mirror of
https://github.com/github/spec-kit.git
synced 2026-07-03 12:28:06 +08:00
0c975bbef79e307b360e7946aa0551c2938443ea
262 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
6a3ee9b64e |
feat: add ZCode (Z.AI) integration (#3063)
* feat: add ZCode (Z.AI) integration Add a skills-based integration for ZCode, Z.AI's Claude-Code-style agent. ZCode uses the same SKILL.md layout as Claude Code, so spec-kit installs workflows into .zcode/skills/speckit-<name>/SKILL.md, invoked in chat as $speckit-<name>. - ZcodeIntegration(SkillsIntegration) with .zcode/ folder and --skills option - Register in INTEGRATION_REGISTRY - Catalog entry (tags: cli, skills, z-ai) - Tests via SkillsIntegrationTests mixin - Document in integrations reference and README Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix: render $speckit-* invocations for ZCode skills ZCode is documented as a skills agent invoked with $speckit-<command>, but the central invocation rendering only special-cased codex, so specify init Next Steps and extension hooks rendered the dotted /speckit.<command> form instead. Centralize the $speckit-* decision in a DOLLAR_SKILLS_AGENTS set with an is_dollar_skills_agent() helper, and route both init Next Steps and HookExecutor._render_hook_invocation through it. Add ZCode invocation regression tests mirroring the existing Codex/Kimi coverage. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> |
||
|
|
487af97864 |
feat: add specify bundle command (#3070)
* docs: dogfood Spec Kit — bundler SDD artifacts + constitution Scaffold Spec Kit (--integration copilot) and run the full SDD workflow against the `specify bundle` subcommand feature: - spec.md (4 user stories, 31 FRs, 8 success criteria) + clarifications - plan.md, research.md, data-model.md, contracts/, quickstart.md - tasks.md (43 dependency-ordered tasks, organized by user story) - Spec Kit Constitution v1.0.0 (code quality, testing, UX, performance, dependency/security principles) derived from deep codebase analysis - plan Constitution Check + tasks grounded against the ratified principles Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat(bundler): add `specify bundle` subcommand for role-based setups Implements the Spec Kit Bundler as a `specify bundle ...` subcommand group that calls existing primitive machinery in-process with zero new dependencies, per the v1.0.0 constitution (Principles I-V). Adds the `specify_cli.bundler` package (models, services, lib helpers) and the `commands/bundle` Typer group wiring search, info, list, install, update, remove, validate, build, init, and catalog list/add/remove (with --json and --offline). Includes manifest/catalog schemas, version + integration-clash gating, discovery-only refusal, idempotent install with atomic rollback, non-collateral removal, and offline-first catalog resolution. Ships an 82-test suite (contract/unit/integration), four sample role bundles (product-manager, business-analyst, security-researcher, developer), README "Bundles" docs, and an AGENTS.md pitfall on the test-venv gotcha. Marks tasks T001-T043 complete and records follow-ups T044 (live in-process primitive dispatch) and T045 (install from a local artifact path). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs(contributing): document running the full test suite via project .venv Add a "Running the full test suite" subsection under Automated checks covering `uv pip install -e ".[test]"` + `.venv/bin/python -m pytest`, with the shared/global editable-install contamination caveat that mirrors the AGENTS.md pitfall. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat(bundler): wire real in-process primitive install + local-artifact install Closes the two follow-ups left after the initial bundler landing. T044 — DefaultPrimitiveInstaller now performs real installs through existing machinery instead of raising "use the primitive command" errors: - presets/extensions install via their reusable managers (install_from_directory / install_from_zip); bundled assets install fully offline, catalog assets are fetched only when the network is allowed. - workflows/steps delegate to the existing `workflow add` / `workflow step add` command callables in-process (project root as cwd), avoiding any duplicated download/validation logic (Principle I). - `--offline` is threaded through DefaultPrimitiveInstaller(allow_network=…) so network-only kinds refuse with an actionable message rather than silently reaching out. T045 — `specify bundle install` now accepts a local path (a built .zip artifact, a bundle directory, or a bundle.yml) and installs directly without consulting the catalog stack; bundle-ids still resolve via the stack. Adds 13 tests (routing, offline gating, local-source resolution, and an end-to-end offline build → install → list → remove of the bundled agent-context extension). Bundler suite: 95 passing; ruff clean. Marks T044 and T045 complete in tasks.md. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs(bundler): append Phase 8 convergence tasks from converge assessment Ran the converge command: assessed the codebase against spec.md, plan.md, tasks.md, and the v1.0.0 constitution. Appended 7 traceable gap-closure tasks (T046–T052) as a new "Phase 8: Convergence" section. Append-only — no existing tasks were modified and no application code was changed. Findings: 1 CRITICAL (Constitution III — bundle group undocumented under docs/reference/), 3 HIGH (FR-005/SC-007 validate references; FR-009/SC-002 info expansion; FR-012 install-time init), 3 MEDIUM (FR-013 integration precedence; FR-020 surface overlaps; FR-028 update refresh). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Implement Phase 8 convergence tasks (T046–T052) Close the gaps the converge command found between the bundler spec/plan/ constitution and the code: - T046: add docs/reference/bundles.md documenting the full `specify bundle` command group; link it from docs/reference/overview.md (Constitution III). - T047: wire a reference checker into `bundle validate` (services/references.py); online runs fail and name unresolved component references, offline runs warn. - T048: expand `bundle info` to enumerate the full component set (versions, preset priority/strategy) plus the bundle integration — info == install. - T049/T050: `bundle install`/`bundle init` now scaffold an uninitialized project via the existing `specify init` machinery, choosing the integration by precedence (override → bundle-declared → Copilot + OS default script type). - T051: surface foreseeable component overlaps during info and install. - T052: `bundle update` refreshes already-installed components via a new refresh path in install_bundle, preserving primitive-level overrides. Adds unit/contract/integration coverage (107 tests pass). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * converge: append Phase 9 (T053) — surface bundle trust indicator Re-run of converge after Phase 8. The seven Phase 8 tasks are verified closed. One residual partial gap remains: the `verified`/trust indicator (FR-010, FR-027) is exposed only in `bundle info --json`, absent from `bundle search` (the primary discovery surface) and `bundle info` text. Appended as a single new task for implement to complete. Append-only; no code changed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Implement T053 — surface bundle trust indicator in discovery `bundle search` (text + JSON) and `bundle info` (text + JSON) now expose each catalog entry's verification/trust level (verified vs community), so users can judge a bundle's trust before installing, per FR-010 / FR-027. Previously `verified` was only present in `bundle info --json`. Adds contract coverage; 108 tests pass. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: dogfood Spec Kit — bundler SDD artifacts + constitution Scaffold Spec Kit (--integration copilot) and run the full SDD workflow against the `specify bundle` subcommand feature: - spec.md (4 user stories, 31 FRs, 8 success criteria) + clarifications - plan.md, research.md, data-model.md, contracts/, quickstart.md - tasks.md (43 dependency-ordered tasks, organized by user story) - Spec Kit Constitution v1.0.0 (code quality, testing, UX, performance, dependency/security principles) derived from deep codebase analysis - plan Constitution Check + tasks grounded against the ratified principles Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat(bundler): add `specify bundle` subcommand for role-based setups Implements the Spec Kit Bundler as a `specify bundle ...` subcommand group that calls existing primitive machinery in-process with zero new dependencies, per the v1.0.0 constitution (Principles I-V). Adds the `specify_cli.bundler` package (models, services, lib helpers) and the `commands/bundle` Typer group wiring search, info, list, install, update, remove, validate, build, init, and catalog list/add/remove (with --json and --offline). Includes manifest/catalog schemas, version + integration-clash gating, discovery-only refusal, idempotent install with atomic rollback, non-collateral removal, and offline-first catalog resolution. Ships an 82-test suite (contract/unit/integration), four sample role bundles (product-manager, business-analyst, security-researcher, developer), README "Bundles" docs, and an AGENTS.md pitfall on the test-venv gotcha. Marks tasks T001-T043 complete and records follow-ups T044 (live in-process primitive dispatch) and T045 (install from a local artifact path). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs(contributing): document running the full test suite via project .venv Add a "Running the full test suite" subsection under Automated checks covering `uv pip install -e ".[test]"` + `.venv/bin/python -m pytest`, with the shared/global editable-install contamination caveat that mirrors the AGENTS.md pitfall. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat(bundler): wire real in-process primitive install + local-artifact install Closes the two follow-ups left after the initial bundler landing. T044 — DefaultPrimitiveInstaller now performs real installs through existing machinery instead of raising "use the primitive command" errors: - presets/extensions install via their reusable managers (install_from_directory / install_from_zip); bundled assets install fully offline, catalog assets are fetched only when the network is allowed. - workflows/steps delegate to the existing `workflow add` / `workflow step add` command callables in-process (project root as cwd), avoiding any duplicated download/validation logic (Principle I). - `--offline` is threaded through DefaultPrimitiveInstaller(allow_network=…) so network-only kinds refuse with an actionable message rather than silently reaching out. T045 — `specify bundle install` now accepts a local path (a built .zip artifact, a bundle directory, or a bundle.yml) and installs directly without consulting the catalog stack; bundle-ids still resolve via the stack. Adds 13 tests (routing, offline gating, local-source resolution, and an end-to-end offline build → install → list → remove of the bundled agent-context extension). Bundler suite: 95 passing; ruff clean. Marks T044 and T045 complete in tasks.md. