marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
70 commits 1 branch 0 tags 20 MiB
Commit graph

10 commits

Author SHA1 Message Date
Florian BRUNIAUX
46c5862c4e fix(docs): critical factual corrections v3.6.1 
Major audit correcting misleading documentation about Claude Code behavior:

### Fixed
- `--add-dir`: permissions (not context loading)
- `excludePatterns` → `permissions.deny` (never existed)
- `.claudeignore` removed (not an official feature)
- "selective loading" myth → lazy loading reality
- Invented CLI flags (`--think`, `--headless`, `--learn`) → prompt keywords
- `@` file reference: "loads automatically" → "reads on-demand"

### Added
- Session Search Tool (`cs`) - zero-dep bash script for finding sessions
- Security section: Known limitations of permissions.deny

15 files modified, 516 insertions, 200 deletions

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 09:16:53 +01:00
Florian BRUNIAUX
5575ae69a8 feat: add VERSION file as single source of truth + sync script 
- Create VERSION file (3.6.0) as the canonical version source
- Add scripts/sync-version.sh for automated version synchronization
- Fix version inconsistencies in cheatsheet.md and ultimate-guide.md
- Script supports --check mode for CI validation

Usage: ./scripts/sync-version.sh [--check]

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 08:18:32 +01:00
Florian BRUNIAUX
34b2ca7200 feat(security): add security hardening guide and hooks v3.6.0 
- Add guide/security-hardening.md (~10K) covering:
  - MCP vetting workflow with CVE-2025-53109/53110, 54135, 54136
  - Prompt injection evasion techniques (Unicode, ANSI, null bytes)
  - Secret detection tool comparison (Gitleaks, TruffleHog, GitGuardian)
  - Incident response procedures

- Add 3 new security hooks:
  - unicode-injection-scanner.sh: zero-width, RTL, ANSI escape detection
  - repo-integrity-scanner.sh: scan README/package.json for injection
  - mcp-config-integrity.sh: verify MCP config hash

- Update existing hooks:
  - prompt-injection-detector.sh: +ANSI, +null bytes, +nested cmd
  - output-secrets-scanner.sh: +env leakage, +generic tokens

- Update cross-references in ultimate-guide.md (§7.4, §8.6)
- Move MCP Security Hardening to Done in IDEAS.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 07:39:53 +01:00
Florian BRUNIAUX
55a9fa34cf docs: add missing security-hardening.md to navigation 
- README.md: add to Core Documentation, Not Sure Where to Start?, Power User path
- guide/README.md: add to Contents table
- CHANGELOG.md: update Unreleased section

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 07:18:56 +01:00
Florian BRUNIAUX
f7551037fe feat(docs): add development methodologies documentation v3.5.0 
- Add guide/methodologies.md: index of 15 methodologies with decision tree
- Add guide/workflows/: 4 practical workflow guides
  - tdd-with-claude.md: TDD with Claude-specific patterns
  - spec-first.md: SDD adapted for CLAUDE.md
  - plan-driven.md: effective /plan mode usage
  - iterative-refinement.md: prompt→feedback→reprompt loops
- Add Section 9.14 in ultimate-guide.md linking to workflows
- Update guide/README.md with new documentation
- Bump version 3.4.0 → 3.5.0 across all files

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-14 22:28:02 +01:00
Florian BRUNIAUX
f9044e2deb feat(docs): add architecture deep-dive documentation v3.4.0 
Add comprehensive technical documentation explaining Claude Code internals:

- NEW: guide/architecture.md (~800 lines) - Complete architecture deep-dive
  - Master Loop (while tool_call), Tool Arsenal, Context Management
  - Sub-Agent Architecture, Permission System, MCP Integration
  - Edit Tool mechanics, Session persistence, Philosophy comparison
  - 5 ASCII diagrams, source confidence tiers (Tier 1/2/3)

- guide/ultimate-guide.md: Add Section 2.7 "Under the Hood" summary
- guide/cheatsheet.md: Add "Under the Hood (Quick Facts)" section
- machine-readable/reference.yaml: Add architecture index + deep_dive refs
- Update all navigation links across repository

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-14 21:29:46 +01:00
Florian BRUNIAUX
fb49152ee5 chore: consolidate IDEAS.md and bump version to 3.3.1 
- IDEAS.md: Reduce from 12 to 4 actionable research topics
- Unified "MCP Security Hardening" (merged 3 overlapping topics)
- Expanded Discarded section (3 → 16 entries with justifications)
- Technical writer agent validation against reference.yaml
- Version bump: 3.3.0 → 3.3.1 across all docs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-14 21:12:04 +01:00
Florian BRUNIAUX
8a4d116e2e feat(docs): add LLM Handbook + Google Whitepaper integration v3.3.0 
Advanced Guardrails:
- prompt-injection-detector.sh (PreToolUse)
- output-validator.sh (PostToolUse heuristics)
- claudemd-scanner.sh (SessionStart injection detection)
- output-secrets-scanner.sh (PostToolUse secrets leak prevention)

Observability & Monitoring:
- session-logger.sh (JSONL activity logging)
- session-stats.sh (cost tracking & analysis)
- guide/observability.md (full documentation)

LLM-as-a-Judge Evaluation:
- output-evaluator.md agent (Haiku)
- /validate-changes command
- pre-commit-evaluator.sh (opt-in git hook)

Google Agent Whitepaper Integration:
- Context Triage Guide (Section 2.2.4)
- CLAUDE.md Injection Warning (Section 3.1.3)
- Agent Validation Checklist (Section 4.2.4)
- MCP Security: Tool Shadowing & Confused Deputy (Section 8.6)
- Session vs Memory patterns (Section 3.3.3)

Stats: 10 new files, 8 modified, 5 new guide sections

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-14 21:00:49 +01:00
Florian BRUNIAUX
19110eba22 feat(docs): add comprehensive data privacy documentation v3.2.0 
- Create guide/data-privacy.md with retention policies (5y/30d/0)
- Add privacy notice to README.md
- Add section 2.6 "Data Flow & Privacy" to ultimate-guide.md
- Add Golden Rule #7 to cheatsheet.md (know what's sent)
- Add Phase 0.5 Privacy Awareness to onboarding-prompt.md
- Add privacy checks to audit-prompt.md
- Add PRIVACY CHECK section to audit-scan.sh (human + JSON)
- Add privacy reminder to check-claude.sh
- Create privacy-warning.sh SessionStart hook

Addresses user awareness of Anthropic data retention and opt-out options.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-14 20:42:19 +01:00
Florian BRUNIAUX
bc07651cdf refactor: restructure repo into thematic directories v3.1.0 
Major repository reorganization for improved navigation:

New directory structure:
- guide/ - Core documentation (ultimate-guide, cheatsheet, adoption)
- tools/ - Interactive utilities (audit, onboarding, mobile-access)
- machine-readable/ - LLM/AI consumption (reference.yaml, llms.txt)
- exports/ - Generated outputs (PDFs)

Changes:
- Move 10 files to thematic directories with cleaner names
- Create README.md index for each new directory
- Update 150+ internal links across all documentation
- Add "Repository Structure" section to main README
- Remove redundant npm install command from README header
- Remove unverified cost estimate from prerequisites
- Fix broken anchor link (#-quick-start-15-minutes)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-13 15:30:02 +01:00