feat: make init framework-agnostic with detection, vendor fetch, and constitution gating

[PrzemekGalarowicz]

Summary

• Manifest-driven prerequisites — pharn init no longer hard-requires Next.js up front; git is the only universal gate, and stack-specific package checks (e.g. next) run only when the resolved install set declares them via module.json prerequisites.
• package.json detection — v2 init pre-fills the wizard from installed dependencies (stack pack + per-tech answers), with a note showing what was detected; all choices remain overridable.
• Constitution gating — a new multi-tenant SaaS prompt strips Principle 2 ("Multi-Tenant Isolation") from CONSTITUTION.md when the project is not multi-tenant SaaS.
• Vendor skill auto-fetch — consented vendor official skills with a declared source are fetched into .claude/skills/ during install (and on pharn add when applicable); unknown sources degrade to manual install, and fetch failures are non-fatal.

Test plan

• npm test — new/updated coverage for prereqs, detect, constitution, vendor-fetch, multitenant-select, manifest prerequisites, install flow
• Run pharn init on a non-Next project (core-only) — should pass git check and complete without requiring next
• Run pharn init on a Next.js project with Prisma/Supabase in package.json — verify detection note and pre-filled wizard answers
• Choose non-SaaS during init — confirm Principle 2 is absent from generated CONSTITUTION.md
• Init with a vendor skill that has a source (e.g. Supabase) — confirm skill lands in .claude/skills/ and manual/failed vendors are reported gracefully

Made with Cursor

Summary by CodeRabbit

Release Notes

• New Features

  • Multi-tenant SaaS configuration—indicate during init whether your project is multi-tenant; non-multi-tenant projects exclude Principle 2 from Constitution.md
  • Package detection—init now reads your package.json to pre-fill wizard answers and auto-select the appropriate stack pack
  • Vendor skill auto-fetching—vendor skills are now fetched automatically during install when a source is available; manual install is only needed when no source is known

• Bug Fixes

  • Prerequisites validation now applies conditionally based on your selected stack pack instead of being Next.js-specific
  • Fresh project detection now uses git tracked file count instead of file-pattern heuristics

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c8772313-bd2b-4c9e-98df-269c0e4db7dd

📥 Commits

Reviewing files that changed from the base of the PR and between 7f2056b and ab0a654.

📒 Files selected for processing (41)

• docs/commands/add.md
• docs/commands/init.md
• docs/getting-started.md
• docs/reference/pharn-config.md
• docs/roadmap.md
• docs/troubleshooting.md
• src/commands/add.ts
• src/commands/init.ts
• src/lib/constitution.ts
• src/lib/install-modules.ts
• src/lib/installer.ts
• src/lib/manifest.ts
• src/lib/validate.ts
• src/lib/vendor-fetch.ts
• src/lib/wizard.ts
• src/steps/detect.ts
• src/steps/fresh-check.ts
• src/steps/install.ts
• src/steps/multitenant-select.ts
• src/steps/prereqs.ts
• src/steps/summary.ts
• src/steps/vendor-consent.ts
• src/types.ts
• tests/add.test.ts
• tests/constitution.test.ts
• tests/detect.test.ts
• tests/fresh-check.test.ts
• tests/init-v2.test.ts
• tests/init.test.ts
• tests/install-modules.test.ts
• tests/install.test.ts
• tests/installer.test.ts
• tests/manifest-v2.test.ts
• tests/manifest.test.ts
• tests/multitenant-select.test.ts
• tests/prereqs.test.ts
• tests/summary.test.ts
• tests/vendor-consent.test.ts
• tests/vendor-fetch.test.ts
• tests/wizard-fixture.ts
• tests/wizard.test.ts

---

📝 Walkthrough

Walkthrough

Adds multi-tenant SaaS support (isMultiTenant flag, Principle 2 stripping from CONSTITUTION.md), replaces the Next.js-specific prerequisite gate with a manifest-driven universal prereq system, implements automatic vendor-skill fetching via degit, adds wizard package detection and pre-fill from package.json, and updates the fresh-check heuristic from custom-file counting to git ls-files tracked-file threshold.

Changes

Multi-tenant init, manifest-driven prerequisites, auto vendor fetching, and wizard detection