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs(bundler): append Phase 8 convergence tasks from converge assessment Ran the converge command: assessed the codebase against spec.md, plan.md, tasks.md, and the v1.0.0 constitution. Appended 7 traceable gap-closure tasks (T046–T052) as a new "Phase 8: Convergence" section. Append-only — no existing tasks were modified and no application code was changed. Findings: 1 CRITICAL (Constitution III — bundle group undocumented under docs/reference/), 3 HIGH (FR-005/SC-007 validate references; FR-009/SC-002 info expansion; FR-012 install-time init), 3 MEDIUM (FR-013 integration precedence; FR-020 surface overlaps; FR-028 update refresh). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Implement Phase 8 convergence tasks (T046–T052) Close the gaps the converge command found between the bundler spec/plan/ constitution and the code: - T046: add docs/reference/bundles.md documenting the full `specify bundle` command group; link it from docs/reference/overview.md (Constitution III). - T047: wire a reference checker into `bundle validate` (services/references.py); online runs fail and name unresolved component references, offline runs warn. - T048: expand `bundle info` to enumerate the full component set (versions, preset priority/strategy) plus the bundle integration — info == install. - T049/T050: `bundle install`/`bundle init` now scaffold an uninitialized project via the existing `specify init` machinery, choosing the integration by precedence (override → bundle-declared → Copilot + OS default script type). - T051: surface foreseeable component overlaps during info and install. - T052: `bundle update` refreshes already-installed components via a new refresh path in install_bundle, preserving primitive-level overrides. Adds unit/contract/integration coverage (107 tests pass). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * converge: append Phase 9 (T053) — surface bundle trust indicator Re-run of converge after Phase 8. The seven Phase 8 tasks are verified closed. One residual partial gap remains: the `verified`/trust indicator (FR-010, FR-027) is exposed only in `bundle info --json`, absent from `bundle search` (the primary discovery surface) and `bundle info` text. Appended as a single new task for implement to complete. Append-only; no code changed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Implement T053 — surface bundle trust indicator in discovery `bundle search` (text + JSON) and `bundle info` (text + JSON) now expose each catalog entry's verification/trust level (verified vs community), so users can judge a bundle's trust before installing, per FR-010 / FR-027. Previously `verified` was only present in `bundle info --json`. Adds contract coverage; 108 tests pass. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address PR review — annotations, Windows paths, HTTPS, errors, reproducible builds Resolves automated review feedback on github/spec-kit#3070: - validator: drop redundant string-quoting on ReferenceChecker's `str | None` return so the annotation evaluates as a real union under `from __future__ import annotations`. - adapters: normalize Windows drive-letter paths (e.g. C:\...) to the local-file branch so offline file catalogs resolve on Windows. - adapters: enforce HTTPS (HTTP only for localhost) and require a host on remote catalog URLs before any network call, mirroring specify_cli.catalogs URL validation (MITM/downgrade protection). - adapters: pass `origin` to loads_json for local files and HTTP payloads so JSON parse errors name the real source instead of <string>. - manifest: parse component `priority` defensively, raising an actionable BundlerError on non-integer values instead of a raw ValueError. - packager: write zip members with a fixed timestamp + permissions so identical inputs yield byte-for-byte identical artifacts (genuinely reproducible builds), and strengthen the determinism test accordingly. Adds regression tests for priority validation, plain-HTTP/host rejection, and byte-level artifact reproducibility (111 bundler tests pass; ruff clean). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address PR review round 2 — nested output dir + file:// URLs - packager: when --output points inside the bundle directory, exclude the whole output subtree from collection so previously-built artifacts are never re-packaged (prevents broken reproducibility and unbounded growth). - adapters: resolve file:// catalog URLs via url2pathname and preserve netloc, so Windows file URLs (file:///C:/...) and UNC shares (file://server/share) resolve correctly instead of dropping the host or producing /C:/x. Adds regression tests for nested-output exclusion and file:// resolution (113 bundler tests pass; ruff clean). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address PR review round 3 — discovery UX + hardening - bundle search/info: fall back to the built-in/user catalog stack instead of requiring a Spec Kit project, so discovery works in a fresh directory (and the README/quickstart examples now match actual behavior). install still auto-initializes a project as before. - packager: traverse with os.walk(followlinks=False) and prune symlinked directories before descending, so a symlink-to-dir can no longer pull in out-of-tree files (which previously turned "skip symlinks" into a hard ensure_within() failure and did extra filesystem work). - records: parse contributed-component priority defensively, raising an actionable BundlerError on a corrupt records file instead of leaking a raw ValueError/traceback. - installer: give install_bundle's manifest parameter an explicit BundleManifest | None type for a clearer, safer service API. Adds regression tests for project-less search/info, symlinked-dir pruning, and corrupt-priority records (117 bundler tests pass; ruff clean). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address PR review round 4 + markdownlint exclusions Review fixes: - bundle info: expand the manifest regardless of install policy so discovery-only bundles remain inspectable (only install is refused). - _download_manifest: handle local .zip download_url by extracting bundle.yml (via _local_manifest_source), and add a real remote HTTPS fetch path using the shared authenticated, redirect-validated open_url client (HTTPS enforced on the initial URL and every redirect; offline still refuses). - _run_init: thread the --offline flag through to the init callback so `bundle install/init --offline` never performs network init. - conflict.ConflictReport: use field(default_factory=list) and drop the None + __post_init__ workaround. - CatalogSource.from_dict: parse priority defensively, raising an actionable BundlerError naming the source + offending value instead of a raw ValueError. markdownlint: - Exclude .specify/, .github/, and specs/ (and their subdirectories) from markdownlint so the in-flight dogfooding scaffolding doesn't trip the linter. Adds regression tests for discovery-only info, local-zip download_url, and non-integer catalog priority (120 bundler tests pass; ruff clean; the PR's own markdown lints clean). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address PR review round 5 + ignore generated files in whitespace check Review fixes: - packager: exclude any prior build artifact for this bundle (matching <id>-*.zip), not just the current output path, so older artifacts next to bundle.yml are never re-packaged. - docs(bundles): correct the note — `search` and `info` work without a project (they fall back to the built-in/user catalog stack); only list/update/remove/ catalog require an initialized project. CI / generated files: - .gitattributes: mark the generated dogfooding scaffolding (.specify/**, the speckit .github agent/prompt files, copilot-instructions.md, specs/**) with -whitespace so `git diff --check` (the Lint workflow's whitespace gate) stops flagging emitted trailing whitespace. These files are produced by `specify init` and are scrubbed before merge. Adds a regression test for prior-artifact exclusion (121 bundler tests pass; ruff clean). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): collision-resistant catalog ids, canonical local paths, explicit uninstalled result Addresses review round 6 (PR #3070): - catalog_config._derive_id now combines host label with the URL path stem so multiple catalogs from the same host get distinct, stable default ids. - add_source canonicalizes local file paths to absolute before persisting, so project config no longer depends on the caller's cwd. - InstallResult gains a dedicated `uninstalled` list; remove_bundle no longer overloads `installed` for removals, and the CLI prints from `uninstalled`. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): confine config writes, guard indeterminate integration, fix validate docs Addresses review round 7 (PR #3070): - save_records and catalog_config._write now pass within=project_root to dump_json/dump_yaml, refusing symlinked .specify paths that escape the project (defense-in-depth, matching the rest of the codebase). - resolve_install_plan now fails when a bundle pins an integration but the project's active integration cannot be determined and no explicit --integration override was given, instead of silently adopting the bundle's required integration (FR-019 guard). CLI passes integration_explicit. - docs/reference/bundles.md: corrected the validate semantics to describe the actual best-effort online behavior (unreachable catalogs warn, not fail). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): Windows path handling + review round 8 hardening Fix Windows CI failures: - is_safe_relpath now rejects POSIX-absolute (/abs) and Windows drive-absolute (C:\x, UNC) paths on every OS, instead of passing them through on Windows where os.path.isabs('/abs') is False and Path('/abs').parts yields '\\'. - _download_manifest treats a Windows drive-letter download_url (C:\bundle.yml, which urlparse reads as scheme 'c') as a local file, fixing the empty component set in `bundle info` on Windows. Address review round 8 (PR #3070): - Bundled workflows now install under --offline (locate via _locate_bundled_workflow) instead of being refused unconditionally. - bundle update preserves the original installed_at timestamp on refresh (import find_record; reuse the existing record's timestamp). - _derive_id lowercases the host label so 'Example.com' and 'example.com' produce the same deterministic id. - CatalogEntry.from_dict validates 'tags' is a list and 'verified' is a real boolean, raising BundlerError on invalid untrusted shapes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): normalize SemVer prerelease spellings before version parsing Addresses review round 9 (PR #3070): parse_version and is_semver now apply the same prerelease normalization (mirroring specify_cli._version._normalize_tag) so SemVer spellings like 1.2.3-rc1 / 1.2.3-alpha1 validate and compare consistently across is_semver, parse_version, and satisfies. Leading 'v' is also stripped. Keeps the manifest validator and constraint checks in agreement. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): no collateral removal + enforce manifest-pinned versions Addresses review round 10 (PR #3070): - install_bundle records only the components this bundle actually contributed: freshly-installed components, plus pre-existing ones already owned by this bundle (refresh) or a sibling bundle (shared/refcounted). A component that is installed on disk but tracked by no bundle was installed independently and is no longer attributed, so `bundle remove` won't uninstall it (FR-022). - preset/extension/workflow install paths now verify the active catalog's advertised version matches the manifest-pinned component.version before downloading/installing, raising BundlerError on mismatch so bundles stay reproducible. When a catalog advertises no version the pin can't be enforced and installation proceeds. Added regression tests: independent pre-existing component survives removal; version-mismatch refusal (helper + workflow path). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat(scripts): add SPECIFY_INIT_DIR to target a member project from the repo root (#2892) * feat(scripts): add SPECIFY_INIT_DIR to target a member project from the repo root Resolve an explicit SPECIFY_INIT_DIR project override once in the core get_repo_root / Get-RepoRoot, so a non-interactive / CI caller can target a member project (the directory containing .specify/) from a monorepo root without cd. Strict by design: the path must exist and contain .specify/, otherwise it hard-errors with no silent fallback. - Single resolver in core; the git feature-branch script inherits it by sourcing core, with no per-extension copies. - PS resolver verifies the resolved path is a directory (Resolve-Path also succeeds for files) so a file value errors as "not an existing directory". - get_feature_paths splits decl/assignment so a SPECIFY_INIT_DIR failure propagates instead of being masked by `local`. - create-new-feature-branch: when core is absent (only git-common loaded) and SPECIFY_INIT_DIR is set, hard-error rather than silently using the git root. - Document SPECIFY_INIT_DIR and SPECIFY_FEATURE_DIRECTORY in the core reference. - Tests for valid/relative/trailing-slash/file/missing/no-.specify targets, feature-axis composition, the no-core guard, and a PowerShell mirror. * fix: guard SPECIFY_INIT_DIR with stale core scripts * docs: clarify SPECIFY_FEATURE_DIRECTORY precedence wording * fix: normalize trailing slash in PowerShell SPECIFY_INIT_DIR resolver Resolve-Path preserves a trailing separator from its input, so a SPECIFY_INIT_DIR ending in a slash returned a root that didn't match the bash resolver (whose `cd && pwd` strips it). That broke test_ps_trailing_slash_tolerated on the CI runners, which do have pwsh. Trim it with TrimEndingDirectorySeparator (no-op on a bare root or a path with no trailing separator). Also fix the misleading test comment: the PowerShell mirror runs on the CI ubuntu/windows runners (they ship pwsh), it is not skipped there. * test: normalize bash path expectations on Windows * docs: clarify SPECIFY_INIT_DIR root helpers * chore: sync dogfooded .specify core scripts with SPECIFY_INIT_DIR Mirror the SPECIFY_INIT_DIR resolver (resolve_specify_init_dir in common.sh) into the committed dogfooding .specify/scripts/bash copies so the git extension's create-new-feature-branch.sh finds an up-to-date common.sh instead of failing with "requires updated Spec Kit core scripts". Fixes the test_init_dir.py CI failures. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): harden remote catalog fetch and config parsing - adapters: route catalog HTTP fetches through the shared authenticated client (authentication.http.open_url) so auth.json tokens apply and the Authorization header is stripped on cross-host/downgrade redirects. Reject any redirect that leaves HTTPS via a redirect_validator and re-validate the final URL after redirects, closing the urlopen auto-redirect MITM/downgrade gap. - catalog_config._read: raise an actionable BundlerError when the config top level is not a mapping, 'catalogs' is not a list, or an entry is not a mapping, instead of letting list(<str>) produce a downstream AttributeError. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): tighten record read confinement, policy gate, and precedence Addresses review 4534504799: - records.load_records: confine the read via ensure_within(project_root, ...) so a symlinked/traversal-escaping .specify cannot read arbitrary files outside the project (matches the write path's within= guard). - catalog_config._slug: lowercase so derived catalog ids are deterministic across platforms and case-variant duplicates can't slip past the case-sensitive dup check. - installer.install_bundle: reword the docstring's misleading "atomic on failure" claim to describe the real scoped guarantee (record written only on full success; rollback limited to newly-installed components). - bundle update: enforce the source install_policy like install, refusing to update from a discovery-only source (FR-025). - catalog source precedence: the CLI now passes ~/.specify as the user config dir so project > user > built-in precedence is actually reachable (previously the user scope was silently ignored). - .gitattributes: scope the specs whitespace exemption to the generated dogfooding feature dir (specs/001-spec-kit-bundler/**) instead of all of specs/**. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): no collateral refresh, catalog id integrity, loud info Addresses review 4534571362: - installer: in refresh mode (bundle update) only re-apply already- installed components that this bundle (or a sibling) owns. Components installed independently and tracked by no bundle are now skipped, never refreshed, so update cannot make collateral changes (FR-022). - catalog.load_catalog_payload: validate each entry's own id is present and matches its enclosing bundles key, rejecting catalogs that would otherwise list a spoofed or unresolvable id. - bundle info: stop swallowing manifest download failures. If the manifest can't be resolved (e.g. --offline against an https download_url or a download failure), surface the error and exit non-zero instead of silently degrading to catalog `provides` counts, preserving the "info == what install applies" guarantee. Added regressions: refresh leaves independently-installed components untouched, catalog id key/field mismatch + missing id rejection, and info exits non-zero when the manifest is unresolvable offline. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): confine catalog-config and integration-marker reads Addresses review 4534716790: two more state reads bypassed the symlink/path-escape confinement that records and the write paths already enforce. - catalog_config._read: validate the config path with ensure_within(project_root, ...) before exists()/read, so a symlinked .specify resolving outside project_root is rejected instead of read. - lib.project.active_integration: confine the .specify/integration.json read the same way; an out-of-tree escape is treated as "not determinable" (returns None) rather than followed. Added regressions covering both via a symlinked .specify pointing outside the project root. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): validate manifest tags, disambiguate derived ids by full host Addresses review 4534768419: - manifest.from_dict: reject a non-list `tags` (e.g. a bare string) instead of splitting it character-by-character, matching the catalog parser and the schema contract (tags = list of strings). - catalog_config._derive_id: derive ids from the full host (TLD included) so example.com and example.net no longer collide on the same id. Updated the affected id assertions. - CHANGELOG: call out the new `specify bundle` command group in the unreleased section (the PR's headline user-facing feature). - .gitattributes: clarify the specs whitespace exemption — the dogfooding feature dir is scrubbed before merge (not retained), so it doesn't weaken checks for kept docs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore(gitattributes): retain whitespace exemption for constitution.md The project constitution (.specify/memory/constitution.md) is the one dogfooding artifact carried forward past the pre-merge scrub. Give it its own standalone whitespace exemption so it survives removal of the broader .specify/** generated-scaffolding exemption. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): accurate uninstall count, confine catalog read, safe bundle id Addresses review 4534812056: - installer.remove_bundle: only count a component as uninstalled when installer.remove() actually ran; components already absent on disk are reported as skipped, keeping the uninstalled count accurate. - catalog.load_source_stack: confine the project-scoped .specify config read with ensure_within, so a symlinked .specify/ resolving outside the project root is refused (consistent with the bundler's other guarded reads). - manifest: enforce a filesystem-safe slug for bundle.id in structural validation; packager.build_bundle adds an ensure_within defense-in-depth check so a crafted id can never push the artifact outside the output dir. Also reverts the CHANGELOG entry (the changelog is updated separately). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): validate requires/provides shapes in manifest and catalog Addresses review 4534855443: - manifest: validate requires.tools and requires.mcp as list-of-strings via a shared _parse_str_list helper (also reused for tags), so a bare string like `tools: docker` is rejected with an actionable BundlerError instead of being split character-by-character. - catalog.CatalogEntry.from_dict: validate that `requires` and `provides` are mappings before accessing them, so an untrusted catalog payload with `requires: "..."` raises a named BundlerError rather than escaping as a raw AttributeError traceback. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): require README.md when building a bundle artifact Addresses review 4534938014: build_bundle now fails early with an actionable error when README.md is missing, matching the documented artifact contract (manifest + README) instead of silently producing a bundle with no human-facing description. Also reverts CHANGELOG.md to the upstream/main copy. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): validate record shapes; drop stale install --refresh claim Addresses review 4534969692: - records.InstalledBundleRecord.from_dict: hard-error when contributed_components is not a list, instead of iterating a corrupt bare string character-by-character. - records.load_records: validate the top-level 'bundles' field is a list and fail with a clear BundlerError when a corrupt file makes it a mapping/string. - PR description: remove the inaccurate "supports --refresh" note from `bundle install` (refresh is the `bundle update` path); docs already omit it. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): refuse symlinked .specify, reject bad url schemes, IPv6 ids Addresses review 4534997724: - lib.project.find_project_root: a symlinked .specify is no longer accepted as a project root (is_dir() follows symlinks), matching the confinement the rest of the CLI applies and avoiding confusing downstream failures. - catalog_config.add_source: reject unsupported url schemes (ssh://, ftp://, ...) up front instead of silently treating them as local paths; local paths containing ':' but not '://' are still allowed. - catalog_config._derive_id: derive the host via urlparse().hostname so IPv6 literals, credentials, and ports no longer corrupt the derived id. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): strict semver, narrow artifact skip, preserve priority 0 Addresses review 4535084048: - versioning.is_semver: enforce a full MAJOR.MINOR.PATCH SemVer (with optional pre-release/build) via a dedicated regex, instead of accepting any packaging.version.Version-parseable string (e.g. "1", "1.0"). This makes BundleManifest.structural_errors() reject non-semver versions. - packager: narrow the prior-artifact skip pattern to semver-named zips (<id>-<x.y.z>.zip) so legitimate assets like <id>-assets.zip are still packaged. - primitives (preset + extension install): use an explicit `is None` check so an intentional priority of 0 is preserved instead of being replaced by the default. Adds regressions: non-semver rejection ("1"/"1.0"/"1.2.3.4"), asset-not- excluded vs semver-artifact-excluded, and priority-0 pass-through. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): artifact regex for prerelease+build; clarify integration/priority docs Addresses review 4535132279: - packager: the prior-artifact skip regex now matches semver names carrying both a prerelease and build-metadata segment (e.g. 1.0.0-rc1+build5), so such an existing artifact is excluded rather than re-packaged — keeping builds bounded/deterministic, consistent with is_semver(). - docs/reference/bundles.md: correct the install integration wording. --integration selects the integration when initializing a new project and confirms the target when a pinned bundle's active integration can't be determined; it does NOT override a bundle that targets a specific integration (a mismatch aborts with no changes). - examples/security-researcher README: reword the preset priority note in terms of the numeric comparison (ascending priority order) to avoid inverting the meaning. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): --integration can't bypass clash guard; honest rollback docs Addresses review 4535159341: - bundle install: for an already-initialized project, the project's recorded active integration is now authoritative. --integration no longer overrides it (which let a copilot project install a claude-pinned bundle via `--integration claude`, bypassing the FR-019 clash guard). The override still selects the integration at init time and confirms the target only when the active integration cannot be determined. - docs/reference/bundles.md: reword the install guarantee to match the implementation — no provenance record is written unless the install fully succeeds, and rollback of this run's components is best-effort (removal errors are swallowed, so partial on-disk state may remain). Dropped the inaccurate "atomic / rolls back everything" claim. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): validate component kind/id when loading records Addresses review 4535194606: _component_from_dict now rejects a contributed component whose 'kind' is not a supported component kind or whose 'id' is empty, raising a BundlerError that explicitly flags the records file as corrupt. Previously such a record loaded successfully and only failed later (e.g. in primitive_manager() during bundle remove/update) with a less actionable error. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): address review 4535234003 (7 findings) - versioning: tolerate an uppercase `V` prefix in `_normalize_semver` and `is_semver`, mirroring specify_cli._version tag normalization (V -> v) so `V1.2.3` parses and validates consistently. - validator: import BundlerError and narrow the speckit_version constraint except clause to `BundlerError` only, so programming errors are no longer masked behind an "invalid constraint" message. - bundle update: accept `--integration` and thread it through resolve_install_plan the same way `bundle install` does (override used only when the active integration can't be auto-detected), so integration-pinned bundles can be updated where `.specify/integration.json` is missing/unreadable. - bundle validate: fold reference warnings into `report.warnings` so the ValidationReport is the single warning channel at the CLI layer. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * test(bundler): make update --integration help assertion ANSI-safe Rich can split the "--integration" option label with ANSI escape codes between the two leading dashes, so the literal substring check failed under CI's terminal settings. Match the un-split option word instead, mirroring how test_bundle_help_lists_all_commands checks bare command names. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): preserve exec bits in artifacts; document install-time pins Addresses review 4535280786: - packager.build_bundle: no longer forces every ZIP member to 0644, which stripped the executable bit from bundled scripts (e.g. extension hook scripts) and could break them after extraction. Permissions are now normalized reproducibly to 0755 when the source file has any execute bit set, otherwise 0644 — identical inputs still yield byte-for-byte identical artifacts. - installer.install_bundle + docs/reference/bundles.md: document that version pins are enforced install-time only. Because primitive is_installed checks are id-based (not version-aware), an already-present component is skipped during install without comparing its on-disk version to the manifest pin; pins are guaranteed applied only on a real install or `bundle update` refresh. Added a regression asserting executable sources map to 0755 and plain files to 0644 in the built artifact. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * test(bundler): skip exec-bit packager test on Windows Windows filesystems do not carry Unix execute bits, so chmod(0o755) is a no-op and the source file reports no execute bit — the packager then correctly stores the member as 0644. The assertion that an executable source maps to 0755 is only meaningful on POSIX, so skip it on nt rather than asserting platform-specific behavior. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): normalize prerelease spellings inside version constraints Addresses review 4535327154: parse_version() normalized SemVer prerelease spellings (e.g. 1.2.3-rc1 -> 1.2.3rc1) but parse_constraint() passed the constraint to packaging.SpecifierSet unmodified, so ">=1.2.3-rc1" raised InvalidSpecifier even though the same spelling is accepted for installed versions. parse_constraint() now normalizes the version portion of each comma-separated clause via the shared _normalize_semver helper, so prerelease handling is consistent across versions and constraints. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(bundler): validate schema versions and required record identity fields Addresses review 4535351596: - records.load_records: validate the on-disk 'schema_version' (required; forward-compatible across same-major minor bumps) and fail fast with an actionable error on a missing/unknown version, rather than silently parsing a possibly-incompatible format and risking incorrect bundle attribution/removal. - records.InstalledBundleRecord.from_dict: treat missing 'bundle_id' or 'version' as corruption and raise BundlerError, instead of coercing them to empty strings that let later list/remove/update operations behave unpredictably. - catalog_config._read: validate 'schema_version' when present (same-major compatibility) and fail fast on an unsupported version so an incompatible future config shape can't be mis-parsed into a wrong effective catalog stack. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore(bundler): scrub generated dogfooding scaffold before merge The bundler feature was developed by dogfooding Spec Kit on itself. Now that the work is complete, remove all generated scaffolding so it does not land in the repository on merge: - specs/001-spec-kit-bundler/** (spec, plan, research, data-model, contracts, quickstart, tasks, checklists) - .specify/** (extensions, integrations, scripts, templates, workflows, feature/init/integration metadata) - .github/agents/speckit.*.agent.md, .github/prompts/speckit.*.prompt.md, and .github/copilot-instructions.md (Copilot integration scaffold) Retained: .specify/memory/constitution.md — the single dogfooding artifact carried forward — with its whitespace exemption in .gitattributes. .gitattributes and .markdownlint-cli2.jsonc are reverted to the upstream baseline (plus the constitution whitespace exemption), dropping the now-moot exemptions for the removed scaffold. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Pascal THUET <pascal.thuet@arte.tv> |
||
|
|
0c29d890ab |
feat: add /speckit.converge command (#3001)
