ {
"name": "superpowers", "name": "superpowers",
"version": "6.1.1", "version": "6.1.0",
"description": "Superpowers skills and runtime bootstrap for coding agents", "description": "Superpowers skills and runtime bootstrap for coding agents",
"type": "module", "type": "module",
"main": ".opencode/plugins/superpowers.js", "main": ".opencode/plugins/superpowers.js",
-342
View File
@@ -1,342 +0,0 @@
#!/usr/bin/env bash
#
# Package the Superpowers Codex plugin as a rootless archive for portal upload.
#
# The Codex portal artifact differs from the old openai/plugins sync flow:
# it is a standalone archive, but it still needs the OpenAI-owned
# skills/*/agents/openai.yaml metadata that used to be preserved from the
# destination plugin repo. Seed that metadata from a prior official package.
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
REF="HEAD"
OUTPUT=""
FORMAT=""
METADATA_SOURCE=""
ALLOW_DIRTY=0
KEEP_STAGE=0
usage() {
cat <<'EOF'
Usage:
scripts/package-codex-plugin.sh [options]
Options:
--output PATH Write archive to PATH.
Default: ../_tmp/sup-codex-packaging/superpowers-VERSION.zip
--format FORMAT Archive format: zip or tar.gz. Default: zip.
If --output ends in .zip, .tar.gz, or .tgz, that
extension is used when --format is omitted.
--metadata-source PATH Prior official package directory, .zip, or .tar.gz used to
seed skills/*/agents/openai.yaml.
Default: ../_tmp/sup-codex-packaging/superpowers,
falling back to superpowers.zip, then superpowers.tar.gz
--ref REF Git ref to package. Default: HEAD.
--allow-dirty Permit a dirty working tree. The archive still uses --ref.
--keep-stage Print and keep the temporary staging directory.
-h, --help Show this help.
The archive is rootless: .codex-plugin/, assets/, skills/, README.md, LICENSE,
and CODE_OF_CONDUCT.md sit at the archive root. Source-only repo files, hooks, tests,
docs, and other harness manifests are intentionally not shipped.
EOF
}
die() {
echo "ERROR: $*" >&2
exit 1
}
while [[ $# -gt 0 ]]; do
case "$1" in
--output)
[[ $# -ge 2 ]] || die "--output requires a path"
OUTPUT="$2"
shift 2
;;
--format)
[[ $# -ge 2 ]] || die "--format requires a value"
case "$2" in
zip)
FORMAT="zip"
;;
tar.gz|tgz)
FORMAT="tar.gz"
;;
*)
die "--format must be zip or tar.gz"
;;
esac
shift 2
;;
--metadata-source)
[[ $# -ge 2 ]] || die "--metadata-source requires a path"
METADATA_SOURCE="$2"
shift 2
;;
--ref)
[[ $# -ge 2 ]] || die "--ref requires a value"
REF="$2"
shift 2
;;
--allow-dirty)
ALLOW_DIRTY=1
shift
;;
--keep-stage)
KEEP_STAGE=1
shift
;;
-h|--help)
usage
exit 0
;;
*)
echo "Unknown arg: $1" >&2
usage >&2
exit 2
;;
esac
done
infer_format_from_output() {
local output_path="$1"
case "$output_path" in
*.tar.gz|*.tgz)
printf '%s\n' "tar.gz"
;;
*.zip)
printf '%s\n' "zip"
;;
*)
return 1
;;
esac
}
if [[ -z "$FORMAT" ]]; then
FORMAT="$(infer_format_from_output "$OUTPUT" || true)"
if [[ -z "$FORMAT" ]]; then
FORMAT="zip"
fi
else
output_format="$(infer_format_from_output "$OUTPUT" || true)"
if [[ -n "$output_format" && "$output_format" != "$FORMAT" ]]; then
die "--output extension does not match --format $FORMAT: $OUTPUT"
fi
fi
command -v git >/dev/null || die "git not found in PATH"
command -v jq >/dev/null || die "jq not found in PATH"
command -v tar >/dev/null || die "tar not found in PATH"
command -v gzip >/dev/null || die "gzip not found in PATH"
command -v shasum >/dev/null || die "shasum not found in PATH"
if [[ "$FORMAT" == "zip" ]]; then
command -v zip >/dev/null || die "zip not found in PATH"
command -v unzip >/dev/null || die "unzip not found in PATH"
fi
[[ -d "$REPO_ROOT/.git" ]] || die "repo root is not a git checkout: $REPO_ROOT"
git -C "$REPO_ROOT" rev-parse --verify "$REF^{commit}" >/dev/null ||
die "git ref does not resolve to a commit: $REF"
if [[ "$ALLOW_DIRTY" -ne 1 ]]; then
dirty_status="$(git -C "$REPO_ROOT" status --porcelain --untracked-files=all)"
if [[ -n "$dirty_status" ]]; then
echo "Working tree has uncommitted changes:" >&2
printf '%s\n' "$dirty_status" | sed 's/^/ /' >&2
die "commit or stash changes first, or pass --allow-dirty to package $REF anyway"
fi
fi
if [[ -z "$METADATA_SOURCE" ]]; then
if [[ -d "$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers" ]]; then
METADATA_SOURCE="$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers"
elif [[ -f "$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers.zip" ]]; then
METADATA_SOURCE="$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers.zip"
elif [[ -f "$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers.tar.gz" ]]; then
METADATA_SOURCE="$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers.tar.gz"
else
die "no metadata source found; pass --metadata-source <prior package dir, zip, or tar.gz>"
fi
fi
WORK_DIR="$(mktemp -d "${TMPDIR:-/tmp}/superpowers-codex-package.XXXXXX")"
STAGE="$WORK_DIR/payload"
METADATA_WORK="$WORK_DIR/metadata"
ARCHIVE_LIST="$WORK_DIR/archive-list"
cleanup() {
if [[ "$KEEP_STAGE" -eq 1 ]]; then
echo "Keeping staging directory: $WORK_DIR" >&2
else
rm -rf "$WORK_DIR"
fi
}
trap cleanup EXIT
mkdir -p "$STAGE" "$METADATA_WORK"
metadata_root_from_dir() {
local candidate="$1"
local nested
if [[ -d "$candidate/skills" ]]; then
printf '%s\n' "$candidate"
return 0
fi
nested="$(find "$candidate" -mindepth 2 -maxdepth 2 -type d -name skills -print -quit)"
if [[ -n "$nested" ]]; then
dirname "$nested"
return 0
fi
return 1
}
prepare_metadata_root() {
local source="$1"
local root
if [[ -d "$source" ]]; then
root="$(cd "$source" && pwd)"
elif [[ -f "$source" ]]; then
case "$source" in
*.tar.gz|*.tgz)
tar -xzf "$source" -C "$METADATA_WORK"
root="$METADATA_WORK"
;;
*.zip)
command -v unzip >/dev/null || die "unzip not found in PATH"
unzip -q "$source" -d "$METADATA_WORK"
root="$METADATA_WORK"
;;
*)
die "metadata source must be a directory, .zip, or .tar.gz: $source"
;;
esac
else
die "metadata source does not exist: $source"
fi
metadata_root_from_dir "$root" ||
die "metadata source does not contain a skills/ directory: $source"
}
METADATA_ROOT="$(prepare_metadata_root "$METADATA_SOURCE")"
git -C "$REPO_ROOT" archive --format=tar "$REF" -- \
.codex-plugin \
CODE_OF_CONDUCT.md \
LICENSE \
README.md \
assets \
skills \
| tar -xf - -C "$STAGE"
VERSION="$(jq -r '.version // empty' "$STAGE/.codex-plugin/plugin.json")"
[[ -n "$VERSION" ]] || die "could not read version from .codex-plugin/plugin.json"
if [[ -z "$OUTPUT" ]]; then
case "$FORMAT" in
zip)
OUTPUT="$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers-$VERSION.zip"
;;
tar.gz)
OUTPUT="$REPO_ROOT/../_tmp/sup-codex-packaging/superpowers-$VERSION.tar.gz"
;;
esac
fi
mkdir -p "$(dirname "$OUTPUT")"
OUTPUT="$(cd "$(dirname "$OUTPUT")" && pwd)/$(basename "$OUTPUT")"
missing_metadata=0
while IFS= read -r skill_dir; do
skill_name="${skill_dir##*/}"
metadata_file="$METADATA_ROOT/skills/$skill_name/agents/openai.yaml"
if [[ ! -f "$metadata_file" ]]; then
echo "Missing OpenAI agent metadata for skill: $skill_name" >&2
missing_metadata=1
continue
fi
mkdir -p "$skill_dir/agents"
cp "$metadata_file" "$skill_dir/agents/openai.yaml"
done < <(find "$STAGE/skills" -mindepth 1 -maxdepth 1 -type d -print | sort)
if [[ "$missing_metadata" -ne 0 ]]; then
die "metadata source is incomplete"
fi
skill_count="$(find "$STAGE/skills" -mindepth 1 -maxdepth 1 -type d | wc -l | tr -d ' ')"
metadata_count="$(find "$STAGE/skills" -path '*/agents/openai.yaml' -type f | wc -l | tr -d ' ')"
[[ "$skill_count" == "$metadata_count" ]] ||
die "metadata count mismatch: $metadata_count metadata files for $skill_count skills"
(
cd "$STAGE"
{
find . -mindepth 1 -type d | sed 's#^\./##' | LC_ALL=C sort
find . -mindepth 1 -type f | sed 's#^\./##' | LC_ALL=C sort
} >"$ARCHIVE_LIST"
)
case "$FORMAT" in
zip)