Layer / File(s)	Summary
Type contracts, validation regexes, and manifest parsing src/types.ts, src/lib/validate.ts, src/lib/manifest.ts, tests/manifest.test.ts, tests/manifest-v2.test.ts	Introduces ModulePrerequisite, VendorSkill, and updated ManifestModule/WizardOption/WizardConfig/PharnConfig types; adds VENDOR_SOURCE_RE and PACKAGE_NAME_RE validators; extends manifest parsing for module prerequisites and wizard option source/detect fields; adds detectStackPack helper.
Prerequisite gate refactor and fresh-check heuristic src/steps/prereqs.ts, src/steps/fresh-check.ts, tests/prereqs.test.ts, tests/fresh-check.test.ts	Removes Next.js-specific runPrereqs/hasNextDependency; adds runGitPrereq, assertPrerequisites (manifest-driven, aggregates missing reasons), and readProjectPackages. Replaces countCustomFiles with gitTrackedFileCount and TRACKED_FILE_THRESHOLD.
Wizard detection, pre-fill, and vendor-skill collection src/lib/wizard.ts, src/steps/detect.ts, tests/wizard.test.ts, tests/wizard-fixture.ts, tests/detect.test.ts	Adds detectAnswers, describeAnswers, and reworks applyDefaults to overlay detected answers and apply hide rules. Updates collectVendorSkills to return VendorSkill[]. Adds runDetect step that reads package.json and emits pre-fill note.
Multi-tenant constitution stripping and wizard step src/lib/constitution.ts, src/lib/install-modules.ts, src/steps/multitenant-select.ts, tests/constitution.test.ts, tests/multitenant-select.test.ts, tests/install-modules.test.ts	New constitution.ts exports MULTI_TENANT_PRINCIPLE and stripPrinciple (frontmatter + section removal). materializeCore conditionally strips Principle 2 for non-multi-tenant installs. Adds runMultiTenantSelect prompt step.
Vendor skill auto-fetching and consent UI src/lib/vendor-fetch.ts, src/steps/vendor-consent.ts, tests/vendor-fetch.test.ts, tests/vendor-consent.test.ts	New fetchVendorSkills clones sourced skills via degit into .claude/skills/, marks null-source skills as manual, and captures failures non-fatally. Updates runVendorConsent to accept/return VendorSkill[] with per-skill source/manual UI labeling and name-based deduplication.
Installer and install step wiring src/lib/installer.ts, src/steps/install.ts, src/steps/summary.ts, tests/installer.test.ts, tests/install.test.ts	fetchAndInstall gains isMultiTenant forwarded to materializeCore. runInstall adds post-install vendor-skill fetch phase (non-fatal), persists isMultiTenant and vendor skill names to pharn.config.json, extends outro. runSummary adds Multi-tenant SaaS row and per-skill auto/manual labels.
Init and Add command orchestration src/commands/init.ts, src/commands/add.ts, tests/init.test.ts, tests/init-v2.test.ts, tests/add.test.ts	runInit wires runGitPrereq at startup, runDetect for pre-fill, runMultiTenantSelect in v2 and legacy flows, and assertPrerequisites on install confirm. runAdd resolves transitive modules early and calls assertPrerequisites before fetch.
Documentation updates docs/commands/add.md, docs/commands/init.md, docs/getting-started.md, docs/reference/pharn-config.md, docs/roadmap.md, docs/troubleshooting.md	Updates all user-facing docs to reflect manifest-driven prerequisites, isMultiTenant config field, vendor skill auto-fetching (shipped in v0.2), wizard detection pre-fill, multi-tenant wizard step, and git-based fresh-check threshold.

Sequence Diagrams

sequenceDiagram
  participant User
  participant runInit
  participant runGitPrereq
  participant runDetect
  participant runMultiTenantSelect
  participant assertPrerequisites
  participant fetchAndInstall
  participant fetchVendorSkills
  participant materializeCore

  User->>runInit: pharn init
  runInit->>runGitPrereq: check .git
  runGitPrereq-->>runInit: ok or exit(1)
  runInit->>runDetect: read package.json, pre-fill wizard
  runDetect-->>runInit: detectedAnswers, detectedStackPack
  Note over runInit: wizard runs (stack pack, tech choices, vendor consent)
  runInit->>runMultiTenantSelect: prompt isMultiTenant (default: true)
  runMultiTenantSelect-->>runInit: boolean
  Note over runInit: user confirms install
  runInit->>assertPrerequisites: resolved modules
  assertPrerequisites-->>runInit: ok or exit(1) with reasons
  runInit->>fetchAndInstall: isMultiTenant, constitution, wizardSkills
  fetchAndInstall->>materializeCore: isMultiTenant flag
  materializeCore-->>fetchAndInstall: CONSTITUTION.md (Principle 2 stripped when !isMultiTenant)
  fetchAndInstall-->>runInit: InstallResult
  runInit->>fetchVendorSkills: claudeDir, VendorSkill[]
  fetchVendorSkills-->>runInit: VendorFetchResult (non-fatal)
  runInit-->>User: outro with fetched skill count

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~75 minutes

Poem

🐇 Hop hop, the wizard now sniffs your deps,
Multi-tenant? It strips Principle 2 in steps.
Prereqs are manifest-driven, no more Next.js gate,
Vendor skills auto-cloned — no longer "coming late"!
Git ls-files counts the tracks in the repo so true,
All wired and tested — a fine v0.2! 🥕

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch make-pharn-agnostic

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}