[PAR-805] Add Claude configuration and capability definitions#116
Merged
mescalantea merged 8 commits intoJun 17, 2026
Merged
Conversation
…date README for environment setup instructions
…te setup script to enable hooks
m1k3lm
reviewed
Jun 16, 2026
m1k3lm
left a comment
m1k3lm
left a comment
Member
There was a problem hiding this comment.
Inline notes from the review. The deny-glob gap is the one worth fixing before merge; the rest are a footgun to document and two cleanups. Solid tooling PR overall.
m1k3lm
reviewed
Jun 16, 2026
Member
There was a problem hiding this comment.
Solid, well-documented tooling PR. Recommend tightening the .env* deny rule before merge (security-relevant given existing backup files), and deciding on the partial-stage behavior in pre-commit. The phpstan duplication and the check-attr pattern are cleanups, not blockers.
- Broaden .env deny globs (Read(**/.env*), Read(.env*)) so secrets in hyphenated backups like .env-back are not readable; fix git check-attr permission to the prefix-match form Bash(git check-attr:*). - pre-commit: re-stage only files phpcbf actually rewrote and warn when a re-staged file was partially staged, avoiding silently committing unstaged hunks; document the caveat in the hook header. - Make bin/phpstan TTY-aware and reuse it from pre-push instead of duplicating the docker compose invocation. Co-Authored-By: Claude <noreply@anthropic.com>
mescalantea
deleted the
chore/PAR-805-Add-Claude-configuration-and-capability-definitions
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What is the goal?
Set up Claude Code to work effectively in this repository and ship a shared, committed baseline of repo-specific capabilities: architecture guidance, a permission allowlist, automated quality gates that mirror CI, and a version-bump skill tailored to this module's release ritual.
References
How is it being implemented?
CLAUDE.md— documents the architecture (the twoSequra\CorevsSeQura\Corenamespaces,Bootstrapservice wiring,di.xmlpayment-gateway virtual types, persistence/patches), the Docker-wrappedbin/*commands, and the working principles / verify gate..claude/settings.json— committed permission allowlist for thebin/*wrappers and read-only git, withdenyrules for secrets (.env*,*.pem,*.key) andaskgates for outward/destructive actions (setup.sh,teardown.sh,git push)..githooks/pre-commit(PHP 7.4 syntax +phpcbf/phpcsscoped to staged files, via throwaway images — no container needed) and.githooks/pre-push(multi-version syntax sweep 7.4–8.4 + fullphpcs+ fullphpstan, mirroringstatic-analysis.yml; skipped when no PHP-relevant changes). Enabled viasetup.shsettingcore.hooksPath .githooks.version-bumpskill (.claude/skills/) — bumpscomposer.jsonversionandetc/module.xmlsetup_versionin lockstep, scaffolds aSetup/Patch/Data/Version*.phppatch only when a data migration is needed, and reminds that the git tag must match (the desync that12f117chad to fix)..gitignore/.gitattributes— track the shared.claude/config and.githooks/while excluding local-only files and keeping all of it out of the Composer/Packagist export (export-ignore).Caveats
The hooks only activate after running
./setup.sh(orgit config core.hooksPath .githooks) once per clone, sincecore.hooksPathis a local git setting that isn't checked in.pre-pushphpstan additionally requires themagentocontainer up withvendor/populated bybin/update-sequra.How is it tested?
No production code changed — this PR adds tooling and configuration only. The new git hooks were exercised on this branch:
pre-pushcorrectly skipped (No PHP-relevant changes in the pushed commits) since the branch touches no.phpfiles.How is it going to be deployed?
Standard deployment. All added files are dev-only and
export-ignored, so nothing ships in the Composer/Packagist dist tarball.