# ZIP cannot represent dates earlier than 1980.
TZ=UTC find "$STAGE" -exec touch -t 198001010000 {} +
(
cd "$STAGE"
rm -f "$OUTPUT"
COPYFILE_DISABLE=1 zip -X -q - -@ <"$ARCHIVE_LIST" >"$OUTPUT"
)
;;
tar.gz)
# Match the prior official archive's deterministic tar entry metadata.
TZ=UTC find "$STAGE" -exec touch -t 197001010000 {} +
(
cd "$STAGE"
rm -f "$OUTPUT"
COPYFILE_DISABLE=1 tar -cf - --no-recursion --format ustar --uid 0 --gid 0 --uname '' --gname '' -T "$ARCHIVE_LIST" |
gzip -9n >"$OUTPUT"
)
;;
esac
if command -v xattr >/dev/null 2>&1; then
xattr -c "$OUTPUT" 2>/dev/null || true
fi
case "$FORMAT" in
zip)
archive_paths="$(unzip -Z1 "$OUTPUT" | sed 's#/$##')"
;;
tar.gz)
archive_paths="$(tar -tzf "$OUTPUT")"
;;
esac
unexpected_paths="$(
printf '%s\n' "$archive_paths" |
grep -E '(^superpowers/|^\.agents/|^hooks/|package\.json$|^\.git|^\.pytest_cache|^\.ruff_cache|^scripts/|^tests/|^docs/|^evals/|^lib/|^\.claude|^\.cursor|^\.kimi|^\.opencode|^\.pi|^AGENTS\.md$|^CLAUDE\.md$|^GEMINI\.md$|^RELEASE-NOTES\.md$|^CHANGELOG\.md$)' || true
)"
if [[ -n "$unexpected_paths" ]]; then
printf '%s\n' "$unexpected_paths" | sed 's/^/ /' >&2
die "archive contains source-only paths"
fi
entry_count="$(printf '%s\n' "$archive_paths" | wc -l | tr -d ' ')"
checksum="$(shasum -a 256 "$OUTPUT" | awk '{print $1}')"
echo "Archive: $OUTPUT"
echo "Format: $FORMAT"
echo "Version: $VERSION"
echo "Entries: $entry_count"
echo "Skills: $skill_count"
echo "SHA-256: $checksum"
-7
View File
@@ -74,13 +74,6 @@ On Windows, the script auto-detects and switches to foreground mode (which block
scripts/start-server.sh --project-dir /path/to/project --open scripts/start-server.sh --project-dir /path/to/project --open
``` ```
**Gemini CLI:**
```bash
# Use --foreground and set is_background: true on your shell tool call
# so the process survives across turns
scripts/start-server.sh --project-dir /path/to/project --open --foreground
```
**Copilot CLI:** **Copilot CLI:**
```bash ```bash
# Use --foreground and start the server via the bash tool with mode: "async" # Use --foreground and start the server via the bash tool with mode: "async"
+12 -6
View File
@@ -11,16 +11,15 @@ Load plan, review critically, execute all tasks, report when complete.
**Announce at start:** "I'm using the executing-plans skill to implement this plan." **Announce at start:** "I'm using the executing-plans skill to implement this plan."
**Note:** Tell your human partner that Superpowers works much better with access to subagents. The quality of its work will be significantly higher if run on a platform with subagent support (Claude Code, Codex CLI, Codex App, Copilot CLI, and Gemini CLI all qualify; see the per-platform tool refs in `../using-superpowers/references/`). If subagents are available, use superpowers:subagent-driven-development instead of this skill. **Note:** Tell your human partner that Superpowers works much better with access to subagents. The quality of its work will be significantly higher if run on a platform with subagent support (Claude Code, Codex CLI, Codex App, and Copilot CLI all qualify; see the per-platform tool refs in `../using-superpowers/references/`). If subagents are available, use superpowers:subagent-driven-development instead of this skill.
## The Process ## The Process
### Step 1: Load and Review Plan ### Step 1: Load and Review Plan
1. Ensure an isolated workspace: use superpowers:using-git-worktrees to create one or verify the existing one 1. Read plan file
2. Read plan file 2. Review critically - identify any questions or concerns about the plan
3. Review critically - identify any questions or concerns about the plan 3. If concerns: Raise them with your human partner before starting
4. If concerns: Raise them with your human partner before starting 4. If no concerns: Create todos for the plan items and proceed
5. If no concerns: Create todos for the plan items and proceed
### Step 2: Execute Tasks ### Step 2: Execute Tasks
@@ -62,3 +61,10 @@ After all tasks complete and verified:
- Reference skills when plan says to - Reference skills when plan says to
- Stop when blocked, don't guess - Stop when blocked, don't guess
- Never start implementation on main/master branch without explicit user consent - Never start implementation on main/master branch without explicit user consent
## Integration
**Required workflow skills:**
- **superpowers:using-git-worktrees** - Ensures isolated workspace (creates one or verifies existing)
- **superpowers:writing-plans** - Creates the plan this skill executes
- **superpowers:finishing-a-development-branch** - Complete development after all tasks
+112 -72
View File
@@ -1,58 +1,71 @@
--- ---
name: finishing-a-development-branch name: finishing-a-development-branch
description: Use when implementation is complete, all tests pass, and you need to decide how to integrate the work description: Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
--- ---
# Finishing a Development Branch # Finishing a Development Branch
## Overview ## Overview
Guide completion of development work by presenting clear options and handling chosen workflow.
**Core principle:** Verify tests → Detect environment → Present options → Execute choice → Clean up. **Core principle:** Verify tests → Detect environment → Present options → Execute choice → Clean up.
**Announce at start:** "I'm using the finishing-a-development-branch skill to complete this work." **Announce at start:** "I'm using the finishing-a-development-branch skill to complete this work."
## Step 1: Verify Tests ## The Process
Run the project's full test suite (`npm test` / `cargo test` / `pytest` / `go test ./...`). ### Step 1: Verify Tests
**If tests fail**, report the failures and stop — the menu comes after a green suite: **Before presenting options, verify tests pass:**
```bash
# Run project's test suite
npm test / cargo test / pytest / go test ./...
```
**If tests fail:**
``` ```
Tests failing (<N> failures). Must fix before completing: Tests failing (<N> failures). Must fix before completing:
[Show failures] [Show failures]
Cannot proceed with merge/PR until tests pass.
