Add Claude Code automations for developer workflow

[jeanfbrito]

Summary

Adds project-level Claude Code configuration with hooks, skills, agents, and shared MCP server config. These automations improve developer workflow when using Claude Code on this repository.

What's Added

Hooks (.claude/hooks/)

Hooks run automatically during Claude Code sessions:

• auto-format.sh — Runs Prettier on every file after Edit/Write operations, keeping formatting consistent without manual intervention
• block-sensitive-files.sh — Blocks edits to yarn.lock, package-lock.json, and .env files, preventing accidental modifications to lock files and secrets
• typecheck.sh — Runs tsc --noEmit asynchronously after TypeScript file edits, catching type errors immediately instead of at lint time

Skills (.claude/skills/)

Skills are reusable workflows invoked with /skill-name:

• /electron-build — Builds and tests the Electron app using git worktrees for isolation. Encapsulates the full workflow: worktree creation, yarn install, lint, test, build, platform packaging, and cleanup. Includes workspace build with dist/dist cleanup
• /release-notes — Generates categorized release notes from git commit history between tags. Parses conventional commit prefixes (feat:, fix:, etc.) into categories and detects alpha/beta/stable version context
• /i18n-audit — Audits translation completeness across all 22 language files against the English reference. Reports missing keys, extra keys, and coverage percentage per language
• /new-ipc-channel — Scaffolds a new IPC channel across channels.ts, the correct domain main.ts, and renderer.ts with proper TypeScript types. References the existing 71-channel pattern

Agents (.claude/agents/)

Agents are specialized reviewers that Claude can use during development:

• cross-platform-validator — Reviews code for Windows/macOS/Linux compatibility issues: Linux-only APIs without defensive coding (process.getuid?.() ?? 1000), hardcoded path separators, platform-specific Electron APIs, and native module dependencies
• test-coverage-gap — Analyzes test coverage per module, prioritizes untested areas by risk level (critical: notifications, Outlook Calendar, servers; high: IPC, updates; medium: UI components)
• i18n-validator — Validates translation key consistency when i18n files are modified. Checks for missing keys, extra/outdated keys, structural mismatches, and missing interpolation variables

MCP Config (.mcp.json)

• context7 — Shared MCP server for library documentation lookup (Electron, React, Redux, etc.). Team members using Claude Code get this automatically

Project Settings (.claude/settings.json)

• Configures all hooks above as project-level defaults (applies to all team members using Claude Code)
• settings.local.json remains personal/unshared

Test plan

• Start a new Claude Code session in the repo and verify hooks activate
• Edit a .ts file and confirm Prettier auto-formats it
• Attempt to edit yarn.lock and confirm it's blocked
• Run /i18n-audit and verify it produces a coverage report
• Run /release-notes and verify it generates categorized notes

Summary by CodeRabbit

• New Features

  • Added support for insecure HTTPS connections in Outlook Calendar integration, enabling users to work around SSL certificate validation issues.

• Improvements

  • Upgraded Bugsnag error tracking to v8.8.1 with enhanced session management.

• Chores

  • Implemented development tooling enhancements including automated code formatting, type checking, and sensitive file protection.

[coderabbitai]

Walkthrough

The PR introduces Claude automation infrastructure with agent validators and development skills, adds development hooks for file validation and auto-formatting, configures an MCP server, upgrades dependencies with Bugsnag patches, enhances error reporting with integration tests, and implements an insecure Outlook connections feature across the state management and HTTP client layers.

