feat(presets): add enable/disable toggle and update semantics#1891
Merged
mnriem merged 14 commits intogithub:mainfrom Mar 19, 2026
Merged
feat(presets): add enable/disable toggle and update semantics#1891mnriem merged 14 commits intogithub:mainfrom
mnriem merged 14 commits intogithub:mainfrom
Conversation
Add preset enable/disable CLI commands and update semantics to match the extension system capabilities. Changes: - Add `preset enable` and `preset disable` CLI commands - Add `restore()` method to PresetRegistry for rollback scenarios - Update `get()` and `list()` to return deep copies (prevents mutation) - Update `list_by_priority()` to filter disabled presets by default - Add input validation to `restore()` for defensive programming - Add 16 new tests covering all functionality and edge cases Closes github#1851 Closes github#1852 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR expands the preset system to support safer registry mutation patterns (rollback/restore and copy isolation) and adds CLI enable/disable toggles so presets can be temporarily turned off without uninstalling, while ensuring disabled presets are skipped during template resolution.
Changes:
- Added
PresetRegistry.restore()plus deep-copy isolation forPresetRegistry.get()andPresetRegistry.list(). - Updated
PresetRegistry.list_by_priority()to exclude disabled presets by default (with aninclude_disabledoverride). - Introduced
specify preset enable|disablecommands and added tests covering restore, deep-copy behavior, disabled filtering, CLI flows, and corrupted-state handling.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy semantics for registry reads, and default filtering of disabled presets in priority listing (affects resolution). |
src/specify_cli/__init__.py |
Adds preset enable / preset disable Typer commands with project checks and corrupted-state handling. |
tests/test_presets.py |
Adds coverage for restore validation, deep-copy protection, list-by-priority filtering, CLI enable/disable flows, and resolution behavior when disabled. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Fix error message in restore() to match actual validation ("dict" not "non-empty dict")
- Use copy.deepcopy() in restore() to prevent caller mutation
- Apply same fixes to ExtensionRegistry for parity
- Add /defensive-check command for pre-PR validation
- Add tests for restore() validation and deep copy behavior
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
Author
|
Addressed both review comments:
Also applied the same fixes to Added |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset system to support safer registry semantics and operational toggling, bringing presets closer to feature parity with extensions (update/restore patterns and enable/disable behavior).
Changes:
- Add
PresetRegistry.restore()plus defensive validation, and alignExtensionRegistry.restore()behavior (validation + deep copy). - Return deep copies from preset registry
get()/list()and filter disabled presets by default inlist_by_priority(). - Add
specify preset enable/disablecommands and corresponding tests, including behavior around disabled preset resolution.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy protections for registry reads, and default filtering of disabled presets in priority ordering (affects resolution). |
src/specify_cli/extensions.py |
Hardens restore() with input validation and deep-copy to avoid caller mutation and align with presets. |
src/specify_cli/__init__.py |
Introduces preset enable/disable CLI commands for toggling preset enabled state. |
tests/test_presets.py |
Adds coverage for preset restore validation, deep-copy behavior, disabled filtering, CLI enable/disable flows, and resolution skipping. |
tests/test_extensions.py |
Adds coverage for extension restore validation and deep-copy behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Add note to enable/disable output clarifying commands/skills remain active - Add include_disabled parameter to ExtensionRegistry.list_by_priority for parity - Add tests for extension disabled filtering Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset (and related extension) registry semantics to support safer state management and toggling without uninstalling, aligning presets more closely with extensions and improving robustness during rollback/registry-corruption scenarios.
Changes:
- Add
preset enable/preset disableCLI commands to toggle installed presets without removal. - Add
PresetRegistry.restore()and updateget()/list()to return deep copies (defensive against accidental mutation). - Update
list_by_priority()for presets/extensions to exclude disabled entries by default (with an override to include them).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore() and deep-copy isolation for registry reads; filters disabled presets in priority listing. |
src/specify_cli/extensions.py |
Adds validation/deep-copy to restore() and changes list_by_priority() to exclude disabled by default. |
src/specify_cli/__init__.py |
Introduces specify preset enable/disable commands with corrupted-state handling and user messaging. |
tests/test_presets.py |
Adds unit/integration tests for restore semantics, deep-copy behavior, enable/disable, and disabled preset resolution behavior. |
tests/test_extensions.py |
Adds tests for restore() input validation/deep-copy and for list_by_priority() disabled filtering semantics. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
…entries - Fix _get_all_extensions_by_priority to use include_disabled=True for tracking registered IDs, preventing disabled extensions from being picked up as unregistered directories - Add corrupted entry handling to get() - returns None for non-dict entries - Add integration tests for disabled extension template resolution - Add tests for get() corrupted entry handling in both registries Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds preset enable/disable toggling and safer registry mutation semantics to better support rollback/update workflows and prevent accidental state mutation during resolution.
Changes:
- Introduces
PresetRegistry.restore()and strengthens registry isolation by returning deep copies fromget()/list(). - Adds
specify preset enable|disablecommands and filters disabled presets/extensions out of priority-based resolution by default. - Extends test coverage for restore validation, deep-copy behavior, corrupted registry entries, and disabled template resolution.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy returns, and default filtering of disabled presets during priority iteration; updates resolver to avoid reintroducing disabled extensions via fallback scan. |
src/specify_cli/extensions.py |
Makes restore() validate input + deep copy; ensures get() handles corrupted entries; adds include_disabled option to list_by_priority() with disabled excluded by default. |
src/specify_cli/__init__.py |
Adds new preset enable / preset disable CLI commands with corrupted-state handling and messaging about what disabling affects. |
tests/test_presets.py |
Adds tests for preset restore/deep-copy/corruption handling, disabled preset resolution behavior, and disabled extension template resolution regressions. |
tests/test_extensions.py |
Adds tests for extension restore validation/deep-copy, corrupted get behavior, and include/exclude disabled behavior in list_by_priority(). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Add defensive handling to list() when presets/extensions is not a dict - Return empty dict instead of crashing on corrupted registry - Apply same fix to both PresetRegistry and ExtensionRegistry for parity - Add tests for corrupted registry handling Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset/extension registry semantics to support enable/disable toggles and safer registry mutation patterns (restore/deep-copy), and updates template resolution to skip disabled items.
Changes:
- Add
preset enable/preset disableCLI commands that toggle a preset’senabledflag without removing it. - Add
PresetRegistry.restore()and update registry accessors (get(),list(),list_by_priority()) to use deep copies and filter disabled entries by default. - Update template resolution to skip disabled presets/extensions (including preventing disabled extensions from being re-introduced via the “unregistered dir scan” fallback).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy protections, and disabled filtering; updates extension resolution logic to respect disabled state. |
src/specify_cli/extensions.py |
Aligns restore() validation/deep-copy and adds disabled filtering + corrupted-registry handling in list(). |
src/specify_cli/__init__.py |
Introduces preset enable/disable Typer commands with user messaging and error handling. |
tests/test_presets.py |
Adds coverage for restore/deep-copy/corruption handling, preset enable/disable CLI, and disabled resolution behavior. |
tests/test_extensions.py |
Adds coverage for restore input validation, deep-copy/corruption handling, and disabled filtering semantics. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- get() now validates self.data["presets/extensions"] is a dict before accessing - restore() ensures presets/extensions dict exists before writing - Prevents crashes when registry JSON is parseable but has corrupted structure - Applied same fixes to both PresetRegistry and ExtensionRegistry for parity Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset/extension registry semantics to support enable/disable toggles, safe rollback via restore(), and defensive deep-copying to prevent accidental in-memory mutation—while ensuring disabled presets/extensions are skipped during template resolution.
Changes:
- Add
PresetRegistry.restore()plus deep-copy isolation inPresetRegistry.get()/list()and default filtering of disabled presets inlist_by_priority(). - Add
preset enable/preset disableCLI commands and update template resolution to exclude disabled presets/extensions (including preventing disabled extensions from being picked up via “unregistered directory” fallback). - Add/extend test coverage for restore validation, deep-copy behavior, corrupted registry handling, disabled filtering, and disabled template resolution.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy return semantics, and default exclusion of disabled presets during priority listing/resolution. |
src/specify_cli/extensions.py |
Aligns extension registry behavior with presets (restore validation, deep-copy returns, corrupted-entry handling, disabled filtering). |
src/specify_cli/__init__.py |
Introduces specify preset enable/disable commands to flip the registry enabled flag. |
tests/test_presets.py |
Adds tests for restore/deep-copy/corruption, disabled preset filtering, and disabled extension template resolution regressions. |
tests/test_extensions.py |
Adds tests for extension restore validation/deep-copy/corruption and disabled filtering in list_by_priority(). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- _load() now validates json.load() result is a dict before returning - is_installed() validates presets/extensions is a dict before checking membership - Prevents crashes when registry file is valid JSON but wrong type (e.g., array) - Applied same fixes to both registries for parity Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset system to support reversible state changes (enable/disable + restore semantics) and hardens registry access patterns to avoid accidental mutation and improve corrupted-registry resilience, while aligning preset/extension behaviors during template resolution.