``` ```
**If tests pass:** continue to Step 2. Stop. Don't proceed to Step 2.
## Step 2: Detect Environment **If tests pass:** Continue to Step 2.
### Step 2: Detect Environment
**Determine workspace state before presenting options:**
```bash ```bash
GIT_DIR=$(cd "$(git rev-parse --git-dir)" 2>/dev/null && pwd -P) GIT_DIR=$(cd "$(git rev-parse --git-dir)" 2>/dev/null && pwd -P)
GIT_COMMON=$(cd "$(git rev-parse --git-common-dir)" 2>/dev/null && pwd -P) GIT_COMMON=$(cd "$(git rev-parse --git-common-dir)" 2>/dev/null && pwd -P)
# Capture now, while still inside the workspace — Step 5 changes directory
# before cleanup (Step 6) needs this value
WORKTREE_PATH=$(git rev-parse --show-toplevel)
``` ```
This determines which menu to show and how cleanup works: This determines which menu to show and how cleanup works:
| State | Menu | Cleanup | | State | Menu | Cleanup |
|-------|------|---------| |-------|------|---------|
| `GIT_DIR == GIT_COMMON` (normal repo) | Standard 3 options | No worktree to clean up | | `GIT_DIR == GIT_COMMON` (normal repo) | Standard 4 options | No worktree to clean up |
| `GIT_DIR != GIT_COMMON`, named branch | Standard 3 options | Provenance-based (see Step 6) | | `GIT_DIR != GIT_COMMON`, named branch | Standard 4 options | Provenance-based (see Step 6) |
| `GIT_DIR != GIT_COMMON`, detached HEAD | Reduced 2 options (no merge) | Externally managed — leave in place | | `GIT_DIR != GIT_COMMON`, detached HEAD | Reduced 3 options (no merge) | No cleanup (externally managed) |
## Step 3: Determine Base Branch ### Step 3: Determine Base Branch
The base branch is whatever this work forked from — usually named in the ```bash
plan, the conversation, or the branch's upstream. If it is not already # Try common base branches
known, ask: "This branch split from <your best guess> - is that correct?" git merge-base HEAD main 2>/dev/null || git merge-base HEAD master 2>/dev/null
Confirm before merging: merging into the wrong base is expensive to undo. ```
## Step 4: Present Options Or ask: "This branch split from main - is that correct?"
**Normal repo and named-branch worktree — present exactly these 3 options:** ### Step 4: Present Options
**Normal repo and named-branch worktree — present exactly these 4 options:**
``` ```
Implementation complete. What would you like to do? Implementation complete. What would you like to do?
@@ -60,30 +73,28 @@ Implementation complete. What would you like to do?
1. Merge back to <base-branch> locally 1. Merge back to <base-branch> locally
2. Push and create a Pull Request 2. Push and create a Pull Request
3. Keep the branch as-is (I'll handle it later) 3. Keep the branch as-is (I'll handle it later)
4. Discard this work
Which option? Which option?
``` ```
**Detached HEAD — present exactly these 2 options:** **Detached HEAD — present exactly these 3 options:**
``` ```
Implementation complete. You're on a detached HEAD (externally managed workspace). Implementation complete. You're on a detached HEAD (externally managed workspace).
1. Push as new branch and create a Pull Request 1. Push as new branch and create a Pull Request
2. Keep as-is (I'll handle it later) 2. Keep as-is (I'll handle it later)
3. Discard this work
Which option? Which option?
``` ```
Present the menu exactly as written — concise, with every option coming **Don't add explanation** - keep options concise.
from the list above. Discarding the work happens only in response to your
human partner explicitly asking for it (see "If your human partner asks to
discard the work" below). Wait for their answer; the integration decision
is theirs.
## Step 5: Execute Choice ### Step 5: Execute Choice
### Option 1: Merge Locally #### Option 1: Merge Locally
```bash ```bash
# Get main repo root for CWD safety # Get main repo root for CWD safety
@@ -97,43 +108,34 @@ git merge <feature-branch>
# Verify tests on merged result # Verify tests on merged result
<test command> <test command>
# Only after merge succeeds: cleanup worktree (Step 6), then delete branch
``` ```
If tests fail on the merged result: stop, leave the worktree and branch in Then: Cleanup worktree (Step 6), then delete branch:
place, and investigate — nothing has been pushed, so the merge is local
and recoverable.
Once the merged result is green: clean up the worktree (Step 6), then
delete the branch:
```bash ```bash
git branch -d <feature-branch> git branch -d <feature-branch>
``` ```
### Option 2: Push and Create PR #### Option 2: Push and Create PR
```bash ```bash
# Push branch
git push -u origin <feature-branch> git push -u origin <feature-branch>
# From a detached HEAD, name the new branch on the remote:
# git push origin HEAD:refs/heads/<new-branch>
``` ```
Then create the pull/merge request against <base-branch> with the forge's **Do NOT clean up worktree** — user needs it alive to iterate on PR feedback.
tooling — its CLI if one is available, or the creation URL most forges
print when you push — following the repo's PR template and conventions if
present, and report the URL to your human partner.
Keep the worktree — your human partner iterates on PR feedback there. #### Option 3: Keep As-Is
### Option 3: Keep As-Is
Report: "Keeping branch <name>. Worktree preserved at <path>." Report: "Keeping branch <name>. Worktree preserved at <path>."
### If your human partner asks to discard the work **Don't cleanup worktree.**
This path exists only as a response to an explicit request to throw the #### Option 4: Discard
work away. Confirm first:
**Confirm first:**
``` ```
This will permanently delete: This will permanently delete:
- Branch <name> - Branch <name>
@@ -143,39 +145,41 @@ This will permanently delete:
Type 'discard' to confirm. Type 'discard' to confirm.
``` ```
Wait for that exact confirmation. When it arrives: Wait for exact confirmation.
If confirmed:
```bash ```bash
MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel) MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel)
cd "$MAIN_ROOT" cd "$MAIN_ROOT"
``` ```
Then clean up the worktree (Step 6) and force-delete the branch: Then: Cleanup worktree (Step 6), then force-delete branch:
```bash ```bash
git branch -D <feature-branch> git branch -D <feature-branch>
``` ```
## Step 6: Cleanup Workspace ### Step 6: Cleanup Workspace
**Runs for Option 1 and confirmed discards.** Options 2 and 3 always **Only runs for Options 1 and 4.** Options 2 and 3 always preserve the worktree.
preserve the worktree. Both callers have already changed directory to the
main repo root — worktree removal must run from outside the worktree — ```bash
and use the `GIT_DIR`/`GIT_COMMON`/`WORKTREE_PATH` values captured in GIT_DIR=$(cd "$(git rev-parse --git-dir)" 2>/dev/null && pwd -P)
Step 2, from before that directory change. GIT_COMMON=$(cd "$(git rev-parse --git-common-dir)" 2>/dev/null && pwd -P)
WORKTREE_PATH=$(git rev-parse --show-toplevel)
```
**If `GIT_DIR == GIT_COMMON`:** Normal repo, no worktree to clean up. Done. **If `GIT_DIR == GIT_COMMON`:** Normal repo, no worktree to clean up. Done.
**If `WORKTREE_PATH` is under `.worktrees/` or `worktrees/`:** Superpowers **If worktree path is under `.worktrees/` or `worktrees/`:** Superpowers created this worktree — we own cleanup.
created this worktree — we own cleanup:
```bash ```bash
MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel)
cd "$MAIN_ROOT"
git worktree remove "$WORKTREE_PATH" git worktree remove "$WORKTREE_PATH"
git worktree prune # Self-healing: clean up any stale registrations git worktree prune # Self-healing: clean up any stale registrations
``` ```
**Otherwise:** The host environment owns this workspace — leave it in **Otherwise:** The host environment (harness) owns this workspace. Do NOT remove it. If your platform provides a workspace-exit tool, use it. Otherwise, leave the workspace in place.
place. If your platform provides a workspace-exit tool, use it.
## Quick Reference ## Quick Reference
@@ -184,18 +188,54 @@ place. If your platform provides a workspace-exit tool, use it.
| 1. Merge locally | yes | - | - | yes | | 1. Merge locally | yes | - | - | yes |
| 2. Create PR | - | yes | yes | - | | 2. Create PR | - | yes | yes | - |
| 3. Keep as-is | - | - | yes | - | | 3. Keep as-is | - | - | yes | - |
| Discard (explicit request only) | - | - | - | yes (force) | | 4. Discard | - | - | - | yes (force) |
## Common Rationalizations ## Common Mistakes
| Excuse | Reality | **Skipping test verification**
|--------|---------| - **Problem:** Merge broken code, create failing PR
| "Tests passed earlier this session" | Run the suite on the tree you are about to integrate. A green run only proves the tree it ran on. | - **Fix:** Always verify tests before offering options
| "They obviously want it merged" | Integration is your human partner's decision. Present the menu and wait. |
| "They seem done with this feature — I'll offer to discard it" | The menu is complete as written. Discard happens only when your human partner asks for it in so many words. | **Open-ended questions**
| "'Yeah, get rid of it' counts as confirmation" | Only the typed word `discard` authorizes deletion. | - **Problem:** "What should I do next?" is ambiguous
| "The PR is up, so the worktree is clutter now" | PR feedback gets fixed in that worktree. It stays until the work lands. | - **Fix:** Present exactly 4 structured options (or 3 for detached HEAD)
| "This other worktree looks stale — I'll clean it too" | Clean up only worktrees under `.worktrees/` or `worktrees/`. Everything else belongs to the host. |
| "The merged-result failure is probably flaky" | A failing merged result stops everything. Branch and worktree stay put while you investigate. | **Cleaning up worktree for Option 2**
| "The base branch is obviously main" | Confirm the fork point or ask. Merging into the wrong base is expensive to undo. | - **Problem:** Remove worktree user needs for PR iteration
| "The push was rejected — force-push will fix it" | A rejected push means the remote moved. Investigate; force-push only on your human partner's explicit request. | - **Fix:** Only cleanup for Options 1 and 4
**Deleting branch before removing worktree**
- **Problem:** `git branch -d` fails because worktree still references the branch
- **Fix:** Merge first, remove worktree, then delete branch
**Running git worktree remove from inside the worktree**
- **Problem:** Command fails silently when CWD is inside the worktree being removed
- **Fix:** Always `cd` to main repo root before `git worktree remove`
**Cleaning up harness-owned worktrees**
- **Problem:** Removing a worktree the harness created causes phantom state
- **Fix:** Only clean up worktrees under `.worktrees/` or `worktrees/`
**No confirmation for discard**
- **Problem:** Accidentally delete work
- **Fix:** Require typed "discard" confirmation
## Red Flags
**Never:**
- Proceed with failing tests
- Merge without verifying tests on result
- Delete work without confirmation
- Force-push without explicit request
- Remove a worktree before confirming merge success
- Clean up worktrees you didn't create (provenance check)
- Run `git worktree remove` from inside the worktree
**Always:**
- Verify tests before offering options
- Detect environment before presenting menu
- Present exactly 4 options (or 3 for detached HEAD)
- Get typed confirmation for Option 4
- Clean up worktree for Options 1 & 4 only
- `cd` to main repo root before worktree removal
- Run `git worktree prune` after removal
+14 -3
View File
@@ -84,9 +84,6 @@ digraph process {
## Pre-Flight Plan Review ## Pre-Flight Plan Review
Ensure the work happens in an isolated workspace: use
superpowers:using-git-worktrees to create one or verify the existing one.
Before dispatching Task 1, scan the plan once for conflicts: Before dispatching Task 1, scan the plan once for conflicts:
- tasks that contradict each other or the plan's Global Constraints - tasks that contradict each other or the plan's Global Constraints
@@ -405,3 +402,17 @@ Done!
**If subagent fails task:** **If subagent fails task:**
- Dispatch fix subagent with specific instructions - Dispatch fix subagent with specific instructions
- Don't try to fix manually (context pollution) - Don't try to fix manually (context pollution)
## Integration
**Required workflow skills:**
- **superpowers:using-git-worktrees** - Ensures isolated workspace (creates one or verifies existing)
- **superpowers:writing-plans** - Creates the plan this skill executes
- **superpowers:requesting-code-review** - Code review template for the final whole-branch review
- **superpowers:finishing-a-development-branch** - Complete development after all tasks
**Subagents should use:**
- **superpowers:test-driven-development** - Subagents follow TDD for each task
**Alternative workflow:**
- **superpowers:executing-plans** - Use for parallel session instead of same-session execution
+4 -1
View File
@@ -188,7 +188,6 @@ You MUST complete each phase before proceeding to the next.
- Test passes now? - Test passes now?
- No other tests broken? - No other tests broken?
- Issue actually resolved? - Issue actually resolved?
- Use the `superpowers:verification-before-completion` skill before claiming success
4. **If Fix Doesn't Work** 4. **If Fix Doesn't Work**
- STOP - STOP
@@ -284,6 +283,10 @@ These techniques are part of systematic debugging and available in this director
- **`defense-in-depth.md`** - Add validation at multiple layers after finding root cause - **`defense-in-depth.md`** - Add validation at multiple layers after finding root cause
- **`condition-based-waiting.md`** - Replace arbitrary timeouts with condition polling - **`condition-based-waiting.md`** - Replace arbitrary timeouts with condition polling
**Related skills:**
- **superpowers:test-driven-development** - For creating failing test case (Phase 4, Step 1)
- **superpowers:verification-before-completion** - Verify fix worked before claiming success
## Real-World Impact ## Real-World Impact
From debugging sessions: From debugging sessions:
+7 -6
View File
@@ -203,12 +203,6 @@ Next failing test for next feature.
| **Clear** | Name describes behavior | `test('test1')` | | **Clear** | Name describes behavior | `test('test1')` |
| **Shows intent** | Demonstrates desired API | Obscures what code should do | | **Shows intent** | Demonstrates desired API | Obscures what code should do |
When writing or changing any test, read [writing-good-tests.md](writing-good-tests.md) for the rules that keep tests honest:
- Name the production change that would make the test fail — before writing it
- Assert on real behavior, never on mock behavior
- Keep test-only code in test utilities, out of production classes
- Understand a dependency's side effects before mocking it
## Why Order Matters ## Why Order Matters
**"I'll write tests after to verify it works"** **"I'll write tests after to verify it works"**
@@ -360,6 +354,13 @@ Bug found? Write failing test reproducing it. Follow TDD cycle. Test proves fix
Never fix bugs without a test. Never fix bugs without a test.
## Testing Anti-Patterns
When adding mocks or test utilities, read [testing-anti-patterns.md](testing-anti-patterns.md) to avoid common pitfalls:
- Testing mock behavior instead of real behavior
- Adding test-only methods to production classes
- Mocking without understanding dependencies
## Final Rule ## Final Rule
``` ```
@@ -0,0 +1,299 @@
# Testing Anti-Patterns
**Load this reference when:** writing or changing tests, adding mocks, or tempted to add test-only methods to production code.
## Overview
Tests must verify real behavior, not mock behavior. Mocks are a means to isolate, not the thing being tested.
**Core principle:** Test what the code does, not what the mocks do.
**Following strict TDD prevents these anti-patterns.**
## The Iron Laws
```
1. NEVER test mock behavior
2. NEVER add test-only methods to production classes
3. NEVER mock without understanding dependencies
```
## Anti-Pattern 1: Testing Mock Behavior
**The violation:**
```typescript
// ❌ BAD: Testing that the mock exists
test('renders sidebar', () => {
render(<Page />);
expect(screen.getByTestId('sidebar-mock')).toBeInTheDocument();
});
```
**Why this is wrong:**
- You're verifying the mock works, not that the component works
- Test passes when mock is present, fails when it's not
- Tells you nothing about real behavior
**your human partner's correction:** "Are we testing the behavior of a mock?"
**The fix:**
```typescript
// ✅ GOOD: Test real component or don't mock it
test('renders sidebar', () => {
render(<Page />); // Don't mock sidebar
expect(screen.getByRole('navigation')).toBeInTheDocument();
});
// OR if sidebar must be mocked for isolation:
// Don't assert on the mock - test Page's behavior with sidebar present
```
### Gate Function
```
BEFORE asserting on any mock element:
Ask: "Am I testing real component behavior or just mock existence?"
IF testing mock existence:
STOP - Delete the assertion or unmock the component
Test real behavior instead
```
## Anti-Pattern 2: Test-Only Methods in Production
**The violation:**
```typescript
// ❌ BAD: destroy() only used in tests
class Session {
async destroy() { // Looks like production API!
await this._workspaceManager?.destroyWorkspace(this.id);
// ... cleanup
}
}
// In tests
afterEach(() => session.destroy());
```
**Why this is wrong:**
- Production class polluted with test-only code
- Dangerous if accidentally called in production
- Violates YAGNI and separation of concerns
- Confuses object lifecycle with entity lifecycle
**The fix:**
```typescript
// ✅ GOOD: Test utilities handle test cleanup
// Session has no destroy() - it's stateless in production
// In test-utils/
export async function cleanupSession(session: Session) {
const workspace = session.getWorkspaceInfo();
if (workspace) {
await workspaceManager.destroyWorkspace(workspace.id);
}
}
// In tests
afterEach(() => cleanupSession(session));
```
### Gate Function
```
BEFORE adding any method to production class:
Ask: "Is this only used by tests?"
IF yes:
STOP - Don't add it
Put it in test utilities instead
Ask: "Does this class own this resource's lifecycle?"
IF no:
STOP - Wrong class for this method
```
## Anti-Pattern 3: Mocking Without Understanding
**The violation:**
```typescript
// ❌ BAD: Mock breaks test logic
test('detects duplicate server', () => {
// Mock prevents config write that test depends on!
vi.mock('ToolCatalog', () => ({
discoverAndCacheTools: vi.fn().mockResolvedValue(undefined)
}));
await addServer(config);
await addServer(config); // Should throw - but won't!
});
```
**Why this is wrong:**
- Mocked method had side effect test depended on (writing config)
- Over-mocking to "be safe" breaks actual behavior
- Test passes for wrong reason or fails mysteriously
**The fix:**
```typescript
// ✅ GOOD: Mock at correct level
test('detects duplicate server', () => {
// Mock the slow part, preserve behavior test needs
vi.mock('MCPServerManager'); // Just mock slow server startup
await addServer(config); // Config written
await addServer(config); // Duplicate detected ✓
});
```
### Gate Function
```
BEFORE mocking any method:
STOP - Don't mock yet
1. Ask: "What side effects does the real method have?"
2. Ask: "Does this test depend on any of those side effects?"
3. Ask: "Do I fully understand what this test needs?"
IF depends on side effects:
Mock at lower level (the actual slow/external operation)
OR use test doubles that preserve necessary behavior
NOT the high-level method the test depends on
IF unsure what test depends on:
Run test with real implementation FIRST
Observe what actually needs to happen
THEN add minimal mocking at the right level
Red flags:
- "I'll mock this to be safe"
- "This might be slow, better mock it"
- Mocking without understanding the dependency chain
```
## Anti-Pattern 4: Incomplete Mocks
**The violation:**
```typescript
// ❌ BAD: Partial mock - only fields you think you need
const mockResponse = {
status: 'success',
data: { userId: '123', name: 'Alice' }
// Missing: metadata that downstream code uses
};
// Later: breaks when code accesses response.metadata.requestId
```
**Why this is wrong:**
- **Partial mocks hide structural assumptions** - You only mocked fields you know about
- **Downstream code may depend on fields you didn't include** - Silent failures
- **Tests pass but integration fails** - Mock incomplete, real API complete
- **False confidence** - Test proves nothing about real behavior
**The Iron Rule:** Mock the COMPLETE data structure as it exists in reality, not just fields your immediate test uses.
**The fix:**
```typescript
// ✅ GOOD: Mirror real API completeness
const mockResponse = {
status: 'success',
data: { userId: '123', name: 'Alice' },
metadata: { requestId: 'req-789', timestamp: 1234567890 }
// All fields real API returns
};
```
### Gate Function
```
BEFORE creating mock responses:
Check: "What fields does the real API response contain?"
Actions:
1. Examine actual API response from docs/examples
2. Include ALL fields system might consume downstream
3. Verify mock matches real response schema completely
Critical:
If you're creating a mock, you must understand the ENTIRE structure
Partial mocks fail silently when code depends on omitted fields
If uncertain: Include all documented fields
```
## Anti-Pattern 5: Integration Tests as Afterthought
**The violation:**
```
✅ Implementation complete
❌ No tests written
"Ready for testing"
```
**Why this is wrong:**
- Testing is part of implementation, not optional follow-up
- TDD would have caught this
- Can't claim complete without tests
**The fix:**
```
TDD cycle:
1. Write failing test
2. Implement to pass
3. Refactor
4. THEN claim complete
```
## When Mocks Become Too Complex
**Warning signs:**
- Mock setup longer than test logic
- Mocking everything to make test pass
- Mocks missing methods real components have
- Test breaks when mock changes
**your human partner's question:** "Do we need to be using a mock here?"
**Consider:** Integration tests with real components often simpler than complex mocks
## TDD Prevents These Anti-Patterns
**Why TDD helps:**
1. **Write test first** → Forces you to think about what you're actually testing
2. **Watch it fail** → Confirms test tests real behavior, not mocks
3. **Minimal implementation** → No test-only methods creep in
4. **Real dependencies** → You see what the test actually needs before mocking
**If you're testing mock behavior, you violated TDD** - you added mocks without watching test fail against real code first.
## Quick Reference
| Anti-Pattern | Fix |
|--------------|-----|
| Assert on mock elements | Test real component or unmock it |
| Test-only methods in production | Move to test utilities |
| Mock without understanding | Understand dependencies first, mock minimally |
| Incomplete mocks | Mirror real API completely |
| Tests as afterthought | TDD - tests first |
| Over-complex mocks | Consider integration tests |
## Red Flags
- Assertion checks for `*-mock` test IDs
- Methods only called in test files
- Mock setup is >50% of test
- Test fails when you remove mock
- Can't explain why mock is needed
- Mocking "just to be safe"
## The Bottom Line
**Mocks are tools to isolate, not things to test.**
If TDD reveals you're testing mock behavior, you've gone wrong.
Fix: Test real behavior or question why you're mocking at all.
@@ -1,198 +0,0 @@
# Writing Good Tests
**Load this reference when:** writing or changing tests, adding mocks, or
adding cleanup/helper methods for tests.
## Overview
A test exists to catch a specific break. Two principles govern everything
here:
```
1. Every test names the break it catches
2. Every test exercises the real thing
```
Strict TDD produces both naturally: a test written first and watched
failing against real code has already proven it can fail, and only earns
a mock when the real dependency proves slow or external.
## Principle 1: Name the Break
Before writing the test body, answer: **what production change should
make this test fail — and is that change a bug or a decision?** A test
earns its place by catching a wrong branch, missing side effect, wrong
argument, boundary case, or broken contract.
**Derive expectations independently.** Use literals and hand-checked
fixtures; table-driven tests with literal `want` values are the preferred
shape. An expectation computed by the code under test — or its helpers —
passes no matter what that code does:
```typescript
// ❌ Mirror assertion: the same builder computes both sides — always true
const expected = buildSearchQuery({ tag: 'urgent' });
expect(buildSearchQuery({ tag: 'urgent' })).toBe(expected);
// ✅ Hand-derived literal
expect(buildSearchQuery({ tag: 'urgent' })).toBe('tag:"urgent"');
```
**No change detectors.** If only intentional decisions can fail a test —
a constant's value, exact message wording, private structure — it fires
on redesign and sleeps through bugs. Test the behavior that depends on
the decision: not `expect(MAX_RETRIES).toBe(5)` but "a failing call is
retried 5 times and the 6th attempt never happens."
**Behavior, not text.** Asserting that a script, skill, or config
contains an exact line proves only that the source is the source. Run
scripts against controlled inputs and assert outputs, side effects, or
exit codes. Documents that instruct agents are tested by the consuming
agent's behavior (superpowers:writing-skills); prose for humans earns no
test at all.
**Your code, not the framework.** Test the contract your code makes at
its boundaries — the route you register, the query you emit, the payload
you produce. Upstream mechanics are their maintainers' tests to write
(the classic: asserting your router invokes a registered handler — that
is the framework's test, not yours). When upstream behavior genuinely
surprised you, write one narrow characterization test naming the
assumption. The same boundary applies inside your code: constructors,
getters, constants, and trivial forwarding earn tests only when they
validate, normalize, default, derive, enforce, or cause side effects —
otherwise assert the first consumer-visible result that depends on them.
