marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
286 commits 1 branch 0 tags 20 MiB
Commit graph

5 commits

Author SHA1 Message Date
Florian BRUNIAUX
17846b1179 docs: complete Wasp fullstack essentials integration 
Complete all 4 action items from wasp-fullstack-essentials-eval.md resource
evaluation (score 3/5). Framework-agnostic insights only, promotional content
excluded.

Changes (3 sections):

1. Background tasks workflow (Section 9.5)
   - New subsection: "Background Tasks for Fullstack Development"
   - When to background tasks (5 scenarios table)
   - Fullstack workflow pattern with examples
   - Context rot prevention strategies
   - Limitations and workarounds
   - Integration with teleportation
   - /tasks monitoring guide
   - ~100 lines added to Section 9.5 "Tight Feedback Loops"

2. Chrome DevTools MCP (mcp-servers-ecosystem.md)
   - New server entry in "Browser Automation" section
   - Official Anthropic server (not community)
   - Comparison table vs Playwright MCP (debugging vs testing)
   - Setup and configuration
   - Use cases and limitations
   - Updated stats: 3 browser servers (was 2), 6 official servers (was 5)
   - ~60 lines added to Browser Automation section

3. Convention-over-config for AI (Section 9.18.1)
   - New subsection: "Convention-Over-Configuration for AI Agents"
   - Why opinionated frameworks reduce agent cognitive load
   - Comparison table: custom vs opinionated architectures
   - Examples: Next.js, Rails, Phoenix, Django
   - Real-world impact on agent productivity
   - Trade-offs analysis
   - Connection to CLAUDE.md sizing (token reduction)
   - ~60 lines added to Section 9.18.1

Total additions: ~220 lines (workflow patterns + MCP server + AX framework)

Source evaluation: docs/resource-evaluations/wasp-fullstack-essentials-eval.md
Primary sources: llmstxt.org (llms.txt), official docs (background tasks, Chrome
DevTools MCP), existing Section 9.18 (Marmelab/AX framework)

Related commits:
- 783c43b: llms.txt conceptual documentation (completed earlier)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-09 10:00:53 +01:00
Florian BRUNIAUX
bc86c8ed7f release: v3.20.6 - agentskills.io integration + 4 resource evaluations 
- agentskills.io open standard: frontmatter table, skills-ref CLI, portability section
- Agent Skills supply chain risks (security-hardening.md §1.2)
- anthropics/skills (60K+★) added to complementary resources
- 16 new reference.yaml entries
- Resource evaluations: agentskills.io (4/5), Skill Doctor (2/5), dclaude (new), paddo (new)
- Sandbox isolation + README updates

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-01 16:49:33 +01:00
Florian BRUNIAUX
c84c56bfbd docs: add AI Traceability & Attribution guide 
Comprehensive documentation on AI code attribution and disclosure:

- New guide: guide/ai-traceability.md (~640 lines)
  - LLVM "Human-in-the-Loop" policy (Assisted-by trailer)
  - Ghostty mandatory disclosure pattern
  - Fedora contributor accountability framework
  - git-ai tool documentation
  - PromptPwnd security vulnerability
  - Four-level disclosure spectrum
  - Implementation guides (solo, team, enterprise)

- Templates: examples/config/
  - CONTRIBUTING-ai-disclosure.md
  - PULL_REQUEST_TEMPLATE-ai.md

- Cross-references added to:
  - ultimate-guide.md (after Co-Authored-By section)
  - learning-with-ai.md (after Vibe Coding Trap)
  - security-hardening.md (See Also)
  - guide/README.md (table of contents)

- reference.yaml: 14 new entries for AI traceability topics

Source: Vibe coding needs git blame (Piotr Migdał, Jan 2026)
+ Perplexity research on LLVM, Ghostty, Fedora policies

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 20:11:53 +01:00
Florian BRUNIAUX
46c5862c4e fix(docs): critical factual corrections v3.6.1 
Major audit correcting misleading documentation about Claude Code behavior:

### Fixed
- `--add-dir`: permissions (not context loading)
- `excludePatterns` → `permissions.deny` (never existed)
- `.claudeignore` removed (not an official feature)
- "selective loading" myth → lazy loading reality
- Invented CLI flags (`--think`, `--headless`, `--learn`) → prompt keywords
- `@` file reference: "loads automatically" → "reads on-demand"

### Added
- Session Search Tool (`cs`) - zero-dep bash script for finding sessions
- Security section: Known limitations of permissions.deny

15 files modified, 516 insertions, 200 deletions

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 09:16:53 +01:00
Florian BRUNIAUX
34b2ca7200 feat(security): add security hardening guide and hooks v3.6.0 
- Add guide/security-hardening.md (~10K) covering:
  - MCP vetting workflow with CVE-2025-53109/53110, 54135, 54136
  - Prompt injection evasion techniques (Unicode, ANSI, null bytes)
  - Secret detection tool comparison (Gitleaks, TruffleHog, GitGuardian)
  - Incident response procedures

- Add 3 new security hooks:
  - unicode-injection-scanner.sh: zero-width, RTL, ANSI escape detection
  - repo-integrity-scanner.sh: scan README/package.json for injection
  - mcp-config-integrity.sh: verify MCP config hash

- Update existing hooks:
  - prompt-injection-detector.sh: +ANSI, +null bytes, +nested cmd
  - output-secrets-scanner.sh: +env leakage, +generic tokens

- Update cross-references in ultimate-guide.md (§7.4, §8.6)
- Move MCP Security Hardening to Done in IDEAS.md

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-15 07:39:53 +01:00