* Add /speckit.converge SDD artifacts and project scaffolding Dogfood the converge feature through Spec Kit's own workflow: - spec.md, plan.md, tasks.md, research, data-model, contracts, quickstart - requirements checklist for the feature - ratified constitution v1.0.0 (.specify/memory) - Specify project scaffolding (.specify/, .github agent + prompt files) Defines a built-in /speckit.converge command that assesses spec/plan/tasks against the codebase and appends remaining work as new tasks (no git, no change tracking, append-only). Implementation not yet started. Excludes unrelated working-tree changes to agents.py, extensions.py, test_extensions.py, catalog.community.json, and README.md. * Implement /speckit.converge command Add the built-in converge command that assesses the codebase against a feature's spec.md, plan.md, and tasks.md and appends remaining unbuilt work as new traceable tasks to tasks.md (append-only; no git, no change tracking). - templates/commands/converge.md: full command body (load artifacts, assess code, classify findings missing/partial/contradicts/unrequested, append '## Phase N — Convergence' tasks with source-ref + gap-type, read-only guardrails, converged branch, handoff, before/after_converge hooks) - Register converge as a core command across all enumeration sites (SKILL_DESCRIPTIONS, _FALLBACK_CORE_COMMAND_NAMES, ARGUMENT_HINTS, and the integration test command lists incl. copilot/generic file inventories) - init.py Next Steps panel + README Core Commands table - tasks.md: T001-T024 complete (T025 manual quickstart pending) Full suite green: 2343 passed. * Record quickstart validation results for /speckit.converge (T025) All six quickstart scenarios validated (GitHub Copilot agent, macOS/zsh): S1 gap->appended traceable task, S2 implement+re-converge, S3 converged leaves tasks.md unchanged, S4 read-only boundaries, S5 missing-prereq stop, S6 cross- integration install (copilot + windsurf). Automated suite: 2343 passed. * Record 2026-06-16 re-verification results for /speckit.converge (T025) * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Fix integration upgrade deleting settings.json and dropping script +x Two upgrade-path bugs surfaced during converge E2E validation: - copilot upgrade stale-deleted .vscode/settings.json because setup() only tracks the file when it creates it; on upgrade the pre-existing file is merged and left untracked, so Phase 2 stale cleanup removed it. Add an integration-level stale_cleanup_exclusions() hook (CopilotIntegration returns {.vscode/settings.json}) and subtract it from stale_keys. - shared .specify/scripts/*.sh lost their execute bit because the managed refresh rewrites them with the bundled source mode (often 0o644) and nothing restored perms. Call ensure_executable_scripts() after the managed-refresh block (POSIX only). Add regression tests in TestIntegrationUpgrade covering both fixes (validated to fail without the fixes). * fix: resolve markdownlint errors in PR files Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: clean up runtime state files from PR Remove .specify state files that are per-project runtime artifacts: - feature.json, init-options.json, integration.json - manifest files, extension registry, bug artifacts These are generated by 'specify init' and should not be committed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * feat: fold converge artifacts from #3003 and #3005 - Add speckit.converge Copilot agent and prompt files (#3003) - Add regression test for Claude argument hints (#3005) - Remove invalid converge entry from Claude argument hints - Fix documentation removing branch-prefix fallback claims Supersedes: #3003, #3005 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: remove non-converge specify scaffolding from PR Remove .specify/ artifacts, non-converge .github/agents and prompts, and copilot-instructions.md that were generated by 'specify init' and are not part of the converge command feature. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: remove SDD spec artifacts from PR Remove specs/001-converge-command/ — the spec/plan/tasks/research SDD artifacts produced while building this feature. spec-kit does not track a specs/ directory on main (those are outputs of running the workflow on the repo, not part of the shipped tool). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: remove generated Copilot converge command files Remove .github/agents/speckit.converge.agent.md and .github/prompts/speckit.converge.prompt.md — these are generated by 'specify init --integration copilot' from templates/commands/converge.md (all __SPECKIT_COMMAND_*__/{SCRIPT} tokens are resolved). main tracks no .github/agents or .github/prompts files; the template is the source of truth. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: split out unrelated integration-upgrade fix Move the stale_cleanup_exclusions / executable-bit upgrade fix (base.py, copilot, _migrate_commands.py, test_integration_subcommand.py) out of this PR into its own change. This PR is now scoped purely to the /speckit.converge command. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: add converge to core command template ordering converge is a core command in SKILL_DESCRIPTIONS but was missing from _CORE_COMMAND_TEMPLATE_ORDER, so it sorted with the fallback rank. Add it after 'implement' to keep core-command ordering consistent across integrations. Addresses review feedback on #3001. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: make converge findings example neutral Replace the self-referential sample evidence text in the Convergence Findings table with a neutral placeholder so agents are less likely to copy nonsensical template-specific findings into real output. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * docs: clarify converge scope and hook outcome wording - Remove FR-specific parenthetical from code-scope rule so it doesn't imply a hard FR-001 reference exists in every feature - Replace unsupported 'pass outcome to hook context' instruction with explicit in-session outcome reporting before hook listing Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: align converge task example with tasks format Use (no colon) in the convergence task example so it matches tasks-template formatting and downstream expectations. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Clarification of usage Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * docs: align converge phase/task-id format with tasks template - Use (colon) for consistency with tasks template - Clarify appended task IDs must be zero-padded ( style) - Update checklist example to a concrete zero-padded ID () Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: standardize converge phase heading format Use consistently in converge.md (including the append-only contract section) to match Step 7 and tasks template style. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
|
75df458c37 |
docs: document evolving specs in existing projects (#2902)
* docs: document evolving specs in existing projects * docs: reframe evolving specs guide around persistence models * docs: address evolving specs guide feedback * docs: address evolving specs review feedback * docs: require explicit integration in evolving specs update command --------- Co-authored-by: root <kinsonnee@gmail.com> |
||
|
|
a0305fc511 |
Add GitHub Copilot CLI guidance to readme (#2891)
* Update README with GitHub Copilot CLI details Added mention of GitHub Copilot CLI for agent selection based on docs at https://docs.github.com/en/copilot/how-tos/copilot-cli/use-copilot-cli/invoke-custom-agents#use-custom-agents * Fix typo in README regarding GitHub Copilot CLI |
||
|
|
ac2cb5daf5 |
feat(cli): implement specify self upgrade (#2475)
* feat(cli): implement specify self upgrade
* fix(cli): normalize self-upgrade prerelease tags
* fix(cli): tighten self-upgrade diagnostics
* fix(cli): harden self-upgrade verification parsing
* fix(cli): sanitize self-check fallback tags
* fix(cli): harden self-check release display
* fix(cli): validate resolved upgrade tags
* fix(cli): tolerate invalid install metadata
* test(cli): align upgrade network mocks
* fix(cli): respect relative installer paths
* fix(cli): tighten upgrade failure handling
* fix(cli): align installer path diagnostics
* fix(cli): validate release and version output
* fix(cli): clarify source checkout guidance
* fix(cli): harden upgrade detection helpers
* fix(cli): avoid echoing invalid release tags
* fix(cli): tolerate argv path resolve failures
* chore: remove self-upgrade formatting-only diffs
* fix: address self-upgrade review feedback
* fix: address self-upgrade review followups
* fix: address self-upgrade review edge cases
* fix: address self-upgrade review docs
* fix: refine self-upgrade review followups
* fix: address self-upgrade review cleanup
* fix: handle self-upgrade review edge cases
* fix: address self-upgrade review nits
* fix: address follow-up self-upgrade review
* fix: resolve self-upgrade review and Windows CI failures
- README: promote "Optional Commands" to ### so it is a sibling of
"Core Commands" under "Available Slash Commands" (consistent heading
levels; avoids the h2->h4 jump a revert would create).
- _version: allow --tag prerelease/dev and build-metadata suffixes to
compose (e.g. v1.0.0-rc1+build.42), matching PEP 440 / semver; the
Version() check still enforces canonical validity.
- tests: compare resolved argv0 as Path objects instead of POSIX strings
so the assertion holds on Windows; skip the relative-installer-path
executable-bit tests on Windows via a new requires_posix marker (they
rely on chmod/X_OK semantics and chdir-into-tmp teardown that do not
hold there). Add a combined prerelease+build-metadata tag test.
* fix: address second self-upgrade review round
- self_check: clarify that the "up to date" branch is reached only for
parseable latest tags (the unparseable case returns earlier), so the
InvalidVersion fallback assumption is not reintroduced.
- self_upgrade: compare target/current as Version instances directly
instead of re-parsing the canonical strings through _is_newer; the
empty-current case stays explicit via the not-None guard.
- tests: document the intentional broad GH_/GITHUB_ env scrub with a test
asserting non-credential context vars (GH_HOST, GITHUB_REPOSITORY, …) are
stripped from the installer subprocess env — a deliberate fail-safe that
also catches credential-adjacent names without a recognized suffix.
* fix: address third self-upgrade review round
- self_upgrade: unify the no-op short-circuits on packaging Version
equality instead of canonical-string equality. Version("1.0") equals
Version("1.0.0") but their str() forms differ, so the old check could
misreport an equal install as "already on latest release or newer".
Both the unpinned and pinned branches now use Version comparison.
- self_upgrade: compare the verified version as a parsed Version against
the target so a non-version verifier result is a mismatch (exit 2)
rather than a coincidental canonical-string match.
- resolver: map HTTP 429 (Too Many Requests / secondary rate limit) to
the rate-limited category so users get the same actionable token hint
as 403.
- _is_github_credential_env_key: document the precise (intentionally
broad) scrub matching contract in the docstring.
- tests: add a trailing-zero Version-equality regression test and a
parametrized HTTP-status categorization test (429 -> rate limited;
404/502 -> verbatim).
* fix: address fourth self-upgrade review round
- self_upgrade: label a pinned target older than the installed version as
"Downgrading" rather than "Upgrading" so `--tag <older>` is not mistaken
for a forward upgrade.
- resolver: drop the unused `typing.Optional` import and annotate the
`--tag` option as `str | None`, consistent with the rest of the module
(verified Typer resolves it on the supported Python versions).
- _is_github_credential_env_key: add `_PASSWORD` and `_CREDENTIALS` to the
recognized credential suffixes and document that only these shapes are
scrubbed (not blanket coverage).
- tests: assert the precise exit code (1) for the re-raised transient
OSError path; skip the InvalidMetadataError test on Pythons where the
real exception is absent instead of fabricating it; update the pinned
downgrade test to expect the "Downgrading" label.
