dev-hooks - Claude Code Plugin | ClaudePluginHub

Stats

Actions

Available In

Tags

dev-hooks - Claude Code Plugin | ClaudePluginHub

dev-hooks

A Claude Code plugin bundling fifteen polyglot, project-agnostic dev-workflow hooks plus a set of thinking-tool skills. Each hook script detects the project's own toolchain (Ruby/Rails, JavaScript/TypeScript, Python) — there is nothing to configure.

What's included

Event	Script	Purpose
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`lint-on-edit.sh`	Auto-fix/format the file Claude just wrote using the linter this project configures (RuboCop/Standard, erb_lint, Biome/Prettier/ESLint, Ruff/Black). Safe fixes only, never blocks.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`latest-deps-reminder.sh`	When Claude writes a dependency manifest (`requirements.txt`, `package.json`, `Gemfile`, `pyproject.toml`, …) or hand-writes a lockfile, remind it to verify the versions are current (training data goes stale) with the right lookup command per ecosystem, or to regenerate lockfiles via the package manager. On manifest edits it also nudges Claude to keep the README/CLAUDE.md key-package versions in sync (creating those docs if missing). Advisory only, never blocks; fires once per session per ecosystem.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`dockerfile-reminder.sh`	When Claude writes a `Dockerfile`/`Containerfile`, run hadolint on it and feed the findings (or a clean pass) back to Claude, plus a layer-ordering nudge that points at the `dockerfile` skill. If hadolint isn't installed, falls back to a once-per-session ordering/gotchas reminder. Advisory only — reports every time, never blocks.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`secret-plaintext-reminder.sh`	When Claude writes what looks like a plaintext secret value (a named `API_KEY`/`SECRET`/`TOKEN`/`PASSWORD` assignment to a real literal, a private-key block, or an AWS key id), nudge it to migrate to fnox via the `env-to-fnox` skill instead of committing the value. Fires at write time (before `gitleaks` would at commit). Env-var refs and obvious placeholders are ignored. Advisory only, never blocks; fires once per session.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`popover-reminder.sh`	When Claude writes popover/tooltip/dropdown/menu UI (a frontend file — the shared extension list, see `inline-svg-reminder.sh` notes — that has a popover/tooltip/dropdown controller filename, `role="tooltip"`/the `popover` attribute, an `@floating-ui`/`popper`/`tippy` import, a `data-controller` naming one, or a tooltip/popover/dropdown class/data-attribute), nudge it to use a collision-aware positioner (flip + shift) rendered in the top layer/a portal instead of hand-rolled `top`/`left` math, and point at the `popovers-tooltips` skill. Advisory only, never blocks; fires once per session. Opt out with `DEV_HOOKS_POPOVER=false`.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`ci-action-ref-reminder.sh`	When Claude writes/edits a GitHub Actions workflow (a `.yml`/`.yaml` pinning `uses: owner/repo@ref`), nudge it to verify every ref actually resolves on the remote before finishing — an action can ship release tags (`v8.0.0`) without floating a `@v8` major, so a wrong pin passes locally but breaks CI at "Prepare all required actions". Points Claude at the bundled `check_action_refs.sh` (which does the `git ls-remote` check); the hook itself never hits the network. Advisory only, never blocks; fires once per session per file.
`PostToolUse` (`Write`\|`Edit`\|`MultiEdit`)	`inline-svg-reminder.sh`	When Claude hand-writes inline SVG into a frontend file (an `<svg>` blob with real drawing content — `<path>`/`<circle>`/`<rect>`/… or long `d="M…"` path data — or a `data:image/svg+xml` URI), feed a correction back (exit 2, every occurrence): use the project's icon library (named from `package.json`/`Gemfile` when found), else extract to a dedicated `.svg` file/sprite and reference it. Good patterns stay silent: `<use href>` sprite refs, writing `.svg` files, `<img src="x.svg">`, markdown, test files, data-driven chart markup (`<rect x={…}>`), and pre-existing SVG (Writes deduped against `HEAD`, Edits against `old_string`). Opt out with `DEV_HOOKS_SVG_INLINE=false`.
`Stop`	`verify-work.sh`	On stop, detect changed code files and run the project's linters/tests (RuboCop, Minitest/RSpec, Ruff/pytest, ESLint/JS tests). Feeds failures back to Claude (exit 2) so it fixes them before finishing.
`Stop`	`debug-leftover-reminder.sh`	On stop, flag debug statements Claude newly introduced this session (`console.log`/`debugger`, `binding.pry`/`byebug`/Ruby `p`, `breakpoint()`/`pdb`) — diffed against `HEAD` so pre-existing lines are ignored — and feed them back (exit 2) to strip before finishing. Test files excluded. Fires at most once per session.