### Gate Function
```
BEFORE writing the test body:
Name the production change that would make this test fail.
Cannot name one → redesign around an observable behavior
"The source text changed" → run the artifact and assert its effects
Only intentional decisions → change detector; test the behavior
that depends on the decision
Confirm the expected value is derived without the code under test.
IF it reuses the code's logic or helpers:
Replace it with a literal or hand-checked fixture
```
## Principle 2: Exercise the Real Thing
**The mock earns no assertions.** A mock assertion passes when the mock
is present and fails when it is absent — it says nothing about the
component. Assert the real component's behavior; if the mock is what you
are checking, unmock it or delete the assertion.
```typescript
// ✅ Real behavior
expect(screen.getByRole('navigation')).toBeInTheDocument();
// ❌ Mock existence
expect(screen.getByTestId('sidebar-mock')).toBeInTheDocument();
```
**your human partner's correction:** "Are we testing the behavior of a
mock?"
**Mock at the right level.** Learn every side effect of the real method
before replacing it; mock the slow or external operation and keep what
the test depends on real. When unsure, run the test against the real
implementation first and observe what actually needs to happen.
```typescript
// ❌ The mock swallows the config write that duplicate detection reads
vi.mock('ToolCatalog', () => ({
discoverAndCacheTools: vi.fn().mockResolvedValue(undefined)
}));
// ✅ Mock only the slow server startup; the config write stays real
vi.mock('MCPServerManager');
```
**Make doubles specific.** When arguments, call counts, or ordering are
part of the contract, assert them — a fake that accepts anything verifies
nothing. Give each branch (success, error, malformed) its own fixture or
spy, so the wrong branch cannot satisfy the expectation.
**Mirror real data completely.** Mock the complete structure as it exists
in reality — all documented fields — not just the ones your test reads.
Partial mocks fail silently when downstream code reads an omitted field:
the test passes while integration breaks.
**Production classes carry production methods only.** Cleanup that only
tests need lives in test utilities, never as a `destroy()` on the
production class. Ask: is this method called only from tests? Does this
class own this resource's lifecycle? Wrong answers → test utility.
**Prefer real components over complex mocks.** When mock setup outgrows
the test logic, mocks miss methods the real components have, or tests
break when the mock changes, switch to an integration test with real
components. **your human partner's question:** "Do we need to be using a
mock here?"
### Gate Function
```
BEFORE adding a mock or test helper:
List the real method's side effects; keep the ones the test
depends on real — mock the slow/external level below them.
Mock responses mirror the complete real structure.
A method only tests call lives in test utilities, not production.
About to assert on the mock itself?
Unmock it or delete the assertion.
```
## Tests Ship With the Implementation
The TDD cycle — failing test, minimal implementation, refactor — is what
"complete" means. Ship the tests the behavior needs and only those:
trivial code and human prose earn none, and a test written to satisfy
process costs maintenance forever.
## The Mutation Check
Before finishing, mentally mutate the production code; at least one test
should fail for each realistic mutation:
- Wrong constant or argument
- Wrong branch handler
- Missing state change or side effect
- Empty or default return
- Missing validation for zero, empty, nil, unauthorized, or malformed input
A mutation nothing catches marks the behavior as unprotected — or the
test as tautological.
## Quick Reference
| When you... | Do |
|-------------|-----|
| Write any test | Name the break it catches — a bug, not a decision |
| Build an expected value | Derive it by hand; never with the code under test |
| Test a script or document | Run it / pressure-test its consumer; never grep its text |
| Reach for a dependency test | Test your boundary contract, not their documented mechanics |
| Want to assert on a mocked element | Test the real component, or unmock it |
| Are about to mock a method | Learn its side effects; mock the slow/external level |
| Build a mock response | Mirror the real structure completely |
| Need cleanup only tests use | Put it in test utilities |
| Watch mock setup balloon | Switch to an integration test with real components |
| Finish a test file | Run the mutation check |
## Warning Signs
- Setup and assertion share the same object, guaranteeing equality
- The test can fail only through a panic, crash, or missing selector
- The test fails on every intentional change, never on accidental breakage
- Expected values are hidden behind loops, builders, or helpers
- The test greps source text, or asserts a removed symbol stays removed
- The test would still matter if only the framework remained
- The test exists for coverage, checking no side effect or outcome
- An assertion checks a `*-mock` test ID, or fails if you remove the mock
- A method is called only from test files
- Mock setup is more than half the test, or you can't explain why the mock is needed
- Mocking "just to be safe"
@@ -1,63 +0,0 @@
# Gemini CLI Tool Mapping
Skills speak in actions ("dispatch a subagent", "create a todo", "read a file"). On Gemini CLI these resolve to the tools below.
| Action skills request | Gemini CLI equivalent |
|----------------------|----------------------|
| Read a file | `read_file` |
| Read multiple files at once | `read_many_files` |
| Create a new file | `write_file` |
| Edit a file | `replace` |
| Run a shell command | `run_shell_command` |
| Search file contents | `grep_search` |
| Find files by name | `glob` |
| List files and subdirectories | `list_directory` |
| Fetch a URL | `web_fetch` |
| Search the web | `google_web_search` |
| Invoke a skill | `activate_skill` |
| Dispatch a subagent (`Subagent (general-purpose):` template) | `invoke_agent` with `agent_name: "generalist"` (invocable via `@generalist` chat syntax — see [Subagent support](#subagent-support)) |
| Multiple parallel dispatches | Multiple `invoke_agent` calls in the same response |
| Task tracking ("create a todo", "mark complete") | `write_todos` (statuses: pending, in_progress, completed, cancelled, blocked) |
## Instructions file
When a skill mentions "your instructions file", on Gemini CLI this is **`GEMINI.md`**. Gemini CLI loads `GEMINI.md` hierarchically: global at `~/.gemini/GEMINI.md`, project-level files in workspace directories and their ancestors, and sub-directory `GEMINI.md` files when a tool accesses files in those directories.
## Personal skills directory
User-level skills live at **`~/.gemini/skills/`**, with **`~/.agents/skills/`** as a cross-runtime alias (shared with Codex and Copilot CLI). When both directories exist at the same scope, `.agents/skills/` takes precedence. Each skill is a subdirectory containing a `SKILL.md` (with `name` and `description` frontmatter).
## Subagent support
Gemini CLI dispatches subagents through the `invoke_agent` tool, which takes `agent_name` and `prompt` parameters. The same dispatch is also surfaced as a chat-syntax shortcut: typing `@generalist <prompt>` is equivalent to calling `invoke_agent` with `agent_name: "generalist"`. Built-in agent names include `generalist`, `cli_help`, `codebase_investigator`, and (with browser tooling enabled) `browser_agent`.
Skills dispatch with `Subagent (general-purpose):` and either reference a prompt-template file (e.g., `superpowers:subagent-driven-development`'s `./implementer-prompt.md`) or supply an inline prompt. On Gemini CLI:
| Skill dispatch form | Gemini CLI equivalent |
|---------------------|----------------------|
| References a `*-prompt.md` template (implementer, task-reviewer, code-reviewer, etc.) | Fill the template, then `invoke_agent` with `agent_name: "generalist"` and the filled prompt |
| References `superpowers:requesting-code-review`'s `./code-reviewer.md` | `invoke_agent` with `agent_name: "generalist"` and the filled review template |
| Inline prompt (no template referenced) | `invoke_agent` with `agent_name: "generalist"` and your inline prompt |
### Prompt filling
Skills provide prompt templates with placeholders like `{WHAT_WAS_IMPLEMENTED}` or `[FULL TEXT of task]`. Fill all placeholders before passing the complete prompt to `invoke_agent`. The prompt template itself contains the agent's role, review criteria, and expected output format — the subagent will follow it.
### Parallel dispatch
Gemini CLI supports parallel subagent dispatch. Issue multiple `invoke_agent` calls in the same response (or multiple `@generalist` invocations in one prompt) to run independent subagent work in parallel. Keep dependent tasks sequential, but do not serialize independent subagent tasks just to preserve a simpler history.
## Additional Gemini CLI tools
These tools are unique to Gemini CLI:
| Tool | Purpose |
|------|---------|
| `save_memory` (legacy) | Persist facts across sessions when `experimental.memoryV2 = false` |
| `get_internal_docs` | Look up Gemini CLI's bundled documentation |
| `ask_user` | Pose structured questions to the user (text / single-select / multi-select) |
| `enter_plan_mode` / `exit_plan_mode` | Switch into and out of read-only plan mode |
| `update_topic` | Update the current conversation's topic / strategic-intent metadata |
| `complete_task` | Signal that a Gemini subagent has completed and return its result to the parent agent |
| `tracker_create_task`, `tracker_update_task`, `tracker_get_task`, `tracker_list_tasks`, `tracker_add_dependency`, `tracker_visualize` | Rich task tracker with dependency and visualization support |
| `read_mcp_resource`, `list_mcp_resources` | MCP resource access |
+1 -1
View File
@@ -9,7 +9,7 @@ description: Use when creating new skills, editing existing skills, or verifying
**Writing skills IS Test-Driven Development applied to process documentation.** **Writing skills IS Test-Driven Development applied to process documentation.**
**Personal skills live in your runtime's skills directory** — see [claude-code-tools.md](../using-superpowers/references/claude-code-tools.md), [codex-tools.md](../using-superpowers/references/codex-tools.md), [copilot-tools.md](../using-superpowers/references/copilot-tools.md), or [gemini-tools.md](../using-superpowers/references/gemini-tools.md) for the path on your runtime. Codex, Copilot CLI, and Gemini CLI all also recognize `~/.agents/skills/` as a cross-runtime alias. **Personal skills live in your runtime's skills directory**
You write test cases (pressure scenarios with subagents), watch them fail (baseline behavior), write the skill (documentation), watch tests pass (agents comply), and refactor (close loopholes). You write test cases (pressure scenarios with subagents), watch them fail (baseline behavior), write the skill (documentation), watch tests pass (agents comply), and refactor (close loopholes).
-292
View File
@@ -1,292 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
SCRIPT_UNDER_TEST="$REPO_ROOT/scripts/package-codex-plugin.sh"
FAILURES=0
TEST_ROOT="$(mktemp -d)"
cleanup() {
rm -rf "$TEST_ROOT"
}
trap cleanup EXIT
pass() {
echo " [PASS] $1"
}
fail() {
echo " [FAIL] $1"
FAILURES=$((FAILURES + 1))
}
assert_equals() {
local actual="$1"
local expected="$2"
local description="$3"
if [[ "$actual" == "$expected" ]]; then
pass "$description"
else
fail "$description"
echo " expected: $expected"
echo " actual: $actual"
fi
}
assert_contains() {
local haystack="$1"
local needle="$2"
local description="$3"
if printf '%s' "$haystack" | grep -Fq -- "$needle"; then
pass "$description"
else
fail "$description"
echo " expected to find: $needle"
fi
}
assert_not_matches() {
local haystack="$1"
local pattern="$2"
local description="$3"
if printf '%s' "$haystack" | grep -Eq -- "$pattern"; then
fail "$description"
echo " did not expect to match: $pattern"
else
pass "$description"
fi
}
list_archive() {
local archive_path="$1"
case "$archive_path" in
*.tar.gz|*.tgz)
tar -tzf "$archive_path"
;;
*.zip)
unzip -Z1 "$archive_path"
;;
*)
unzip -Z1 "$archive_path"
;;
esac
}
normalize_archive_paths() {
sed 's#/$##' | LC_ALL=C sort
}
extract_archive() {
local archive_path="$1"
local destination="$2"
mkdir -p "$destination"
case "$archive_path" in
*.tar.gz|*.tgz)
tar -xzf "$archive_path" -C "$destination"
;;
*.zip)
unzip -q "$archive_path" -d "$destination"
;;
*)
unzip -q "$archive_path" -d "$destination"
;;
esac
}
read_archive_file() {
local archive_path="$1"
local file_path="$2"
case "$archive_path" in
*.tar.gz|*.tgz)
tar -xOf "$archive_path" "$file_path"
;;
*.zip)
unzip -p "$archive_path" "$file_path"
;;
*)
unzip -p "$archive_path" "$file_path"
;;
esac
}
write_metadata_fixture() {
local destination="$1"
local skill
while IFS= read -r skill; do
mkdir -p "$destination/skills/$skill/agents"
cat >"$destination/skills/$skill/agents/openai.yaml" <<EOF
interface:
display_name: "$skill"
short_description: "Fixture metadata for $skill"
EOF
done < <(find "$REPO_ROOT/skills" -mindepth 1 -maxdepth 1 -type d -print | sed 's#.*/##' | sort)
}
echo "Codex package archive tests"
metadata_source="$TEST_ROOT/metadata-source"
archive="$TEST_ROOT/superpowers"
tar_archive="$TEST_ROOT/superpowers.tar.gz"
extracted="$TEST_ROOT/extracted"
tar_extracted="$TEST_ROOT/tar-extracted"
write_metadata_fixture "$metadata_source"
source_hooks="$(python3 -c 'import json; print(json.load(open("'"$REPO_ROOT"'/.codex-plugin/plugin.json")).get("hooks"))')"
assert_equals "$source_hooks" "{}" "source Codex manifest suppresses local hook auto-discovery"
if output="$("$SCRIPT_UNDER_TEST" --allow-dirty --metadata-source "$metadata_source" --output "$archive" 2>&1)"; then
pass "package script exits successfully"
else
fail "package script exits successfully"
printf '%s\n' "$output" | sed 's/^/ /'
fi
if [[ -f "$archive" ]]; then
pass "package script writes archive"
else
fail "package script writes archive"
fi
assert_contains "$output" "Archive:" "reports archive path"
assert_contains "$output" "Format: zip" "reports default zip format"
assert_contains "$output" "SHA-256:" "reports archive checksum"
extract_archive "$archive" "$extracted"
archive_paths="$(list_archive "$archive" | normalize_archive_paths)"
unexpected_pattern='(^superpowers/|^\.agents/|^hooks/|package\.json$|^\.git|^\.pytest_cache|^\.ruff_cache|^scripts/|^tests/|^docs/|^evals/|^lib/|^\.claude|^\.cursor|^\.kimi|^\.opencode|^\.pi|^AGENTS\.md$|^CLAUDE\.md$|^GEMINI\.md$|^RELEASE-NOTES\.md$|^CHANGELOG\.md$)'
assert_not_matches "$archive_paths" "$unexpected_pattern" "archive excludes source-only paths"
assert_contains "$archive_paths" ".codex-plugin/plugin.json" "archive includes Codex manifest"
assert_contains "$archive_paths" "skills/brainstorming/SKILL.md" "archive includes skills"
assert_contains "$archive_paths" "skills/brainstorming/agents/openai.yaml" "archive includes OpenAI skill metadata"
assert_contains "$archive_paths" "assets/app-icon.png" "archive includes app icon"
assert_contains "$archive_paths" "assets/superpowers-small.svg" "archive includes composer icon"
manifest_summary="$(read_archive_file "$archive" .codex-plugin/plugin.json | python3 -c 'import json,sys; data=json.load(sys.stdin); print("\t".join([data["name"], data["version"], data["skills"], str(data.get("hooks"))]))')"
expected_version="$(python3 -c 'import json; print(json.load(open("'"$REPO_ROOT"'/.codex-plugin/plugin.json"))["version"])')"
assert_equals "$manifest_summary" "superpowers $expected_version ./skills/ $source_hooks" "archive manifest preserves source hooks"
skill_count="$(find "$extracted/skills" -mindepth 1 -maxdepth 1 -type d | wc -l | tr -d ' ')"
metadata_count="$(find "$extracted/skills" -path '*/agents/openai.yaml' -type f | wc -l | tr -d ' ')"
assert_equals "$metadata_count" "$skill_count" "every packaged skill has OpenAI metadata"
if [[ -x "$extracted/skills/subagent-driven-development/scripts/task-brief" ]]; then
pass "archive preserves executable script mode"
else
fail "archive preserves executable script mode"
fi
zip_times="$(python3 - "$archive" <<'PY'
import sys
import zipfile
with zipfile.ZipFile(sys.argv[1]) as archive:
print("\n".join(sorted({str(info.date_time) for info in archive.infolist()})))
PY
)"
assert_equals "$zip_times" "(1980, 1, 1, 0, 0, 0)" "zip archive normalizes entry timestamps"
if tar_output="$("$SCRIPT_UNDER_TEST" --allow-dirty --metadata-source "$metadata_source" --format tar.gz --output "$tar_archive" 2>&1)"; then
pass "package script writes explicit tar.gz archive"
else
fail "package script writes explicit tar.gz archive"
printf '%s\n' "$tar_output" | sed 's/^/ /'
fi
assert_contains "$tar_output" "Format: tar.gz" "reports explicit tar.gz format"
extract_archive "$tar_archive" "$tar_extracted"
tar_archive_paths="$(list_archive "$tar_archive" | normalize_archive_paths)"
assert_equals "$tar_archive_paths" "$archive_paths" "zip and tar.gz archives contain the same paths"
tar_task_brief_mode="$(tar -tzvf "$tar_archive" skills/subagent-driven-development/scripts/task-brief | awk '{print $1}')"
assert_equals "$tar_task_brief_mode" "-rwxr-xr-x" "tar.gz archive preserves executable script mode"
tar_metadata_times="$(tar -tzvf "$tar_archive" | awk '{print $6, $7, $8}' | sort -u)"
assert_equals "$tar_metadata_times" "Dec 31 1969" "tar.gz archive normalizes entry timestamps"
metadata_archive="$TEST_ROOT/metadata-source.tar.gz"
metadata_zip="$TEST_ROOT/metadata-source.zip"
archive_from_tar_source="$TEST_ROOT/superpowers-from-tar-source.zip"
archive_from_zip_source="$TEST_ROOT/superpowers-from-zip-source.zip"
(
cd "$metadata_source"
tar -czf "$metadata_archive" .