* fix: accept uppercase V prefix in --tag
Fold a leading uppercase `V` (a common paste) to the canonical lowercase
`v` before validating `--tag`. The remainder of the tag stays
case-sensitive on purpose: the validated value is used verbatim as a git
ref, which is case-sensitive on GitHub, so rewriting label/build-metadata
casing could point at a tag that does not exist. Adds a normalization test.
|
||
|
|
ad62357015 |
docs: consolidate Community sections in README (#2736)
* docs: consolidate Community sections in README Replace four separate Community sections (Extensions, Presets, Walkthroughs, Friends) with a single consolidated section containing a bullet list, one shared disclaimer, and both publishing guide links. * fix: broken community anchor links and missing Hermes hook note injection - Update README.md and extensions/README.md to point community extension links to the docs site instead of removed section anchor - Add post_process_skill_content() call in Hermes setup() so hook command notes are injected into generated skills - Add Hermes test override for test_hook_sections_explain_dotted_command_conversion with Path.home() monkeypatch |
||
|
|
d116ce2b0a | docs: fix broken pipx homepage URLs to point to pipx.pypa.io (#2670) | ||
|
|
69b9348776 | Update README.md (#2675) | ||
|
|
1bf4a6eb35 | docs: fix directory hierarchy in README examples (#2639) | ||
|
|
6322a4d429 |
docs: fix script name in directory tree examples (#2555)
* docs: fix script name in directory tree examples Replace update-claude-md.sh with the actual filename setup-tasks.sh in two directory tree examples (Steps 2 and 4 of the detailed walkthrough). * docs: fix .specify/scripts layout to show bash/ and powershell/ subdirs install_shared_infra() installs scripts under .specify/scripts/bash/ (script_type="sh") or .specify/scripts/powershell/ (script_type="ps"), not directly under .specify/scripts/. Update docs/installation.md and the _install_shared_infra docstring to reflect the actual on-disk layout. * docs: update README tree examples to show scripts/bash/ subdirectory Scripts are installed under .specify/scripts/bash/ (or powershell/) not directly under .specify/scripts/. Fix both tree diagrams in the Detailed Process walkthrough to match the actual on-disk layout. |
||
|
|
707e929c2a |
docs: streamline install section and add community overview (#2561)
- Shorten README.md install section to single uv command + link to installation guide for alternatives and troubleshooting - Add explicit 'Initialize a project' step to README Get Started - Remove duplicate Troubleshooting section from README - Reorder 'Make it your own' card on docs landing page so extensions and presets are explained before the stats - Update Community nav-card to link to new community overview - Create docs/community/overview.md landing page (aligned with reference/overview.md) - Create dedicated install sub-pages: pipx, one-time (uvx), air-gapped - Update docs/installation.md to lead with persistent uv install and link to sub-pages instead of duplicating content - Update docs/toc.yml with new pages - Remove stale EOF file |
||
|
|
59fa8b5947 |
Move community extensions table from README to docs site (#2560)
* Add Agent Governance extension to community catalog Add agent-governance extension submitted by @bigsmartben to: - extensions/catalog.community.json (alphabetical order) - README.md community extensions table Closes #2552 * Move community extensions table from README to docs site - Create docs/community/extensions.md with full extensions table - Replace ~120-line table in README.md with summary + link to docs site - Add Extensions entry to docs/toc.yml under Community - Update add-community-extension SKILL.md references |
||
|
|
def1a05420 |
Add Agent Governance extension to community catalog (#2559)
Add agent-governance extension submitted by @bigsmartben to: - extensions/catalog.community.json (alphabetical order) - README.md community extensions table Closes #2552 |
||
|
|
4f05eff4e4 |
Add Reqnroll BDD extension to community catalog (#2545)
Add reqnroll-bdd extension submitted by @stenyin (LoogaCY Studio) to: - extensions/catalog.community.json (alphabetical order) - README.md community extensions table Closes #2544 |
||
|
|
0aae1ec2b9 |
Fix constitution reference in README (#2491)
* Fix constitution reference in README * docs: clarify constitution reference |
||
|
|
765e60f1c4 |
Add changelog extension (#2177)
* Add Spec Scope extension to community catalog Adds spec-kit-scope: effort estimation and scope tracking from spec artifacts. 4 commands: - /speckit.scope.estimate — data-driven effort estimation with three-point ranges - /speckit.scope.compare — side-by-side spec scope comparison - /speckit.scope.creep — scope creep detection via git history - /speckit.scope.budget — sprint-ready time budget generation 1 hook: after_specify (auto-estimation) Turns "how long will this take?" into a data-driven answer. * Add Spec Changelog extension to community catalog * Add Spec Changelog extension to community catalog * fix: drop accidental scope entry, restore Intelligent Agent Orchestrator README row, return Spec Reference Loader to original position Per Copilot review on PR #2177: this branch is supposed to add only the Spec Changelog extension. The diff against main also showed (1) a duplicate 'scope' catalog entry, (2) a deletion of the Intelligent Agent Orchestrator README row, and (3) Spec Reference Loader moved out of alphabetical order. All three were merge artifacts and have been cleaned up here. * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * fix: keep Spec Changelog row alphabetically sorted Address Copilot review on PR #2177: the Community Extensions table is sorted alphabetically by display name, and 'Changelog' precedes 'Critique', 'Diagram', 'Orchestrator', and 'Reference', so the Spec Changelog row belongs right after Ship Release Extension. Move it into its sorted slot and keep Spec Reference Loader in its original alphabetical position (between Spec Orchestrator and Spec Refine). * fix: remove duplicate Spec Reference Loader row from README Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Manfred Riem <15701806+mnriem@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|
|
20ef9a72a9 |
feat(catalog): add BrownKit (brownkit) community extension (#2510) (#2520)
* feat(catalog): add BrownKit (brownkit) community extension (#2510) * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * fix: bump catalog-level updated_at to match newest entry --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
b5db159394 |
feat(catalog): add Spec Kit Schedule (schedule) community extension (#2473)
* feat(catalog): add Spec Kit Schedule (schedule) community extension CP-SAT scheduler for spec-kit projects with multi-agent task optimization. Adds catalog entry for v0.5.2 release. Pre-flight verification: - archive/refs/tags/v0.5.2.zip resolves (HTTP 200, 718322 bytes, SHA-256 00d4dab1df680e5888e0d0e861eb4696ace00661d40669bf719a75dc379b40b5) - extension.yml schema_version 1.0, id 'schedule', 3 commands (speckit.schedule.run, speckit.schedule.portfolio, speckit.schedule.visualize) - 566 tests passing on Ubuntu 3.10/3.11/3.12 + macOS 3.12 (all blocking) - 92.51% line coverage, mypy --strict on 28 modules - Sigstore attestations via attest-build-provenance@v2 (gh attestation verify exit 0 confirmed) - 4 worked examples + replan demo runnable via bash bin/run-examples.sh License: MIT speckit_version: >=0.4.0 * fix(catalog): update Spec Kit Schedule entry to v0.5.3 v0.5.2 had two real-world install bugs caught when a user tried the documented commands: 1. README/INSTALL showed 'specify extension add --from URL' (missing the EXTENSION positional arg). The canonical form is 'specify extension add schedule --from URL'. Fixed in v0.5.3. 2. Release zip was ~5x bigger than peer extensions due to dev cruft (.github/, tests/, benchmarks/, build metadata). Added .gitattributes export-ignore in v0.5.3, dropping the zip from 718 KB to 590 KB. v0.5.3 archive verified HTTP 200, sigstore attestations active. * fix(catalog): bump Spec Kit Schedule entry to v0.5.4 Adds an opt-in after_tasks hook so users get prompted to run the scheduler immediately after /speckit.tasks, without forcing it. Mirrors the canonical pattern used by the bundled 'git' extension. * fix(catalog): bump Spec Kit Schedule entry to v0.5.5 Documents the after_tasks hook in README and rewrites the /speckit.schedule.portfolio command to autodetect the project's tech stack via solver.autodetect, then refine interactively against the matching recipe in docs/portfolio-design.md, instead of starting from a blank slate. * fix(catalog): bump Spec Kit Schedule entry to v0.6.0 State now encapsulated under .specify/, /speckit.schedule.run is idempotent with auto-bootstrap, and portfolio detection is AI-aware (reads .specify/integration.json and discovers the user's fleet from the canonical location for whichever spec-kit AI assistant they chose: claude, copilot, cursor-agent, gemini, or any of the other 26 supported integrations). * fix(catalog): bump Spec Kit Schedule entry to v0.6.1 Per-AI portfolio templates with verified May 2026 GA models (gpt-5.5 flagship, claude-opus-4-7, gemini-2.5-flash). Critical price unit fix (cost_aware reported $ figures 1000× inflated in v0.6.0). Plus calibration feedback loop and inline summary. * fix(readme): add Spec Kit Schedule row to Community Extensions table Per Copilot review on PR #2473: the publishing guide requires an accepted submission to update both extensions/catalog.community.json AND the root README's Community Extensions table. Without the README row the extension wouldn't appear in the primary browsable list. Inserted alphabetically between 'Spec Diagram' and 'Spec Orchestrator'. Category: process. Effect: Read+Write. * fix(catalog): provides.commands 3→4 (schedule only) + bump top-level updated_at Surgical edit responding to two Copilot review nits on PR #2473. Previous attempt used str.replace too broadly and was reverted — this version uses unique anchors to mutate only the schedule entry and the top-level updated_at field. 1. extensions/catalog.community.json schedule entry had provides.commands: 3, but the extension exposes 4 commands (run, portfolio, visualize, calibrate — calibrate was added in v0.6.0 Build 2 / calibration feedback loop). 2. Top-level catalog updated_at was 2026-05-06T22:28:55Z but per-entry updated_at for our schedule entry is 2026-05-07. Since this PR modifies the catalog, the top-level timestamp advances too. * fix(catalog): bump Spec Kit Schedule entry to v0.6.2 Adds /speckit.schedule.status (5th command) — self-diagnose installation state, distinguishes 'expected-missing' (will bootstrap automatically) from 'missing' (real problem). Closes the audit-tool false-alarm gap where schedule-config.yml absence post-install was misread as broken state. --------- Co-authored-by: Julio César Franco Ardila <noreply@anthropic.com> |