Changes:
- Added
specify preset enable|disablecommands to toggle presets without uninstalling. - Introduced
PresetRegistry.restore()and updated registry reads (get(),list()) to return deep copies and handle corrupted entries more safely. - Updated priority ordering to exclude disabled presets/extensions by default and ensured disabled extensions are not reintroduced via unregistered-dir scanning during resolution.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy isolation for reads, defensive handling for corrupted entries, and disables presets in list_by_priority() by default; updates extension resolution to respect disabled state. |
src/specify_cli/extensions.py |
Aligns extension registry behavior with presets: dict validation on load, deep-copy reads, defensive corrupted-entry handling, and list_by_priority(include_disabled=...). |
src/specify_cli/__init__.py |
Adds new Typer CLI commands preset enable / preset disable that flip the registry enabled flag with user messaging. |
tests/test_presets.py |
Adds unit + integration tests for restore/deep-copy behavior, corrupted registry handling, enable/disable commands, and resolution skipping for disabled presets/extensions. |
tests/test_extensions.py |
Adds tests for restore input validation, deep-copy behavior, corrupted registry handling, and list_by_priority() disabled filtering. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- _load() now normalizes the presets/extensions field to {} if not a dict
- Makes corrupted registries recoverable for add/update/remove operations
- Applied same fix to both registries for parity
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds safer preset/extension registry mutation semantics and introduces preset enable/disable toggles so presets can be temporarily excluded from template resolution without uninstalling.
Changes:
- Added
PresetRegistry.restore()for rollback scenarios and hardened registry loading against corrupted JSON structures. - Updated
get()/list()to return deep copies and updatedlist_by_priority()to exclude disabled entries by default (with an opt-in to include them). - Added
preset enable/preset disableCLI commands and expanded tests for restore/deep-copy behavior, corrupted registry handling, and disabled template resolution.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
tests/test_presets.py |
Adds tests for restore(), deep-copy protection, preset enable/disable CLI, and resolution behavior when presets/extensions are disabled. |
tests/test_extensions.py |
Adds tests for ExtensionRegistry.restore() validation, deep-copy behavior, corrupted entries, and disabled filtering in list_by_priority(). |
src/specify_cli/presets.py |
Implements PresetRegistry.restore(), hardens _load(), returns deep copies from get()/list(), adds disabled filtering to list_by_priority(), and updates resolver extension handling. |
src/specify_cli/extensions.py |
Hardens _load(), validates/deep-copies restore(), returns None for corrupted entries in get(), returns {} for corrupted in list(), and adds disabled filtering to list_by_priority(). |
src/specify_cli/__init__.py |
Adds specify preset enable/disable CLI commands with user messaging about scope of the toggle. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Use registry.list().keys() instead of list_by_priority() for tracking - Corrupted entries are now treated as tracked, not picked up as unregistered - Tighten test assertion for disabled preset resolution - Update test to match new expected behavior for corrupted entries Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds preset enable/disable toggles and safer registry mutation semantics (restore + deep-copy isolation), aligning presets with the extension registry’s defensive patterns and ensuring disabled items are excluded from template resolution.
Changes:
- Add
specify preset enable|disablecommands to toggle presets without uninstalling. - Add
PresetRegistry.restore()and harden registry access (_loadnormalization, deep-copyingget()/list(), corruption handling). - Exclude disabled presets/extensions from
list_by_priority()by default and ensure template resolution skips disabled items (with regression/integration tests).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/test_presets.py | Adds tests for PresetRegistry.restore(), deep-copy behavior, corrupted-state handling, and disabled preset/extension resolution behavior. |
| tests/test_extensions.py | Extends extension registry tests for restore validation, deep-copy/corruption behavior, disabled filtering, and resolver regression around corrupted entries. |
| src/specify_cli/presets.py | Implements preset registry restore + deep-copy isolation, adds disabled filtering to priority listing, and adjusts resolver extension handling to avoid “unregistered dir” fallback for disabled/corrupted entries. |
| src/specify_cli/extensions.py | Hardens extension registry load/restore/get/list/list_by_priority with corruption handling and disabled filtering by default. |
| src/specify_cli/init.py | Adds preset enable / preset disable Typer commands and keeps preset list output showing enabled/disabled status. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Add defensive check for corrupted metadata in remove() - Match existing pattern in PresetManager.remove() Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the preset/extension registries and CLI to support enable/disable toggles and safer registry mutation patterns (restore + deep-copy isolation), and updates template resolution to skip disabled items by default.
Changes:
- Add
PresetRegistry.restore()(and strengthenExtensionRegistry.restore()) with input validation and deep-copy isolation. - Make
get()/list()return deep copies; makelist_by_priority()exclude disabled entries by default (withinclude_disabled=Trueescape hatch). - Add
specify preset enable|disablecommands and update template resolution to skip disabled presets/extensions (including unregistered-dir fallback).
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore + deep-copy protections; filters disabled items in priority listing; updates resolver extension tracking to avoid disabled/corrupted entries being picked up as “unregistered”. |
src/specify_cli/extensions.py |
Adds registry load normalization, restore validation/deep-copy, defensive get/list behavior, and disabled filtering in list_by_priority(). |
src/specify_cli/__init__.py |
Introduces preset enable / preset disable CLI commands. |
tests/test_presets.py |
Adds coverage for restore validation/deep copy, corrupted registry handling, disabled preset resolution behavior, and CLI enable/disable flows. |
tests/test_extensions.py |
Adds coverage for restore validation/deep copy, corrupted registry handling, disabled filtering, and resolution regression around corrupted/unregistered scanning. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
- Add lightweight keys() method that returns IDs without deep copy - Update list() to filter out non-dict entries (match type contract) - Use keys() instead of list().keys() for performance - Fix comment to reflect actual behavior Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
… parity - Extension enable/disable: use delta pattern matching presets - add(): use copy.deepcopy(metadata) in both registries - remove(): guard outer field for corruption in both registries - update(): guard outer field for corruption in both registries Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Adds safer preset/extension registry semantics and CLI toggles so presets/extensions can be enabled/disabled without uninstalling, while hardening registry access against corruption and accidental mutation.
Changes:
- Add
preset enable/preset disablecommands and update template resolution to skip disabled presets/extensions. - Add
restore()toPresetRegistry(and extendExtensionRegistry.restore()validation) pluskeys()helpers to avoid corrupted/disabled entries being treated as “unregistered”. - Make registry
get()/list()return deep copies and add tests for deep-copy behavior and corrupted-registry edge cases.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Registry hardening (restore, deep-copy get/list, disabled filtering) + resolver changes to avoid disabled/corrupted extensions being resolved. |
src/specify_cli/extensions.py |
Registry hardening (restore validation, deep-copy get/list, disabled filtering, keys() helper). |
src/specify_cli/__init__.py |
Adds preset enable/disable commands; adjusts extension enable/disable to update only the enabled field. |
tests/test_presets.py |
Adds coverage for restore validation, deep-copy isolation, disabled preset resolution behavior, and disabled/corrupted extension resolution behavior. |
tests/test_extensions.py |
Adds coverage for restore validation/deep-copy/corruption handling and disabled filtering semantics. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR enhances the presets system to support safer registry mutation patterns and an enable/disable toggle, aligning preset behavior more closely with extensions and making template resolution respect disabled state.
Changes:
- Added
preset enable/preset disableCLI commands to toggle presets without uninstalling. - Added
restore()toPresetRegistryand hardened both preset/extension registries against corrupted on-disk state (deep-copy reads, filtering invalid entries, defensive_load()). - Updated priority-based resolution to exclude disabled presets/extensions by default, with explicit opt-in to include them when needed.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds defensive registry loading, deep-copy isolation, restore() and keys(), and excludes disabled presets from list_by_priority() by default; updates extension-resolution logic to avoid “unregistered dir” fallback for disabled/corrupted extensions. |
src/specify_cli/extensions.py |
Mirrors the defensive registry behaviors (deep copies, restore() validation, keys(), exclude disabled by default in list_by_priority()), and hardens removal logic when metadata is missing/corrupted. |
src/specify_cli/__init__.py |
Introduces preset enable/disable commands and adjusts extension enable/disable to update only the enabled field via partial registry updates. |
tests/test_presets.py |
Adds coverage for preset restore(), deep-copy behavior, corrupted registry handling, preset enable/disable CLI, and disabled preset/extension resolution behavior. |
tests/test_extensions.py |
Adds/adjusts tests for extension restore() validation, corrupted registry behavior, and default exclusion of disabled extensions from priority lists. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
Both PresetRegistry.update() and ExtensionRegistry.update() now deep copy the input updates/metadata dict to prevent callers from mutating nested objects after the call. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Contributor
Author
|
Ready for review. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds enable/disable semantics and safer mutation patterns to the preset (and extension) registries, ensuring disabled presets/extensions are excluded from template resolution while protecting registry state from accidental caller mutation.
Changes:
- Add
specify preset enable|disablecommands to toggle a preset’senabledflag without uninstalling. - Add
PresetRegistry.restore()and harden both registries against corrupted on-disk/in-memory state (type validation, non-dict entry handling). - Make registry reads return deep copies and update resolution ordering to skip disabled presets/extensions by default.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
src/specify_cli/presets.py |
Adds restore(), deep-copy isolation for registry reads/writes, keys(), and default exclusion of disabled presets; updates resolver to avoid disabled/corrupted extension fallback resolution. |
src/specify_cli/extensions.py |
Mirrors registry hardening and deep-copy semantics; adds keys() and default exclusion of disabled extensions in list_by_priority(). |
src/specify_cli/__init__.py |
Introduces preset enable/disable commands; adjusts extension enable/disable to use partial update() payloads. |
tests/test_presets.py |
Adds coverage for restore(), deep-copy behavior, corrupted-entry behavior, preset enable/disable CLI, and resolution skipping for disabled presets/extensions. |
tests/test_extensions.py |
Adds parity tests for restore validation/deep-copy, corrupted-entry behavior, and list-by-priority disabled filtering. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
Collaborator
|
Thank you! |
kanfil
added a commit
to tikalk/agentic-sdlc-spec-kit
that referenced
this pull request
Mar 19, 2026
Upstream changes merged: - feat: migrate Codex/agy init to native skills workflow (github#1906) - feat(presets): add enable/disable toggle and update semantics (github#1891) - feat: add iFlow CLI support (github#1875) - feat(commands): wire before/after hook events into specify and plan templates (github#1886) - Add conduct extension to community catalog (github#1908) - feat(extensions): add verify-tasks extension to community catalog (github#1871) Tikalk customizations preserved: - Orange theme (ACCENT_COLOR = #f47721) - Pre-Installed Extensions panel in init output - --team-ai-directives CLI parameter - /spec.* command aliases (instead of /speckit.*) - Skills package manager (specify skill subcommand) - Bundled extensions/presets installation - install_bundled_extensions, install_bundled_presets, get_preinstalled_extensions functions Version: 0.1.15
maxfindel
pushed a commit
to fellowship-dev/spec-kit
that referenced
this pull request
Apr 24, 2026
* Add /selftest.extension core extension to test other extensions (#1758)
* test(commands): create extension-commands LLM playground sandbox
* update(tests): format LLM evaluation as an automated test runner
* test(commands): map extension-commands python script with timestamps
* test(commands): map extension-commands python script with timestamps
* test(commands): update TESTING.md to evaluate discovery, lint, and deploy explicitly
* test(commands): simplify execution expectations and add timestamp calculation
* fix(tests): address copilot review comments on prompt formatting and relative paths
* fix(tests): resolve copilot PR feedback regarding extension schema structure and argparse mutually exclusive groups
* feat(extensions): add core selftest utility and migrate away from manual tests sandbox
* fix(selftest): update command name array to match spec-kit validation schema
* fix(selftest): wrap arguments in quotes to support multi-word extension names
* update the command to be more meaningful
* fix: if the extension is discovery only, it should not be installable
* Address review comments for selftest documentation
* address review comments
* address review comments
* Update extensions/selftest/commands/selftest.md
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix(cli): deprecate explicit command support for agy (#1798) (#1808)
* fix(cli): deprecate explicit command support for agy (#1798)
* docs(cli): add tests and docs for agy deprecation (#1798)
* fix: address review comments for agy deprecation
* fix: address round 2 review comments for agy deprecation
* fix: address round 3 review comments for agy deprecation
* fix: address round 4 review comments for agy deprecation
* fix: address round 5 review comments for agy deprecation
* docs: add inline contextual comments to explain agy deprecation
* docs: clarify historical context in agy deprecation docstring
* fix: correct skills path in deprecation comment and make test mock fully deterministic
* fix: migrate Qwen Code CLI from TOML to Markdown format (#1589) (#1730)
* fix: migrate Qwen Code CLI from TOML to Markdown format (#1589)
Qwen Code CLI v0.10.0 deprecated TOML format and fully switched to
Markdown as the core format for configuration and interaction files.
- Update create-release-packages.sh: generate .md files with $ARGUMENTS
instead of .toml files with {{args}} for qwen agent
- Update create-release-packages.ps1: same change for PowerShell script
- Update AGENTS.md: reflect Qwen's new Markdown format in docs and
remove Qwen from TOML format section
- Update tests/test_ai_skills.py: add commands_dir_qwen fixture and
tests covering Markdown-format skills installation for Qwen
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: update CommandRegistrar qwen config to Markdown format
extensions.py CommandRegistrar.AGENT_CONFIGS['qwen'] was still set to
TOML format, causing `specify extension` to write .toml files into
.qwen/commands, conflicting with Qwen Code CLI v0.10.0+ expectations.
- Change qwen format from toml to markdown
- Change qwen args from {{args}} to $ARGUMENTS
- Change qwen extension from .toml to .md
- Add test to assert qwen config is Markdown format
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* fix: clean up command templates (specify, analyze) (#1810)
* fix: clean up command templates (specify, analyze)
- specify.md: fix self-referential step number (step 6c → proceed to step 7)
- specify.md: remove empty "General Guidelines" heading before "Quick Guidelines"
- analyze.md: deduplicate {ARGS} — already present in "User Input" section at top
* fix: restore ## Context heading in analyze template
Address PR review feedback from @dhilipkumars: keep the ## Context
markdown heading to preserve structural hierarchy for LLM parsing.
* fix: harden bash scripts against shell injection and improve robustness (#1809)
- Replace eval of unquoted get_feature_paths output with safe pattern:
capture into variable, check return code, then eval quoted result
- Use printf '%q' in get_feature_paths to safely emit shell assignments,
preventing injection via paths containing quotes or metacharacters
- Add json_escape() helper for printf JSON fallback paths, handling
backslash, double-quote, and control characters when jq is unavailable
- Use jq -cn for safe JSON construction with proper escaping when
available, with printf + json_escape() fallback
- Replace declare -A (bash 4+) with indexed array for bash 3.2
compatibility (macOS default)
- Use inline command -v jq check in create-new-feature.sh since it
does not source common.sh
- Guard trap cleanup against re-entrant invocation by disarming traps
at entry
- Use printf '%q' for shell-escaped branch names in user-facing output
- Return failure instead of silently returning wrong path on ambiguous
spec directory matches
- Deduplicate agent file updates via realpath to prevent multiple writes
to the same file (e.g. AGENTS.md aliased by multiple variables)
* Add specify doctor command for project health diagnostics (#1828)
* Add specify doctor command for project health diagnostics
* Add tests for specify doctor command
* Document specify doctor command in README
* Revert "Document specify doctor command in README"
This reverts commit c1cfd061293ac5c82acb11d8dcbd07d993ce6b48.
* Revert "Add tests for specify doctor command"
This reverts commit 65e12fb62b7f3611a6598ec41a59c8bf681fe607.
* Revert "Add specify doctor command for project health diagnostics"
This reverts commit d5bd93248ae05c31ad2ad012983c0f87956dc417.
* Add doctor extension to community catalog
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix: match 'Last updated' timestamp with or without bold markers (#1836)
The template outputs plain text `Last updated: [DATE]` but both
update-agent-context scripts only matched `**Last updated**: [DATE]`
(bold Markdown). Make the bold markers optional in the regex so the
timestamp is refreshed regardless of formatting.
Co-authored-by: easonysliu <easonysliu@tencent.com>
Co-authored-by: Claude (claude-opus-4-6) <noreply@anthropic.com>
* feat(presets): Pluggable preset system with catalog, resolver, and skills propagation (#1787)
* Initial plan
* feat(templates): add pluggable template system with packs, catalog, resolver, and CLI commands
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
* test(templates): add comprehensive unit tests for template pack system
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
* feat(presets): pluggable preset system with template/command overrides, catalog, and resolver
- Rename 'template packs' to 'presets' to avoid naming collision with core templates
- PresetManifest, PresetRegistry, PresetManager, PresetCatalog, PresetResolver in presets.py
- Extract CommandRegistrar to agents.py as shared infrastructure
- CLI: specify preset list/add/remove/search/resolve/info
- CLI: specify preset catalog list/add/remove
- --preset option on specify init
- Priority-based preset stacking (--priority, lower = higher precedence)
- Command overrides registered into all detected agent directories (17+ agents)
- Extension command safety: skip registration if target extension not installed
- Multi-catalog support: env var, project config, user config, built-in defaults
- resolve_template() / Resolve-Template in bash/PowerShell scripts
- Self-test preset: overrides all 6 core templates + 1 command
- Scaffold with 4 examples: core/extension template and command overrides
- Preset catalog (catalog.json, catalog.community.json)
- Documentation: README.md, ARCHITECTURE.md, PUBLISHING.md
- 110 preset tests, 253 total tests passing
* feat(presets): propagate command overrides to skills via init-options
- Add save_init_options() / load_init_options() helpers that persist
CLI flags from 'specify init' to .specify/init-options.json
- PresetManager._register_skills() overwrites SKILL.md files when
--ai-skills was used during init and corresponding skill dirs exist
- PresetManager._unregister_skills() restores core template content
on preset removal
- registered_skills stored in preset registry metadata
- 8 new tests covering skill override, skip conditions, and restore
* fix: address PR check failures (ruff F541, CodeQL URL substring)
- Remove extraneous f-prefix from two f-strings without placeholders
- Replace substring URL check in test with startswith/endswith assertions
to satisfy CodeQL incomplete URL substring sanitization rule
* fix: address Copilot PR review comments
- Move save_init_options() before preset install so skills propagation
works during 'specify init --preset --ai-skills'
- Clean up downloaded ZIP after successful preset install during init
- Validate --from URL scheme (require HTTPS, HTTP only for localhost)
- Expose unregister_commands() on extensions.py CommandRegistrar wrapper
instead of reaching into private _registrar field
- Use _get_merged_packs() for search() and get_pack_info() so all
active catalogs are searched, not just the highest-priority one
- Fix fetch_catalog() cache to verify cached URL matches current URL
- Fix PresetResolver: script resolution uses .sh extension, consistent
file extensions throughout resolve(), and resolve_with_source()
delegates to resolve() to honor template_type parameter
- Fix bash common.sh: fall through to directory scan when python3
returns empty preset list
- Fix PowerShell Resolve-Template: filter out dot-folders and sort
extensions deterministically
* fix: narrow empty except blocks and add explanatory comments
* fix: address Copilot PR review comments (round 2)
- Fix init --preset error masking: distinguish "not found" from real errors
- Fix bash resolve_template: skip hidden dirs in extensions (match Python/PS)
- Fix temp dir leaks in tests: use temp_dir fixture instead of mkdtemp
- Fix self-test catalog entry: add note that it's local-only (no download_url)
- Fix Windows path issue in resolve_with_source: use Path.relative_to()
- Fix skill restore path: use project's .specify/templates/commands/ not source tree
- Add encoding="utf-8" to all file read/write in agents.py
- Update test to set up core command templates for skill restoration
* fix: remove self-test from catalog.json (local-only preset)
* fix: address Copilot PR review comments (round 3)
- Fix PS Resolve-Template fallback to skip dot-prefixed dirs (.cache)
- Rename _catalog to _catalog_name for consistency with extension system
- Enforce install_allowed policy in CLI preset add and download_pack()
- Fix shell injection: pass registry path via env var instead of string interpolation
* fix: correct PresetError docstring from template to preset
* Removed CHANGELOG requirement
* Applying review recommendations
* Applying review recommendations
* Applying review recommendations
* Applying review recommendations
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
* chore: bump version to 0.3.0 (#1839)
* chore: bump version to 0.3.0
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* feat: Add DocGuard CDD enforcement extension to community catalog (#1838)
* feat: add DocGuard CDD enforcement extension to community catalog
DocGuard is a Canonical-Driven Development enforcement tool that generates,
validates, scores, and traces project documentation against 51 automated checks.
Provides 6 commands:
- guard: 51-check validation with quality labels
- diagnose: AI-ready fix prompts
- score: CDD maturity scoring (0-100)
- trace: ISO 29119 traceability matrix
- generate: Reverse-engineer docs from codebase
- init: Initialize CDD with compliance profiles
Features:
- Zero dependencies (pure Node.js)
- Config-aware traceability (respects .docguard.json)
- Orphan file detection
- Research-backed (AITPG/TRACE, IEEE TSE/TMLCN 2026)
npm: https://www.npmjs.com/package/docguard-cli
GitHub: https://github.com/raccioly/docguard
* fix: use release asset URL for download_url
The source archive URL nests files under a subdirectory, so the
Spec Kit installer cannot find extension.yml at the archive root.
Switch to a release asset ZIP built from the extension directory.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* docs: add DocGuard to community extensions README table
* chore: update DocGuard entry to v0.8.0 (92 checks)
* chore: update DocGuard description (51→92 checks)
---------
Co-authored-by: Ricardo Accioly <ricardoaccioly@RAccioly-J0CWDQ4MXV.attlocal.net>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* feat(extensions): add Archive and Reconcile extensions to community catalog (#1844)
* feat(extensions): add reconcile and archive to community catalog
* Update extension link text and add changelogs
Normalize extension link text in extensions/README.md (replace `[@stn1slv]` with `spec-kit-archive` and `spec-kit-reconcile`) and add CHANGELOG URLs to the corresponding entries in extensions/catalog.community.json for the Archive and Reconcile extensions.
---------
Co-authored-by: Stanislav Deviatov <stn1slv@users.noreply.github.com>
* fix(extensions): show extension ID in list output (#1843)
Display the extension ID below the name in `specify extension list` output.
This allows users to easily copy the ID when disambiguation is needed.
Fixes #1832
Co-authored-by: iamaeroplane <michal.bachorik@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* Feature: add specify status command (#1837)
* feat: add specify status command with project info, agent detection, and feature detection
* feat: add SDD artifacts check and task progress parsing to specify status
* feat: add workflow phase detection and extensions summary to specify status
* Revert "feat: add workflow phase detection and extensions summary to specify status"
This reverts commit 1afe3c52af3485b1e73cd3d852311c1e71fbf56c.
* Revert "feat: add SDD artifacts check and task progress parsing to specify status"
This reverts commit 3be36f87593db6c76b85a904893458600c6fc72e.
* Revert "feat: add specify status command with project info, agent detection, and feature detection"
This reverts commit 681dc46af9baa707d4de3dae1ad706b9756a9de4.
* feat: add spec-kit-status extension to community catalog
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Revert "Potential fix for pull request finding"
This reverts commit 040447be03f7adeb9706528fc775a3a912015dbe.
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com>
* chore: update DocGuard extension to v0.9.8 (#1859)
* chore: update DocGuard to v0.9.7
* docs: update DocGuard description in extensions table
* chore: update DocGuard to v0.9.8
---------
Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com>
* docs: add Go / React brownfield walkthrough to community walkthroughs (#1868)
Closes #1390
* Add cognitive-squad to community extension catalog (#1870)
- Extension ID: cognitive-squad
- Version: 0.1.0
- Author: Testimonial
- 19-function cognitive agent squad for autonomous pre-code analysis
- 7 core agents, 7 specialists, 4 learning functions, feedback loop
- Requires: spec-kit >=0.3.0, optionally understanding >=3.4.0
Repository: https://github.com/Testimonial/cognitive-squad
Co-authored-by: Ladislav Bihari <ladislav.bihari@statsperform.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(scripts): harden bash scripts — escape, compat, and error handling (#1869)
* fix(scripts): harden bash scripts with escape, compat, and cleanup fixes
- common.sh: complete RFC 8259 JSON escape (\b, \f, strip control chars)
- common.sh: distinguish python3 success-empty vs failure in resolve_template
- check-prerequisites.sh: escape doc names through json_escape in fallback path
- create-new-feature.sh: remove duplicate json_escape (already in common.sh)
- create-new-feature.sh: warn on stderr when spec template is not found
- update-agent-context.sh: move nested function to top-level for bash 3.2 compat
* fix(scripts): explicit resolve_template return code and best-effort agent updates
- common.sh: resolve_template now returns 1 when no template is found,
making the "not found" case explicit instead of relying on empty stdout
- setup-plan.sh, create-new-feature.sh: add || true to resolve_template
calls so set -e does not abort on missing templates (non-fatal)
- update-agent-context.sh: accumulate errors in update_all_existing_agents
instead of silently discarding them — all agents are attempted and the
composite result is returned, matching the PowerShell equivalent behavior
* style(scripts): add clarifying comment in resolve_template preset branch
* fix(scripts): wrap python3 call in if-condition to prevent set -e abort
Move the python3 command substitution in resolve_template into an
if-condition so that a non-zero exit (e.g. invalid .registry JSON)
does not abort the function under set -e. The fallback directory
scan now executes as intended regardless of caller errexit settings.
* fix(scripts): track agent file existence before update and avoid top-level globals
- _update_if_new now records the path and sets _found_agent before calling
update_agent_file, so that failures do not cause duplicate attempts on
aliased paths (AMP/KIRO/BOB -> AGENTS_FILE) or false "no agent files
found" fallback triggers
- Remove top-level initialisation of _updated_paths and _found_agent;
they are now created exclusively inside update_all_existing_agents,
keeping the script side-effect free when sourced
* fix(scripts): suppress stdout from git fetch in create-new-feature.sh (#1876)
In multi-remote environments, `git fetch --all` outputs messages like
"Fetching origin" to stdout. Since `check_existing_branches()` only
redirected stderr (`2>/dev/null`), the stdout output was captured by
the `$(...)` command substitution calling this function, contaminating
the branch number return value and causing arithmetic errors like
`$((10#Fetching...))`.
Fix: redirect both stdout and stderr to /dev/null (`>/dev/null 2>&1`).
* feat(extensions,presets): add priority-based resolution ordering (#1855)
* feat(extensions,presets): add priority-based resolution ordering
Add priority field to extension and preset registries for deterministic
template resolution when multiple sources provide the same template.
Extensions:
- Add `list_by_priority()` method to ExtensionRegistry
- Add `--priority` option to `extension add` command
- Add `extension set-priority` command
- Show priority in `extension list` and `extension info`
- Preserve priority during `extension update`
- Update RFC documentation
Presets:
- Add `preset set-priority` command
- Show priority in `preset info` output
- Use priority ordering in PresetResolver for extensions
Both systems:
- Lower priority number = higher precedence (default: 10)
- Backwards compatible with legacy entries (missing priority defaults to 10)
- Comprehensive test coverage including backwards compatibility
Closes #1845
Closes #1854
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address code review feedback
- list_by_priority(): add secondary sort by ID for deterministic ordering,
return deep copies to prevent mutation
- install_from_directory/zip: validate priority >= 1 early
- extension add CLI: validate --priority >= 1 before install
- PresetRegistry.update(): preserve installed_at timestamp
- Test assertions: use exact source string instead of substring match
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address additional review feedback
- PresetResolver: add fallback to directory scanning when registry is
empty/corrupted for robustness and backwards compatibility
- PresetRegistry.update(): add guard to prevent injecting installed_at
when absent in existing entry (mirrors ExtensionRegistry behavior)
- RFC: update extension list example to match actual CLI output format
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: restore defensive code and RFC descriptions lost in rebase
- Restore defensive code in list_by_priority() with .get() and isinstance check
- Restore detailed --from URL and --dev option descriptions in RFC
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add defensive code to presets list_by_priority()
- Add .get() and isinstance check for corrupted/empty registry
- Move copy import to module level (remove local import)
- Matches defensive pattern used in extensions.py
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address reviewer feedback on priority resolution
- Rename _normalize_priority to normalize_priority (public API)
- Add comprehensive tests for normalize_priority function (9 tests)
- Filter non-dict metadata entries in list_by_priority() methods
- Fix extension priority resolution to merge registered and unregistered
extensions into unified sorted list (unregistered get implicit priority 10)
- Add tests for extension priority resolution ordering (4 tests)
The key fix ensures unregistered extensions with implicit priority 10
correctly beat registered extensions with priority > 10, and vice versa.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: DRY refactor and strengthen test assertions
- Extract _get_all_extensions_by_priority() helper in PresetResolver
to eliminate duplicated extension list construction
- Add priority=10 assertion to test_legacy_extension_without_priority_field
- Add priority=10 assertion to test_legacy_preset_without_priority_field
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add isinstance(dict) checks for corrupted registry entries
Add defensive checks throughout CLI commands and manager methods
to handle cases where registry entries may be corrupted (non-dict
values). This prevents AttributeError when calling .get() on
non-dict metadata.
Locations fixed:
- __init__.py: preset/extension info, set-priority, enable/disable,
upgrade commands
- extensions.py: list_installed()
- presets.py: list_installed()
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: normalize priority display to match resolution behavior
Use normalize_priority() for all priority display in CLI commands
to ensure displayed values match actual resolution behavior when
registry data is corrupted/hand-edited.
Locations fixed:
- extensions.py: list_installed()
- presets.py: list_installed(), PresetResolver
- __init__.py: preset info, extension info, set-priority commands
Also added GraphQL query for unresolved PR comments to CLAUDE.md.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: repair corrupted priority values in set-priority commands
Changed set-priority commands to check if the raw stored value is
already a valid int equal to the requested priority before skipping.
This ensures corrupted values (e.g., "high") get repaired even when
setting to the default priority (10).
Also removed CLAUDE.md that was accidentally added to the repo.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: harden registry update methods against corrupted entries
- Normalize priority when restoring during extension update to prevent
propagating corrupted values (e.g., "high", 0, negative)
- Add isinstance(dict) checks in ExtensionRegistry.update() and
PresetRegistry.update() to handle corrupted entries (string/list)
that would cause TypeError on merge
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: use safe fallback for version in list_installed()
When registry entry is corrupted (non-dict), metadata becomes {} after
the isinstance check. Use metadata.get("version", manifest.version)
instead of metadata["version"] to avoid KeyError.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: iamaeroplane <michal.bachorik@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(cli): polite deep merge for settings.json and support JSONC (#1874)
* feat(cli): polite deep merge for settings.json with json5 and safe atomic write
* fix(cli): prevent temp fd leak and align merge-policy docs
* feat: add Trae IDE support as a new agent (#1817)
* feat: add Trae IDE support as a new agent
Add Trae (https://www.trae.ai/) as a supported AI agent in spec-kit.
Trae is an IDE-based agent that uses .trae/rules/ directory for
project-level rules in Markdown format.
Changes across 9 files:
- src/specify_cli/__init__.py: Add trae to AGENT_CONFIG (IDE-based,
.trae/ folder, rules subdir, no CLI required)
- src/specify_cli/extensions.py: Add trae to CommandRegistrar.AGENT_CONFIGS
(.trae/rules, markdown format, .md extension)
- README.md: Add Trae to supported agents table, CLI examples, and
--ai option description
- .github/workflows/scripts/create-release-packages.sh: Add trae to
ALL_AGENTS array and build case statement
- .github/workflows/scripts/create-release-packages.ps1: Add trae to
AllAgents array and switch statement
- .github/workflows/scripts/create-github-release.sh: Add trae template
zip files to release assets
- scripts/bash/update-agent-context.sh: Add TRAE_FILE, trae case in
update function, and auto-detect block
- scripts/powershell/update-agent-context.ps1: Add TRAE_FILE, ValidateSet
entry, switch case, and auto-detect block
- tests/test_agent_config_consistency.py: Add 8 consistency tests for
trae following established kimi/tabnine patterns
* fix: correct Generate-Commands parameter names for trae in PowerShell release script
Fix incorrect parameter names in the trae case of Build-Variant:
- -Format -> -Extension
- -ArgsToken -> -ArgFormat
- -OutDir -> -OutputDir
These now match the Generate-Commands function signature and all other
agent entries in the script.
Co-authored-by: Copilot <copilot@github.com>
* Update release packaging scripts and agent docs
* Update Agent.md
* Restore format
* Adjust order
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Unused
* fix: add TRAE_FILE to update_all_existing_agents() for auto-detect support
Add missing update_if_new call for TRAE_FILE in the bash
update-agent-context.sh script's update_all_existing_agents()
function, matching the PowerShell implementation.
This ensures running the script without arguments will correctly
auto-detect and update existing Trae agent files.
* Add configuration for 'trae' in agents.py
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Refactor trae configuration test for clarity
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Update update-agent-context.sh
* Fix formatting in update-agent-context.sh
---------
Co-authored-by: root <root@g340-cd52-700-60f9-5561-211-6c32.byted.org>
Co-authored-by: root <root@g340-cd52-700-c3d1-c735-796-4b9e.byted.org>
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix(ai-skills): exclude non-speckit copilot agent markdown from skill… (#1867)
* fix(ai-skills): exclude non-speckit copilot agent markdown from skill generation
* Potential fix for pull request finding
Fix missing `.agent` filename suffix
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Fix test assertion speckit.plan.md to speckit.plan.agent
Fix test assertion speckit.plan.md to speckit.plan.agent
* Fix filter glob based on review suggestions
fix(ai-skills): normalize Copilot .agent template names and align template fallback filtering
* Add template glob for fallback directory
* GH Copilot Suggestions
Clarify comment regarding Copilot's use of templates in tests.
Add extra test assertion
* fix(ai-skills): normalize Copilot .agent templates and preserve fallback behavior
fix(ai-skills): handle Copilot .agent templates and fallback filtering
Normalize Copilot command template names by stripping the .agent suffix
when deriving skill names and metadata sources, so files like
speckit.plan.agent.md produce speckit-plan and map to plan.md metadata.
Also align Copilot template discovery with speckit.* filtering while
preserving fallback to templates/commands/ when .github/agents contains
only user-authored markdown files, and add regression coverage for both
non-speckit agent exclusion and fallback behavior.
* fix(ai-skills): ignore non-speckit markdown commands
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* docs: add greenfield Spring Boot pirate-speak preset demo to README (#1878)
* chore: bump version to 0.3.1 (#1880)
* chore: bump version to 0.3.1
* fix: correct 0.3.1 CHANGELOG.md entries (#1882)
* Initial plan
* fix: correct 0.3.1 CHANGELOG.md entries - fix truncated title and remove duplicates
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
* feat: register spec-kit-learn extension (#1883)
* feat: register spec-kit-learn extension
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
resolve copilot review
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Feature/spec kit add pi coding agent pullrequest (#1853)
* feat(ai): add native support for Pi coding agent by pi+gpt 5.4
* docs(pi): document MCP limitations for Pi agent
* fix: unitended kimi agent mention added to update-agent-context.ps1
* fix: address reviewer feedback
* Apply suggestions from code review
Changes in AGENTS.md weren't part of my PR, but the Copilot feedback seems to be correct is correct. I've doublechecked it with contents of test_agent_config_consistency.py and create-release-packages scripts
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* chore: update DocGuard extension to v0.9.10 (#1890)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* fix(scripts): encode residual JSON control chars as \uXXXX instead of stripping (#1872)
* fix(scripts): encode residual control chars as \uXXXX instead of stripping
json_escape() was silently deleting control characters (U+0000-U+001F)
that were not individually handled (\n, \t, \r, \b, \f). Per RFC 8259,
these must be encoded as \uXXXX sequences to preserve data integrity.
Replace the tr -d strip with a char-by-char loop that emits proper
\uXXXX escapes for any remaining control characters.
* fix(scripts): address Copilot review on json_escape control char loop
- Set LC_ALL=C for the entire loop (not just printf) so that ${#s} and
${s:$i:1} operate on bytes deterministically across locales
- Fix comment: U+0000 (NUL) cannot exist in bash strings, range is
U+0001-U+001F; adjust code guard accordingly (code >= 1)
- Emit directly to stdout instead of accumulating in a variable,
avoiding quadratic string concatenation on longer inputs
* perf(scripts): use printf -v to avoid subshell in json_escape loop
Replace code=$(printf ...) with printf -v code to assign the character
code without spawning a subshell on every byte, reducing overhead for
longer inputs.
* fix(scripts): add explicit positional binding to PowerShell create-new-feature params (#1885)
The $Number (Int32) parameter was implicitly receiving positional
arguments intended for $FeatureDescription, causing a
ParameterBindingArgumentTransformationException when AI agents
called the script with positional strings.
Add [Parameter(Position = 0)] to $FeatureDescription so it binds
first, and mark $Number with [Parameter()] (no Position) so it
only binds by name (-Number N).
Fixes #1879
Co-authored-by: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: register spec-kit-iterate extension (#1887)
* feat: register spec-kit-iterate extension
* fix: copilot review
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Update cognitive-squad catalog entry — Triadic Model, full lifecycle (#1884)
Updated description to version-independent wording:
"Multi-agent cognitive system with Triadic Model: understanding,
internalization, application — with quality gates, backpropagation
verification, and self-healing"
Changes:
- description: version-independent (no counts)
- provides.commands: 7 → 10
- tags: pre-code,analysis → full-lifecycle,verification
- updated_at: bumped to 2026-03-18
Co-authored-by: Ladislav Bihari <ladislav.bihari@statsperform.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* chore: update DocGuard extension to v0.9.11 (#1899)
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* docs: Add Extensions & Presets section to README (#1898)
* docs: add Extensions & Presets section to README
Add a new 'Making Spec Kit Your Own: Extensions & Presets' section that covers:
- Layering diagram (Mermaid) showing resolution order
- Extensions: what they are, when to use, examples
- Presets: what they are, when to use, examples
- When-to-use-which comparison table
- Links to extensions/README.md and presets/README.md
* docs: clarify project-local overrides in layering diagram
Address review feedback: explain the project-local overrides layer
shown in the diagram, and adjust the intro to acknowledge it as a
third customization mechanism alongside extensions and presets.
* docs: Clarify template vs command resolution in README
- Separate template resolution (top-down, first-match-wins stack) from
command registration (written directly into agent directories)
- Update Mermaid diagram paths to use <preset-id> and <ext-id>
placeholders consistent with existing documentation
Addresses PR review feedback on #1898.
* docs: Clarify install-time vs runtime resolution for commands and templates
- README: label templates as runtime-resolved (stack walk) and commands
as install-time (copied into agent directories, last-installed wins)
- presets/README: add runtime note to template resolution, contrast with
install-time command registration
* docs: Address review — fix template copy wording, tighten command override description
- presets/README: clarify that preset files are copied at install but
template resolution still walks the stack at runtime
- README: describe priority-based command resolution and automatic
restoration on removal instead of vague 'replacing whatever was there'
* docs(catalog): add speckit-utils to community catalog (#1896)
* docs(catalog): add speckit-utils to community catalog
Adds SDD Utilities extension (resume, doctor, validate) to the
community catalog and README table. Hosted at mvanhorn/speckit-utils.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Bump catalog updated_at to current date
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com>
* feat(commands): wire before/after hook events into specify and plan templates (#1886)
* feat(commands): wire before/after hook events into specify and plan templates
Replicates the hook evaluation pattern from tasks.md and implement.md
(introduced in PR #1702) into the specify and plan command templates.
This completes the hook lifecycle across all SDD phases.
Changes:
- specify.md: Add before_specify/after_specify hook blocks
- plan.md: Add before_plan/after_plan hook blocks
- EXTENSION-API-REFERENCE.md: Document new hook events
- EXTENSION-USER-GUIDE.md: List all available hook events
Fixes #1788
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Mark before_commit/after_commit as planned in extension docs
These hook events are defined in the API reference but not yet wired
into any core command template. Marking them as planned rather than
removing them, since the infrastructure supports them.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Fix hook enablement to default true when field is absent
Matches HookExecutor.get_hooks_for_event() semantics where
hooks without an explicit enabled field are treated as enabled.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(docs): mark commit hooks as planned in user guide config example
The yaml config comment listed before_commit/after_commit as
"Available events" but they are not yet wired into core templates.
Moved them to a separate "Planned" line, consistent with the
API reference.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(commands): align enabled-filtering semantics across all hook templates
tasks.md and implement.md previously said "Filter to only hooks where
enabled: true", which would skip hooks that omit the enabled field.
Updated to match specify.md/plan.md and HookExecutor's h.get('enabled', True)
behavior: filter out only hooks where enabled is explicitly false.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Matt Van Horn <455140+mvanhorn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add iFlow CLI support (#1875)
Add `iflow` as a supported AI agent (the key users pass to --ai) across
all relevant configuration files, release scripts, agent context
scripts, and README. Includes consistency tests following the same
pattern as kimi/tabnine additions.
- README: describe `check` generically (git + all AGENT_CONFIG CLI agents)
- README: describe `--ai` with reference to AGENT_CONFIG for full list
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* feat(presets): add enable/disable toggle and update semantics (#1891)
* feat(presets): add enable/disable toggle and update semantics
Add preset enable/disable CLI commands and update semantics to match
the extension system capabilities.
Changes:
- Add `preset enable` and `preset disable` CLI commands
- Add `restore()` method to PresetRegistry for rollback scenarios
- Update `get()` and `list()` to return deep copies (prevents mutation)
- Update `list_by_priority()` to filter disabled presets by default
- Add input validation to `restore()` for defensive programming
- Add 16 new tests covering all functionality and edge cases
Closes #1851
Closes #1852
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address PR review - deep copy and error message accuracy
- Fix error message in restore() to match actual validation ("dict" not "non-empty dict")
- Use copy.deepcopy() in restore() to prevent caller mutation
- Apply same fixes to ExtensionRegistry for parity
- Add /defensive-check command for pre-PR validation
- Add tests for restore() validation and deep copy behavior
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* revert: remove defensive-check command from PR
* fix: address PR review - clarify messaging and add parity
- Add note to enable/disable output clarifying commands/skills remain active
- Add include_disabled parameter to ExtensionRegistry.list_by_priority for parity
- Add tests for extension disabled filtering
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address PR review - disabled extension resolution and corrupted entries
- Fix _get_all_extensions_by_priority to use include_disabled=True for tracking
registered IDs, preventing disabled extensions from being picked up as
unregistered directories
- Add corrupted entry handling to get() - returns None for non-dict entries
- Add integration tests for disabled extension template resolution
- Add tests for get() corrupted entry handling in both registries
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: handle corrupted registry in list() methods
- Add defensive handling to list() when presets/extensions is not a dict
- Return empty dict instead of crashing on corrupted registry
- Apply same fix to both PresetRegistry and ExtensionRegistry for parity
- Add tests for corrupted registry handling
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: validate top-level registry structure in get() and restore()
- get() now validates self.data["presets/extensions"] is a dict before accessing
- restore() ensures presets/extensions dict exists before writing
- Prevents crashes when registry JSON is parseable but has corrupted structure
- Applied same fixes to both PresetRegistry and ExtensionRegistry for parity
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: validate root-level JSON structure in _load() and is_installed()
- _load() now validates json.load() result is a dict before returning
- is_installed() validates presets/extensions is a dict before checking membership
- Prevents crashes when registry file is valid JSON but wrong type (e.g., array)
- Applied same fixes to both registries for parity
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: normalize presets/extensions field in _load()
- _load() now normalizes the presets/extensions field to {} if not a dict
- Makes corrupted registries recoverable for add/update/remove operations
- Applied same fix to both registries for parity
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: use raw registry keys to track corrupted extensions
- Use registry.list().keys() instead of list_by_priority() for tracking
- Corrupted entries are now treated as tracked, not picked up as unregistered
- Tighten test assertion for disabled preset resolution
- Update test to match new expected behavior for corrupted entries
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: handle None metadata in ExtensionManager.remove()
- Add defensive check for corrupted metadata in remove()
- Match existing pattern in PresetManager.remove()
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: add keys() method and filter corrupted entries in list()
- Add lightweight keys() method that returns IDs without deep copy
- Update list() to filter out non-dict entries (match type contract)
- Use keys() instead of list().keys() for performance
- Fix comment to reflect actual behavior
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address defensive-check findings - deep copy, corruption guards, parity
- Extension enable/disable: use delta pattern matching presets
- add(): use copy.deepcopy(metadata) in both registries
- remove(): guard outer field for corruption in both registries
- update(): guard outer field for corruption in both registries
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: deep copy updates in update() to prevent caller mutation
Both PresetRegistry.update() and ExtensionRegistry.update() now deep
copy the input updates/metadata dict to prevent callers from mutating
nested objects after the call.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: iamaeroplane <michal.bachorik@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat(extensions): add verify-tasks extension to community catalog (#1871)
* feat(extensions): add verify-tasks extension to community catalog
- Extension ID: verify-tasks
- Version: 1.0.0
- Detects phantom completions: tasks marked [X] in tasks.md with no real implementation
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* Replace email with name in verify-tasks catalog entry
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* Add conduct extension to community catalog (#1908)
- Extension ID: conduct
- Version: 1.0.0
- Author: twbrandon7
- Description: Executes a single spec-kit phase via sub-agent delegation to reduce context pollution.
* chore: bump version to 0.3.2 (#1909)
* chore: bump version to 0.3.2
* fix: correct changelog generation — use tag sort instead of git describe, remove duplicate entries
- Replace git describe --tags --abbrev=0 with git tag --sort=-version:refname
to find the correct previous tag (git describe misses tags on unmerged
release branches)
- Change changelog section heading from '### Changed' to '### Changes'
- Remove duplicate entries from 0.3.2 that belonged to prior releases
- Clean up changelog preamble and stale entries
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* feat: migrate Codex/agy init to native skills workflow (#1906)
* feat: migrate codex and agy to native skills flow
* fix: harden codex skill frontmatter and script fallback
* fix: clarify skills separator default expansion
* fix: rewrite agent_scripts paths for codex skills
* fix: align kimi guidance and platform-aware codex fallback
* Add support for Junie (#1831)
* Add support for Junie
* Add Junie agent configuration to specify-cli
* Add support for iflow agent in context update scripts
* docs: update SUPPORT.md, fix issue templates, add preset submission template (#1910)
* docs: update SUPPORT.md, fix issue templates, add preset submission template
- SUPPORT.md: simplify structure, add Discussions link, soften response commitment
- config.yml: fix broken Extension Development Guide URL (was manfredseee → github)
- agent_request.yml: update agent list with Tabnine, Vibe, Kimi, Trae, Pi, iFlow
- preset_submission.yml: new issue template for preset catalog submissions
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* docs: add Extension Comparison Guide for community extensions (#1897)
* docs: add Extension Comparison Guide for community extensions
* docs: delete addt. doc and just add columns to readme
* feat: add timestamp-based branch naming option for `specify init` (#1911)
* feat: add timestamp-based branch naming option for specify init
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Copilot feedback
* Fix test
* Copilot feedback
* Update tests/test_branch_numbering.py
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix: Align native skills frontmatter with install_ai_skills (#1920)
* docs(sdk): align native skills frontmatter + document multi-generator drift
* fix: clarify skills frontmatter contract and AGENTS sections
* docs: update publishing guide with Category and Effect columns (#1913)
* docs: update publishing guide with Category and Effect columns
The README table now has Category and Effect columns (added in #1897),
but the publishing guide template still showed the old 3-column format.
Update to match so extension authors know to include both fields.
Made-with: Cursor
* docs: copilot comments
* ci: increase stale workflow operations-per-run to 250 (#1922)
* feat(cli): embed core pack in wheel for offline/air-gapped deployment (#1803)
* feat(cli): embed core pack in wheel + offline-first init (#1711, #1752)
Bundle templates, commands, and scripts inside the specify-cli wheel so
that `specify init` works without any network access by default.
Changes:
- pyproject.toml: add hatchling force-include for core_pack assets; bump
version to 0.2.1
- __init__.py: add _locate_core_pack(), _generate_agent_commands() (Python
port of generate_commands() shell function), and scaffold_from_core_pack();
modify init() to scaffold from bundled assets by default; add --from-github
flag to opt back in to the GitHub download path
- release.yml: build wheel during CI release job
- create-github-release.sh: attach .whl as a release asset
- docs/installation.md: add Enterprise/Air-Gapped Installation section
- README.md: add Option 3 enterprise install with accurate offline story
Closes #1711
Addresses #1752
* fix(tests): update kiro alias test for offline-first scaffold path
* feat(cli): invoke bundled release script at runtime for offline scaffold
- Embed release scripts (bash + PowerShell) in wheel via pyproject.toml
- Replace Python _generate_agent_commands() with subprocess invocation of
the canonical create-release-packages.sh, guaranteeing byte-for-byte
parity between 'specify init --offline' and GitHub release ZIPs
- Fix macOS bash 3.2 compat in release script: replace cp --parents,
local -n (nameref), and mapfile with POSIX-safe alternatives
- Fix _TOML_AGENTS: remove qwen (uses markdown per release script)
- Rename --from-github to --offline (opt-in to bundled assets)
- Add _locate_release_script() for cross-platform script discovery
- Update tests: remove bash 4+/GNU coreutils requirements, handle
Kimi directory-per-skill layout, 576 tests passing
- Update CHANGELOG and docs/installation.md
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix(offline): error out if --offline fails instead of falling back to network
- _locate_core_pack() docstring now accurately describes that it only
finds wheel-bundled core_pack/; source-checkout fallback lives in callers
- init() --offline + no bundled assets now exits with a clear error
(previously printed a warning and silently fell back to GitHub download)
- init() scaffold failure under --offline now exits with an error
instead of retrying via download_and_extract_template
Addresses reviewer comment: https://github.com/github/spec-kit/pull/1803
* fix(offline): address PR review comments
- fix(shell): harden validate_subset against glob injection in case patterns
- fix(shell): make GENRELEASES_DIR overridable via env var for test isolation
- fix(cli): probe pwsh then powershell on Windows instead of hardcoding pwsh
- fix(cli): remove unreachable fallback branch when --offline fails
- fix(cli): improve --offline error message with common failure causes
- fix(release): move wheel build step after create-release-packages.sh
- fix(docs): add --offline to installation.md air-gapped example
- fix(tests): remove unused genreleases_dir param from _run_release_script
- fix(tests): rewrite parity test to run one agent at a time with isolated
temp dirs, preventing cross-agent interference from rm -rf
* fix(offline): address second round of review comments
- fix(shell): replace case-pattern membership with explicit loop + == check
for unambiguous glob-safety in validate_subset()
- fix(cli): require pwsh (PowerShell 7) only; drop powershell (PS5) fallback
since the bundled script uses #requires -Version 7.0
- fix(cli): add bash and zip preflight checks in scaffold_from_core_pack()
with clear error messages if either is missing
- fix(build): list individual template files in pyproject.toml force-include
to avoid duplicating templates/commands/ in the wheel
* fix(offline): address third round of review comments
- Add 120s timeout to subprocess.run in scaffold_from_core_pack to prevent
indefinite hangs during offline scaffolding
- Add test_pyproject_force_include_covers_all_templates to catch missing
template files in wheel bundling
- Tighten kiro alias test to assert specific scaffold path (download vs offline)
* fix(offline): address Copilot review round 4
- fix(offline): use handle_vscode_settings() merge for --here --offline
to prevent data loss on existing .vscode/settings.json
- fix(release): glob wheel filename in create-github-release.sh instead
of hardcoding version, preventing upload failures on version mismatch
- docs(release): add comment noting pyproject.toml version is synced by
release-trigger.yml before the tag is pushed
* fix(offline): address review round 5 + offline bundle ZIP
- fix(offline): pwsh-only, no powershell.exe fallback; clarify error message
- fix(offline): tighten _has_bundled to check scripts dir for source checkouts
- feat(release): build specify-bundle-v*.zip with all deps at release time
- feat(release): attach offline bundle ZIP to GitHub release assets
- docs: simplify air-gapped install to single ZIP download from releases
- docs: add Windows PowerShell 7+ (pwsh) requirement note
* fix(tests): session-scoped scaffold cache + timeout + dead code removal
- Add timeout=300 and returncode check to _run_release_script() to fail
fast with clear output on script hangs or failures
- Remove unused import specify_cli, _SOURCE_TEMPLATES, bundled_project fixture
- Add session-scoped scaffolded_sh/scaffolded_ps fixtures that scaffold
once per agent and reuse the output directory across all invariant tests
- Reduces test_core_pack_scaffold runtime from ~175s to ~51s (3.4x faster)
- Parity tests still scaffold independently for isolation
* fix(offline): remove wheel from release, update air-gapped docs to use pip download
* fix(tests): handle codex skills layout and iflow agent in scaffold tests
Codex now uses create_skills() with hyphenated separator (speckit-plan/SKILL.md)
instead of generate_commands(). Update _SKILL_AGENTS, _expected_ext, and
_list_command_files to handle both codex ('-') and kimi ('.') skill agents.