Changes

Cohort / File(s)	Summary
Claude Agent Validators .claude/agents/cross-platform-validator.md, .claude/agents/i18n-validator.md, .claude/agents/test-coverage-gap.md	New documentation defining validation agents for cross-platform compatibility checks, translation file consistency, and test coverage gaps.
Claude Development Skills .claude/skills/electron-build/SKILL.md, .claude/skills/i18n-audit/SKILL.md, .claude/skills/new-ipc-channel/SKILL.md, .claude/skills/release-notes/SKILL.md	New documentation defining reusable skills for Electron builds, i18n audits, IPC channel scaffolding, and release notes generation.
Claude Development Hooks .claude/hooks/auto-format.sh, .claude/hooks/block-sensitive-files.sh, .claude/hooks/typecheck.sh, .claude/settings.json	New shell scripts for auto-formatting files with Prettier, blocking edits to sensitive files (lock files, env files), and TypeScript type-checking, integrated via hook configuration in settings.
MCP Server Configuration .mcp.json	New configuration file defining context7 MCP server endpoint.
Dependencies package.json	Version bump to 4.12.1-alpha.2; Bugsnag upgrade from ~7.22.3 to ~8.8.1; adds Yarn patch for @ewsjs/xhr; introduces nock (~14.0.0) for HTTP mocking in tests.
Bugsnag Error Tracking src/errors.ts, src/errors/main.spec.ts	Disables automatic session tracking in Bugsnag configuration; adds comprehensive integration test suite for batching behavior, opt-in toggling, and network isolation using nock mocking.
Insecure Outlook Connections Feature src/app/actions.ts, src/app/main/data.ts, src/outlookCalendar/getOutlookEvents.ts, src/outlookCalendar/ipc.ts, src/outlookCalendar/reducers/allowInsecureOutlookConnections.ts, src/store/rootReducer.ts	Introduces allowInsecureOutlookConnections setting to bypass SSL certificate validation. Includes new Redux reducer, state integration via APP_SETTINGS_LOADED, HTTP agent creation helper, and parameter threading through sync/event handlers.

Sequence Diagram

sequenceDiagram
    participant UI as UI/Handler
    participant Store as Redux Store
    participant Reducer as Reducer
    participant Sync as syncEventsWithRocketChatServer
    participant Agent as createInsecureHttpsAgent
    participant HTTP as Axios/HTTPS Client

    UI->>Store: Dispatch APP_SETTINGS_LOADED<br/>(allowInsecureOutlookConnections)
    Store->>Reducer: Action + Payload
    Reducer->>Store: Update state.allowInsecureOutlookConnections
    
    UI->>Sync: Call with allowInsecure flag
    Sync->>Agent: allowInsecure = true?
    alt Insecure Mode
        Agent->>Agent: Create Agent<br/>(rejectUnauthorized: false)
        Agent->>HTTP: Return httpsAgent
    else Secure Mode
        HTTP->>HTTP: Use default HTTPS
    end
    
    Sync->>HTTP: listEventsFromRocketChatServer<br/>(httpsAgent)
    Sync->>HTTP: createEventOnRocketChatServer<br/>(httpsAgent)
    HTTP-->>UI: Response

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 Hops of joy for features new,
Hooks and skills and docs so true,
Outlook connections, insecure or not,
Redux state maintains the plot,
Tests by nock ensure it's right,
Bugsnag batches through the night!

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 12.50% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add Claude Code automations for developer workflow' directly summarizes the main change: introducing Claude Code configuration (hooks, skills, agents, and MCP) to streamline development tasks.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch claude-improvement

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

In general, the fix is to stop disabling certificate validation. Instead of creating an https.Agent with rejectUnauthorized: false, rely on the default behavior (rejectUnauthorized: true) or, if you must connect to servers with self‑signed or private CA certificates, configure trust properly by providing a custom CA or using the platform’s trust store.

The best targeted fix here is to change createInsecureHttpsAgent so it no longer disables certificate validation. We can keep the function (to avoid changing all call sites) but have it return a standard, secure agent. That preserves existing functionality as much as possible while restoring certificate checks. Since we are constrained to the shown snippet and existing imports, we will:

• Update createInsecureHttpsAgent to call new https.Agent() with no options, letting Node’s defaults enforce certificate validation.
• Leave the rest of the logic in listEventsFromRocketChatServer untouched; it will still accept an optional httpsAgent, but that agent will now be secure if created via this helper.

Only src/outlookCalendar/ipc.ts needs modification, and only lines 70–76 in the provided region.