||
|
|
cec0d2db5e |
Add MDE extension to community catalog (#2512)
Add the MDE (Model Driven Engineering) extension to the community catalog and README extensions table. Closes #2492 Co-authored-by: ralphhanna <11893416+ralphhanna@users.noreply.github.com> |
||
|
|
abb5fe7090 |
feat(catalog): add API Evolve (api-evolve) community extension (#2479)
* feat(catalog): add API Evolve (api-evolve) community extension * chore(catalog): refresh top-level updated_at |
||
|
|
5b9f0040e7 |
feat: add agent-orchestrator to community extension catalog (#2236)
Register the Intelligent Agent Orchestrator as a community extension. Extension code is hosted externally at: https://github.com/pragya247/spec-kit-orchestrator Changes: - Add agent-orchestrator entry to extensions/catalog.community.json - Add Agent Orchestrator row to README.md community extensions table Co-authored-by: pragya247 <pragya@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
|
38bb88bde1 |
docs: Add uv installation guide and inline callouts (#2465)
* Initial plan * docs: Add uv installation guide and inline callouts Agent-Logs-Url: https://github.com/github/spec-kit/sessions/027c81a0-57f2-4f67-ab54-4c72f93eb254 Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com> * docs: improve uv install guide PATH and Windows instructions Agent-Logs-Url: https://github.com/github/spec-kit/sessions/f56bcfb8-2cf5-44a5-b5e5-0fd6c3caa46f Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com> * docs: clarify uv note in README applies only to uv commands not pipx Agent-Logs-Url: https://github.com/github/spec-kit/sessions/a6ada1f7-522d-4a31-ac5b-880e763f9c97 Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com> * docs: clarify uv note in installation.md applies only to uvx commands not pipx Agent-Logs-Url: https://github.com/github/spec-kit/sessions/4ec791dd-b048-4606-8db3-671bc8956b05 Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: mnriem <15701806+mnriem@users.noreply.github.com> |
||
|
|
0facb1bdc2 |
Add fx-to-dotnet to community extension catalog (#2471)
* Add fx-to-dotnet to community extension catalog - Extension ID: fx-to-dotnet - Version: 0.8.0 - Author: RogerBestMsft - .NET Framework to Modern .NET Migration Closes #2469 * Address review: remove tool version, fix table ordering - Remove meaningless >=0.0.0 version from required tool entry - Move .NET Framework row to correct alphabetical position (after Multi-Model Review) - Lowercase link label to match table conventions |
||
|
|
2d5e63005d |
fix: default non-interactive init to copilot integration (#2414)
* fix: default non-interactive init integration * chore: clarify non-interactive init default integration * Address non-interactive init review feedback * Fix interactive init test after fallback |
||
|
|
c0bf5d0c64 |
feat(catalog): add Cost Tracker (cost) community extension (#2448)
* feat(catalog): add Cost Tracker (cost) community extension Adds a new entry for spec-kit-cost — track real LLM dollar cost across SDD workflows with per-feature budgets, per-integration comparison, and finance-ready exports. Repo: https://github.com/Quratulain-bilal/spec-kit-cost Release: v1.0.0 * docs(catalog): add Cost Tracker README row, bump updated_at Address Copilot review feedback: - Add Cost Tracker row to README community extensions table - Bump top-level updated_at per EXTENSION-PUBLISHING-GUIDE.md * fix(catalog): address Copilot feedback on cost extension entry - Move cost entry after confluence so the c* block is alphabetized - Bump top-level updated_at to 2026-05-05 per EXTENSION-PUBLISHING-GUIDE - Use documented 'visibility' category in README (not 'analytics'), matching Token Consumption Analyzer's classification - Replace 'analytics' tag with 'visibility' in catalog tags for consistency * fix(catalog): bump top-level updated_at for cost entry addition Address Copilot feedback: the file-level updated_at must be bumped on every catalog change per EXTENSION-PUBLISHING-GUIDE.md:204-205. --------- Co-authored-by: Quratulain-bilal <quratulain.bilal@users.noreply.github.com> |
||
|
|
0f26551814 |
feat: improve catalog submission templates and CODEOWNERS (#2401)
Simplify the community catalog submission flow to use issue templates with manual maintainer review (no automation scripts or workflows). - Add explicit CODEOWNERS entries for catalog.community.json files so submissions are automatically assigned to a maintainer for review - Improve preset submission template: - Add 'Required Extensions' optional field - Make 'Templates Provided' optional (supports command-only presets) - Add 'Number of Scripts' optional field The existing extension and preset issue templates already collect all required catalog metadata. Maintainers review submissions and manually update the catalog JSON files. Closes #2400 |
||
|
|
10f63c914d |
Add Architecture Guard to community catalog (#2430)
* feat: add Architecture Guard to community catalog - Add architecture-guard v1.4.0 extension entry to catalog - Add entry to README community extensions table - Includes built-in Laravel-specific governance rules * chore: update catalog timestamp to 2026-05-05 * fix: address PR feedback - Add 'governance' category to README legend (used by Architecture Guard) - Update architecture-guard timestamps to 2026-05-05 (submission date) - Align with published extension behavior (Laravel support now built-in) * chore: update Architecture Guard category to process - Changed from 'governance' to 'process' (official category) - Aligns with schema in EXTENSION-PUBLISHING-GUIDE.md - Removed 'governance' from category legend (not an official category) * chore: update timestamps to actual UTC datetime - Top-level updated_at: 2026-05-05T07:26:00Z - Entry created_at/updated_at: 2026-05-05T07:26:00Z - Replaces placeholder 00:00:00Z with actual submission time |
||
|
|
0d8685aa80 |
Add multi-model-review extension to community catalog (#2446)
Co-authored-by: formin <formin@sds.co.kr> |
||
|
|
4a8f19cc63 | Update Ralph Loop to v1.0.2 (#2435) | ||
|
|
521b0d9ef7 |
update security-review and memory-md extensions to latest versions (#2445)
* chore: update security-review extension to v1.4.2 * chore: update memory-md description and catalog updated_at |
||
|
|
94074064c5 |
Add token-analyzer to community catalog (#2433)
Extension ID: token-analyzer Version: 0.1.0 Author: Chris Roberts | coderandhiker Description: Captures, analyzes, and compares token consumption across SDD workflows Repository: https://github.com/coderandhiker/spec-kit-token-analyzer Co-authored-by: Chris Roberts <chris@Chriss-MacBook-Pro.local> |
||
|
|
9fac01fb47 |
feat(extensions): add Spec2Cloud extension for Azure deployment workflow (#2412)
* feat(extensions): add Spec2Cloud extension for Azure deployment workflow Co-authored-by: Copilot <copilot@github.com> * Update extensions/catalog.community.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update extensions/catalog.community.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * feat(extensions): update Spec2Cloud extension details and remove duplicate entry Co-authored-by: Copilot <copilot@github.com> * fix(extensions): correct formatting of updated_at timestamp * fix(extensions): update Spec2Cloud extension version and timestamps --------- Co-authored-by: Copilot <copilot@github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
|
da1bf028ab |
feat: add Squad Bridge extension to community catalog (#2417)
* feat: add squad bridge extension to community catalog Adds spec-kit-squad by jwill824 — a Spec Kit extension that bootstraps and synchronizes a Squad agent team from your Speckit spec and tasks. - 4 commands: init, generate, route, status - 2 hooks: after_specify (generate), after_tasks (route) - v1.0.0 release Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * chore: add requires.tools for squad-cli in catalog entry * Update extensions/catalog.community.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
|
2cb848f0d3 |
Add Work IQ extension to community catalog (#2415)
* Add Work IQ extension to community catalog Adds the Work IQ extension by sakitA to the community catalog. Work IQ integrates Microsoft 365 organizational knowledge (emails, meetings, documents, Teams) into spec-driven development workflows. - 4 commands: ask, context, stakeholders, enrich - 2 hooks: before_specify, after_specify - Requires: speckit >=0.1.0, Node.js >=18.0.0, workiq CLI Repository: https://github.com/sakitA/spec-kit-workiq * Address PR review comments - Fix download_url to use .zip (Spec Kit installer requires ZIP format) - Bump top-level catalog updated_at to 2026-04-29 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Sakit Atakishiyev <satakishiyev@microsoft.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|
|
9cf3151a72 |
update security review extension catalog to v1.3.0 (#2374)
* chore: update security review catalog metadata * fix: sync security review catalog with v1.3.0 * chore: refresh community catalog timestamp * fix: update author information for Security Review catalog entry * fix: correct author name format in Security Review catalog entry * chore: refresh community catalog timestamps * chore: reapply catalog formatting * chore: align catalog formatting with main |
||
|
|
38f99e8381 |
feat: add threatmodel extension to community catalog (#2369)
* feat: add threatmodel extension to community catalog * update timestamp for catalogue freshness * update timestamp for catalogue freshness * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Update README.md update readme.md with spec-kit-threatmodel --------- Co-authored-by: Samal <navia.samal@sap.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
5b3ebabcaf |
Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
7b99fef2bc | Merge branch 'main' into community/add-m365-extension | ||
|
|