zip -X -q -r "$metadata_zip" .
)
if output="$("$SCRIPT_UNDER_TEST" --allow-dirty --metadata-source "$metadata_archive" --output "$archive_from_tar_source" 2>&1)"; then
pass "package script accepts tarball metadata source"
else
fail "package script accepts tarball metadata source"
printf '%s\n' "$output" | sed 's/^/ /'
fi
if cmp -s "$archive" "$archive_from_tar_source"; then
pass "tarball metadata source produces identical archive"
else
fail "tarball metadata source produces identical archive"
fi
if output="$("$SCRIPT_UNDER_TEST" --allow-dirty --metadata-source "$metadata_zip" --output "$archive_from_zip_source" 2>&1)"; then
pass "package script accepts zip metadata source"
else
fail "package script accepts zip metadata source"
printf '%s\n' "$output" | sed 's/^/ /'
fi
if cmp -s "$archive" "$archive_from_zip_source"; then
pass "zip metadata source produces identical archive"
else
fail "zip metadata source produces identical archive"
fi
incomplete_metadata="$TEST_ROOT/incomplete-metadata"
mkdir -p "$incomplete_metadata/skills/brainstorming/agents"
cp "$metadata_source/skills/brainstorming/agents/openai.yaml" \
"$incomplete_metadata/skills/brainstorming/agents/openai.yaml"
set +e
missing_output="$("$SCRIPT_UNDER_TEST" --allow-dirty --metadata-source "$incomplete_metadata" --output "$TEST_ROOT/missing.tar.gz" 2>&1)"
missing_status=$?
set -e
if [[ "$missing_status" -ne 0 ]]; then
pass "package script rejects incomplete metadata source"
else
fail "package script rejects incomplete metadata source"
fi
assert_contains "$missing_output" "ERROR: metadata source is incomplete" "incomplete metadata reports clear error"
dirty_repo="$TEST_ROOT/dirty-repo"
git clone -q --no-local "$REPO_ROOT" "$dirty_repo"
printf '\n# dirty fixture\n' >>"$dirty_repo/README.md"
set +e
dirty_output="$(
cd "$dirty_repo"
scripts/package-codex-plugin.sh \
--metadata-source "$metadata_source" \
--output "$TEST_ROOT/dirty.zip" 2>&1
)"
dirty_status=$?
set -e
if [[ "$dirty_status" -ne 0 ]]; then
pass "package script rejects dirty worktree by default"
else
fail "package script rejects dirty worktree by default"
fi
assert_contains "$dirty_output" "Working tree has uncommitted changes:" "dirty worktree reports changed files"
if [[ "$FAILURES" -eq 0 ]]; then
echo "All Codex package archive tests passed"
else
echo "$FAILURES Codex package archive test(s) failed"
exit 1
fi
+40 -4
View File
@@ -4,6 +4,7 @@ set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)" REPO_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
HOOK_UNDER_TEST="$REPO_ROOT/hooks/session-start" HOOK_UNDER_TEST="$REPO_ROOT/hooks/session-start"
CODEX_HOOK_UNDER_TEST="$REPO_ROOT/hooks/session-start-codex"
WRAPPER_UNDER_TEST="$REPO_ROOT/hooks/run-hook.cmd" WRAPPER_UNDER_TEST="$REPO_ROOT/hooks/run-hook.cmd"
FAILURES=0 FAILURES=0
@@ -153,15 +154,35 @@ assert_command_output \
CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \ CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \
bash "$HOOK_UNDER_TEST" bash "$HOOK_UNDER_TEST"
wrapper_home="$(make_home run-hook-wrapper)" codex_home="$(make_home codex-plugin-hooks)"
codex_data="$TEST_ROOT/codex-plugin-hooks/data"
mkdir -p "$codex_data"
assert_command_output \ assert_command_output \
"run-hook.cmd wrapper dispatches to the named session-start script" \ "Codex plugin hooks use dedicated script and emit nested SessionStart additionalContext" \
"nested" \ "nested" \
"" \ "" \
"" \ "" \
"$wrapper_home" \ "$codex_home" \
PLUGIN_DATA="$codex_data" \
CLAUDE_PLUGIN_DATA="$codex_data" \
PLUGIN_ROOT="$REPO_ROOT" \
CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \ CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \
bash "$WRAPPER_UNDER_TEST" session-start bash "$CODEX_HOOK_UNDER_TEST"
codex_wrapper_home="$(make_home codex-wrapper)"
codex_wrapper_data="$TEST_ROOT/codex-wrapper/data"
mkdir -p "$codex_wrapper_data"
assert_command_output \
"Codex wrapper path dispatches to dedicated script" \
"nested" \
"" \
"" \
"$codex_wrapper_home" \
PLUGIN_DATA="$codex_wrapper_data" \
CLAUDE_PLUGIN_DATA="$codex_wrapper_data" \
PLUGIN_ROOT="$REPO_ROOT" \
CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \
bash "$WRAPPER_UNDER_TEST" session-start-codex
cursor_home="$(make_home cursor)" cursor_home="$(make_home cursor)"
assert_command_output \ assert_command_output \
@@ -196,6 +217,21 @@ assert_command_output \
CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \ CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \
bash "$HOOK_UNDER_TEST" bash "$HOOK_UNDER_TEST"
codex_legacy_home="$(make_home codex-legacy-warning-removed)"
codex_legacy_data="$TEST_ROOT/codex-legacy-warning-removed/data"
mkdir -p "$codex_legacy_home/.config/superpowers/skills" "$codex_legacy_data"
assert_command_output \
"Codex SessionStart omits obsolete legacy custom-skill warning" \
"nested" \
"" \
"Superpowers now uses"$'\037'"~/.config/superpowers/skills"$'\037'"~/.claude/skills"$'\037'"legacy" \
"$codex_legacy_home" \
PLUGIN_DATA="$codex_legacy_data" \
CLAUDE_PLUGIN_DATA="$codex_legacy_data" \
PLUGIN_ROOT="$REPO_ROOT" \
CLAUDE_PLUGIN_ROOT="$REPO_ROOT" \
bash "$CODEX_HOOK_UNDER_TEST"
if [[ "$FAILURES" -gt 0 ]]; then if [[ "$FAILURES" -gt 0 ]]; then
echo "STATUS: FAILED ($FAILURES failure(s))" echo "STATUS: FAILED ($FAILURES failure(s))"
exit 1 exit 1