Also picks up iflow as a new testable agent automatically via AGENT_CONFIG.
* fix(offline): require wheel core_pack for --offline, remove source-checkout fallback
--offline now strictly requires _locate_core_pack() to find the wheel's
bundled core_pack/ directory. Source-checkout fallbacks are no longer
accepted at the init() level — if core_pack/ is missing, the CLI errors
out with a clear message pointing to the installation docs.
scaffold_from_core_pack() retains its internal source-checkout fallbacks
so parity tests can call it directly from a source checkout.
* fix(offline): remove stale [Unreleased] CHANGELOG section, scope httpx.Client to download path
- Remove entire [Unreleased] section — CHANGELOG is auto-generated at release
- Move httpx.Client into use_github branch with context manager so --offline
path doesn't allocate an unused network client
* fix(offline): remove dead --from-github flag, fix typer.Exit handling, add page templates validation
- Remove unused --from-github CLI option and docstring example
- Add (typer.Exit, SystemExit) re-raise before broad except Exception
to prevent duplicate error panel on offline scaffold failure
- Validate page templates directory exists in scaffold_from_core_pack()
to fail fast on incomplete wheel installs
- Fix ruff lint: remove unused shutil import, remove f-prefix on
strings without placeholders in test_core_pack_scaffold.py
* docs(offline): add v0.6.0 deprecation notice with rationale
- Help text: note bundled assets become default in v0.6.0
- Docstring: explain why GitHub download is being retired (no network
dependency, no proxy/firewall issues, guaranteed version match)
- Runtime nudge: when bundled assets are available but user takes the
GitHub download path, suggest --offline with rationale
- docs/installation.md: add deprecation notice with full rationale
* fix(offline): allow --offline in source checkouts, fix CHANGELOG truncation
- Simplify use_github logic: use_github = not offline (let
scaffold_from_core_pack handle fallback to source-checkout paths)
- Remove hard-fail when core_pack/ is absent — scaffold_from_core_pack
already falls back to repo-root templates/scripts/commands
- Fix truncated 'skill…' → 'skills' in CHANGELOG.md
* fix(offline): sandbox GENRELEASES_DIR and clean up on failure
- Pin GENRELEASES_DIR to temp dir in scaffold_from_core_pack() so a
user-exported value cannot redirect output or cause rm -rf outside
the sandbox
- Clean up partial project directory on --offline scaffold failure
(same behavior as the GitHub-download failure path)
* fix(tests): use shutil.which for bash discovery, add ps parity tests
- _find_bash() now tries shutil.which('bash') first so non-standard
install locations (Nix, custom CI images) are found
- Parametrize parity test over both 'sh' and 'ps' script types to
ensure PowerShell variant stays byte-for-byte identical to release
script output (353 scaffold tests, 810 total)
* fix(tests): parse pyproject.toml with tomllib, remove unused fixture
- Use tomllib to parse force-include keys from the actual TOML table
instead of raw substring search (avoids false positives)
- Remove unused source_template_stems fixture from
test_scaffold_command_dir_location
* fix: guard GENRELEASES_DIR against unsafe values, update docstring
- Add safety check in create-release-packages.sh: reject empty, '/',
'.', '..' values for GENRELEASES_DIR before rm -rf
- Strip trailing slash to avoid path surprises
- Update scaffold_from_core_pack() docstring to accurately describe
all failure modes (not just 'assets not found')
* fix: harden GENRELEASES_DIR guard, cache parity tests, safe iterdir
- Reject '..' path segments in GENRELEASES_DIR to prevent traversal
- Session-cache both scaffold and release-script results in parity
tests — runtime drops from ~74s to ~45s (40% faster)
- Guard cmd_dir.iterdir() in assertion message against missing dirs
* fix(tests): exclude YAML frontmatter source metadata from path rewrite check
The codex and kimi SKILL.md files have 'source: templates/commands/...'
in their YAML frontmatter — this is provenance metadata, not a runtime
path that needs rewriting. Strip frontmatter before checking for bare
scripts/ and templates/ paths.
* fix(offline): surface scaffold failure detail in error output
When --offline scaffold fails, look up the tracker's 'scaffold' step
detail and print it alongside the generic error message so users see
the specific root cause (e.g. missing zip/pwsh, script stderr).
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* fix(codex): native skills fallback refresh + legacy prompt suppression (#1930)
* fix(codex): skip legacy prompts and fallback when bundled skills missing
* fix(skills): allow native fallback to overwrite existing SKILL.md
* fix(codex): defer legacy .codex cleanup until after skills fallback
* fix(codex): preserve existing .codex while skipping legacy prompt extraction
* docs(skills): clarify overwrite_existing behavior
* test(codex): cover fresh-dir suppression of legacy .codex layout
* docs(codex): clarify skip_legacy_codex_prompts suppresses full .codex dir
* security(init): validate zip member paths before extraction
* fix(cli): add allow_unicode=True and encoding="utf-8" to YAML I/O (#1936)
None of the yaml.dump() calls specify allow_unicode=True, causing
non-ASCII characters in extension descriptions to be escaped to
\uXXXX sequences in generated .agent.md frontmatter and config files.
Add allow_unicode=True to all 6 yaml.dump() call sites, and
encoding="utf-8" to all corresponding write_text() and read_text()
calls to ensure consistent UTF-8 handling across platforms.
* chore: bump version to 0.4.0 (#1937)
* chore: bump version to 0.4.0
* fix: restore newest-first ordering in CHANGELOG.md for v0.4.0 (#1938)
* Initial plan
* fix: move 0.4.0 section above 0.3.2 to restore newest-first ordering in CHANGELOG.md
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
Agent-Logs-Url: https://github.com/github/spec-kit/sessions/1c1787ad-64df-4b8c-bd32-0bc5198f5029
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com>
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
* fix(templates): add missing Assumptions section to spec template (#1939)
* docs: add AIDE extension demo to community projects (#1943)
Add the AIDE extension demo to the community projects section,
showcasing a Spring Boot + React project that uses a custom
extension with an alternative spec-driven workflow featuring
a 7-step iterative lifecycle.
* fix(scripts): prioritize .specify over git for repo root detection (#1933)
* fix(scripts): prioritize .specify over git for repo root detection
When spec-kit is initialized in a subdirectory that doesn't have its
own .git, but a parent directory does, spec-kit was incorrectly using
the parent's git repository root. This caused specs to be created in
the wrong location.
The fix changes repo root detection to prioritize .specify directory
over git rev-parse, ensuring spec-kit respects its own initialization
boundary rather than inheriting a parent git repo.
Fixes #1932
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: address code review feedback
- Normalize paths in find_specify_root to prevent infinite loop with relative paths
- Use -PathType Container in PowerShell to only match .specify directories
- Improve has_git/Test-HasGit to check git command availability and validate work tree
- Handle git worktrees/submodules where .git can be a file
- Remove dead fallback code in create-new-feature scripts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: check .specify before termination in find_specify_root
Fixes edge case where project root is at filesystem root (common in
containers). The loop now checks for .specify before checking the
termination condition.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: scope git operations to spec-kit root & remove unused helpers
- get_current_branch now uses has_git check and runs git with -C to
prevent using parent git repo branch names in .specify-only projects
- Same fix applied to PowerShell Get-CurrentBranch
- Removed unused find_repo_root() from create-new-feature.sh
- Removed unused Find-RepositoryRoot from create-new-feature.ps1
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: use cd -- to handle paths starting with dash
Prevents cd from interpreting directory names like -P or -L as options.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: check git command exists before calling get_repo_root in has_git
Avoids unnecessary work when git isn't installed since get_repo_root
may internally call git rev-parse.
Co-Authored-By: Claude Opus …
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
preset enableandpreset disableCLI commands for toggling presets without removalrestore()method to PresetRegistry for rollback scenariosget()andlist()to return deep copies (prevents accidental mutation)list_by_priority()to filter disabled presets by defaultAddresses
Defensive Programming
Following feedback from previous PR, this implementation includes:
restore()for None/non-dict metadataTest plan
restore(), deep copy, enable/disable CLI, corrupted state handling🤖 Generated with Claude Code