bd3ae9aaef | Add MarkItDown Document Converter extension to community catalog (#2390) | ||
|
|
77ca5f4ed5 |
catalog: add m365 community extension
Add Microsoft 365 Integration to community catalog and README. Ingests Teams messages, files, and meeting transcripts as Markdown for use with speckit specify. |
||
|
|
171b65ac33 |
docs: replace deprecated --ai flag with --integration in all documentation (#2359)
* docs: replace deprecated --ai flag with --integration in all documentation Replace all user-facing --ai, --ai-skills, and --ai-commands-dir references with their modern equivalents: - --ai <agent> → --integration <agent> - --ai-skills → --integration-options="--skills" - --ai-commands-dir <dir> → --integration generic --integration-options="--commands-dir <dir>" Updated files: - README.md (~17 occurrences) - docs/installation.md (~8 occurrences) - docs/upgrade.md (~11 occurrences) - docs/local-development.md (~5 occurrences) - CONTRIBUTING.md (1 occurrence) - extensions/EXTENSION-USER-GUIDE.md (1 occurrence) - src/specify_cli/__init__.py (docstring examples and error messages) Left unchanged: - CHANGELOG.md (historical record) - Test files (intentionally exercise deprecated flag path) - CLI flag implementation (backward compatibility) Closes #2358 * docs: address review feedback on pre-existing issues - Fix duplicate copilot example in README.md (replace with codex) - Fix invalid gemini --integration-options="--skills" example (gemini does not support --skills) - Update generic integration comment from 'Unsupported agent' to 'Bring your own agent; requires --commands-dir' - Clarify EXTENSION-USER-GUIDE.md: skills auto-register for skills-based integrations, not only with --integration-options * docs: replace bare 'AI agent' / 'AI assistant' with 'coding agent' throughout Full sweep across all documentation and user-facing CLI messages to align terminology. Bare references like 'AI agent', 'AI assistant', and 'AI Agent' are replaced with 'coding agent' or 'coding agent integration' as appropriate. Intentionally left unchanged: - 'AI coding agent' (already correct expanded form) - Deprecated --ai flag help text and error messages (describes the deprecated flag itself) - Community extension descriptions (external project text) - 'generated by an AI' in CONTRIBUTING.md (general AI, not agent) * docs: address review — remove deprecated --offline, qualify --skills scope - Remove --offline from docstring examples (deprecated no-op) - Remove --offline from CONTRIBUTING.md testing example - Replace --offline instructions in docs/installation.md with note that bundled assets are used by default - Qualify --integration-options="--skills" in README.md to note it only applies to integrations that support skills mode |
||
|
|
aad7b16188 | Add Spec Orchestrator extension to community catalog (#2350) | ||
|
|
9f14dfc6c6 |
docs: move community presets table to docs site, add missing entries (#2341)
* docs: move community presets table to docs site, add missing entries - Move the full community presets table from README.md to the docs site at docs/community/presets.md, replacing the README section with a short link (matching the pattern used for Walkthroughs and Friends). - Add missing Jira Issue Tracking and Screenwriting rows to the docs table so it reflects all entries in catalog.community.json. * docs(presets): add docs site table step to publishing guide Add step to update docs/community/presets.md when submitting a community preset, and add corresponding PR checklist item. Matches the pattern used in the extensions publishing guide. * Clarify alphabetical sort key in presets publishing guide Specify that the docs table should be sorted by preset name (the first column), disambiguating from the catalog JSON which sorts by preset ID. * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Address review: fix provides count, admonition style, example row - Add missing scripts count to Fiction Book Writing table row to match catalog - Switch README disclaimer to GitHub admonition format for consistency - Include optional scripts count in PUBLISHING.md example row * Fix Fiction Book Writing link text to match actual repo name --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> |
||
|
|
6413414907 |
Update product-forge to v1.5.1 in community catalog (#2352)
* Update product-forge to v1.5.0 in community catalog - Extension ID: product-forge - Version: 1.1.1 → 1.5.0 - Author: VaiYav - Description: updated to reflect v1.5 features (portfolio, lite mode, monorepo, optional V-Model) - Commands: 10 → 29 - Tags: refreshed to reflect current surface area - download_url pinned to v1.5.0 release tag - updated_at bumped to 2026-04-24 Release: https://github.com/VaiYav/speckit-product-forge/releases/tag/v1.5.0 * Bump product-forge to v1.5.1 (docs patch) Follow-up to v1.5.0 that surfaces the optional V-Model dependency (leocamello/spec-kit-v-model ≥ 0.5.0) in README Requirements, config-template.yml, and docs/config.md. Docs-only patch — no behavioural change. Release: https://github.com/VaiYav/speckit-product-forge/releases/tag/v1.5.1 |
||
|
|
5a52b7623e |
feat: Preset screenwriting (#2332)
* Update preset-fiction-book-writing to community catalog - Preset ID: fiction-book-writing - Version: 1.5.0 - Author: Andreas Daumann - Description: Spec-Driven Development for novel and long-form fiction. Replaces software engineering terminology with storytelling craft: specs become story briefs, plans become story structures, and tasks become scene-by-scene writing tasks. Supports 8 POV modes, all major plot structure frameworks, 5 humanized-AI prose profiles, and exports to DOCX/EPUB/LaTeX via pandoc. V1.5.0: Support interactive, audiobooks, series, workflow corrections * Add screenwriting preset to community catalog - Preset ID: screenwriting - Version: 1.0.0 - Author: Andreas Daumann - Description: Spec-Driven Development for screenwriting/scriptwriting/tutorials: feature films, television (pilot, episode, limited series), and stage plays. Adapts the Speckit workflow to screenplay craft — slug lines, action lines, act breaks, beat sheets, and industry-standard pitch documents replace prose fiction conventions. Supports three-act, Save the Cat, TV pilot, network episode, cable/streaming episode, and stage-play structural frameworks. * Update presets/catalog.community.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update presets/catalog.community.json Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
|
b278d66b2c |
docs(install): add pipx as alternative installation method (#2288)
* docs(install): add pipx as alternative installation method - Add pipx commands to README.md installation section - Add note about pipx compatibility to docs/installation.md - Mention pipx persistent installation in docs/quickstart.md - Add pipx upgrade instructions to docs/upgrade.md - Clarify that project has no uv-specific dependencies Refs: https://github.com/github/spec-kit/discussions/2255 * docs(install): address Copilot feedback - update prerequisites and upgrade references for pipx * Update docs/quickstart.md markdownlint’s MD012 (enabled in this repo) flags multiple consecutive blank lines Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update docs/upgrade.md In the Quick Reference table, the label “pipx upgrade” is misleading because the command shown is `pipx install --force ...` (a reinstall). by copilot. Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> |
||
|
|
709457cec2 | Add Memory MD community extension (#2327) | ||
|
|
efb04e26eb |
docs: move community presets from README to docs/community (#2314)
Move the community presets table from the main README to a dedicated docs/community/presets.md page, matching the pattern used for walkthroughs and friends. - Add docs/community/presets.md with the full presets table - Add Claude AskUserQuestion preset (was in catalog but missing from table) - Add Presets entry to docs/toc.yml under Community - Replace inline README table with a short link to the docs page |
||
|
|
c52ea23ba2 |
catalog: add wireframe extension (v0.1.1) (#2262)
* catalog: add wireframe extension Adds https://github.com/TortoiseWolfe/spec-kit-extension-wireframe (v0.1.0) to the community catalog. Provides a visual feedback loop for spec-driven development: SVG wireframe generation, review, and sign-off. Approved wireframes become spec constraints honored by /plan, /tasks, and /implement. Supersedes #1410 — the old PR predated the extension system introduced in #2130 and proposed commands in templates/commands/, which is no longer the right home for third-party commands. * catalog: address review feedback (position + author) Two changes per Copilot review: - Move `wireframe` entry alphabetically between `whatif` and `worktree` (was appended after `worktrees`). - Simplify `author` from "TortoiseWolfe (turtlewolfe.com)" to just "TortoiseWolfe" so the exact-match author filter in `ExtensionCatalog.search` finds the entry. Portfolio URL remains accessible via `homepage`/`repository`. Thanks @Copilot, @mnriem for the review. * docs(readme): add Wireframe Visual Feedback Loop row Addresses @mnriem's follow-up: the README extension table also needs an entry, not just the catalog JSON. Slots in alphabetically between "What-if Analysis" and "Worktree Isolation" with category `visibility` and Read+Write effect (since sign-off writes the approved wireframe paths into spec.md). * catalog: use speckit-prefixed command names in wireframe description Address remaining Copilot review comment on PR #2262. The actual commands are /speckit.plan, /speckit.tasks, /speckit.implement; the unprefixed names would mislead catalog users. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * catalog: bump wireframe extension to v0.1.1 v0.1.1 of spec-kit-extension-wireframe ships the /speckit.-prefixed command references in extension.yml and README.md. This updates the catalog entry to point at the new release tag so `specify extension add wireframe` installs the corrected version. * catalog: set wireframe created_at to current timestamp Per EXTENSION-PUBLISHING-GUIDE.md: newly added entries should use the current timestamp for both created_at and updated_at. The 04-17 value reflected when I drafted the entry locally, not when the catalog submission landed. --------- Co-authored-by: TortoiseWolfe <jonpohlner@gmail.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |