{"id":49758084,"url":"https://github.com/vixygrey/vixygrey-dev-setup","last_synced_at":"2026-05-11T00:15:55.401Z","repository":{"id":350490510,"uuid":"1202810412","full_name":"vixygrey/vixygrey-dev-setup","owner":"vixygrey","description":"A single macOS setup script that installs 220+ dev tools and writes 60+ config files. Safe, idempotent, resumable.","archived":false,"fork":false,"pushed_at":"2026-05-10T14:57:25.000Z","size":1175,"stargazers_count":0,"open_issues_count":4,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-10T16:09:20.666Z","etag":null,"topics":["automation","bash","brewfile","claude-code","cli","dev-environment","developer-tools","devops","dotfiles","dracula-theme","homebrew","mac","macos","setup-script","zsh"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vixygrey.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-06T12:28:46.000Z","updated_at":"2026-05-10T14:21:07.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/vixygrey/vixygrey-dev-setup","commit_stats":null,"previous_names":["vixygrey/vixygrey-dev-setup"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/vixygrey/vixygrey-dev-setup","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vixygrey%2Fvixygrey-dev-setup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vixygrey%2Fvixygrey-dev-setup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vixygrey%2Fvixygrey-dev-setup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vixygrey%2Fvixygrey-dev-setup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vixygrey","download_url":"https://codeload.github.com/vixygrey/vixygrey-dev-setup/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vixygrey%2Fvixygrey-dev-setup/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32876083,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-10T13:40:02.631Z","status":"ssl_error","status_checked_at":"2026-05-10T13:40:02.145Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","bash","brewfile","claude-code","cli","dev-environment","developer-tools","devops","dotfiles","dracula-theme","homebrew","mac","macos","setup-script","zsh"],"created_at":"2026-05-11T00:15:51.131Z","updated_at":"2026-05-11T00:15:54.897Z","avatar_url":"https://github.com/vixygrey.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VixyGrey's Development Environment Setup\n\n[![Lint](https://github.com/vixygrey/vixygrey-dev-setup/actions/workflows/lint.yml/badge.svg)](https://github.com/vixygrey/vixygrey-dev-setup/actions/workflows/lint.yml)\n[![Release](https://github.com/vixygrey/vixygrey-dev-setup/actions/workflows/release.yml/badge.svg)](https://github.com/vixygrey/vixygrey-dev-setup/actions/workflows/release.yml)\n[![GitHub release](https://img.shields.io/github/v/release/vixygrey/vixygrey-dev-setup?display_name=tag\u0026sort=semver)](https://github.com/vixygrey/vixygrey-dev-setup/releases/latest)\n[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)\n![macOS](https://img.shields.io/badge/macOS-supported-brightgreen)\n![ShellCheck](https://img.shields.io/badge/ShellCheck-passing-brightgreen)\n![Tools](https://img.shields.io/badge/tools-220%2B-purple)\n![Configs](https://img.shields.io/badge/configs-60%2B-purple)\n\nA single setup script that installs and configures **220+ tools** with **60+ config files** for development, GitHub, AWS/CDK, IaC, DX, UI/UX, security, backup, and daily productivity on macOS. Safe to re-run -- it skips anything already installed.\n\n| Script | Package Manager |\n|--------|-----------------|\n| `scripts/setup-dev-tools-mac.sh` | Homebrew |\n\n## Documentation\n\n- [Guide](docs/GUIDE.md) -- daily workflow, tool usage, and setup walkthrough\n- [Shortcuts](docs/SHORTCUTS.md) -- keyboard shortcuts and shell aliases reference\n\n## Quick Start\n\n```bash\nchmod +x scripts/setup-dev-tools-mac.sh\n./scripts/setup-dev-tools-mac.sh\n```\n\n## CLI Options\n\n```bash\n./scripts/setup-dev-tools-mac.sh --help              # Show all options\n./scripts/setup-dev-tools-mac.sh --dry-run           # Preview changes without installing\n./scripts/setup-dev-tools-mac.sh --list              # List all tools that would be installed\n./scripts/setup-dev-tools-mac.sh --resume            # Continue from where a previous run left off\n./scripts/setup-dev-tools-mac.sh --uninstall         # Show commands to remove everything (no changes made)\n./scripts/setup-dev-tools-mac.sh --cleanup           # Remove tools from previous versions no longer in script\n./scripts/setup-dev-tools-mac.sh --list-categories   # List all available categories\n./scripts/setup-dev-tools-mac.sh --skip mac-media,mac-cloud  # Skip specific categories\n./scripts/setup-dev-tools-mac.sh --only core,git,aws,dx      # Only install specific categories\n./scripts/setup-dev-tools-mac.sh --version           # Show script version\n```\n\n\u003e macOS-only categories use the `mac-*` prefix (e.g., `--skip mac-bloat`).\n\n## What It Does\n\n1. **Pre-flight checks** -- verifies macOS version, disk space, internet, admin privileges\n2. Installs all tools via Homebrew, Cask, npm, and Mac App Store with **progress tracking**\n3. Configures every tool with sensible defaults\n4. Applies the **Dracula** theme everywhere\n5. Sets macOS system defaults (Dock, keyboard, Finder, screenshots, wallpaper, screensaver, etc.)\n6. Configures Finder sidebar with custom favorites via **LSSharedFileList** API\n7. Sets the Dock to auto-hide and installs `dockutil` so you can curate pins yourself (no automatic pin list — see GUIDE.md for examples)\n8. Optionally **removes pre-installed Apple bloat** (GarageBand, News, Stocks, etc.)\n9. Auto-writes `~/.zshrc` with a managed block (preserves your customizations)\n10. Exports a `Brewfile` snapshot (with descriptions) for reproducibility\n11. **Post-install verification** -- verifies critical tools work\n12. Runs `brew cleanup` and `brew doctor`\n13. **Logs everything** to `~/.local/share/dev-setup/` for debugging\n14. Reports final summary with install/skip/fail counts and duration\n\n## Features\n\n| Feature | Description |\n|---------|-------------|\n| **Idempotent** | Safe to re-run -- skips anything already installed |\n| **Dry run** | Preview all changes with `--dry-run` |\n| **Resume** | Continue after a failure with `--resume` -- skips previously completed items |\n| **Uninstall guide** | Show removal commands with `--uninstall` (no destructive actions taken) |\n| **Cleanup** | Remove tools from previous versions with `--cleanup` (auto-detects deprecated tools) |\n| **Lockfile** | Prevents concurrent runs via atomic directory-based lock |\n| **Category filtering** | Install only what you need with `--only` / `--skip` (validates category names) |\n| **List tools** | See everything that would be installed with `--list` |\n| **Progress bar** | Visual progress counter with dynamic total (capped at 100%) |\n| **Fast installs** | `HOMEBREW_NO_AUTO_UPDATE` set after initial update for faster installs |\n| **Error resilient** | Continues on failure, reports all failures at the end with separate error log |\n| **Pre-flight checks** | Validates internet, disk space, Homebrew health, and admin privileges upfront |\n| **Logging** | Full log file for debugging failed installs |\n| **Verification** | Post-install check that critical tools actually work |\n| **Timing** | Shows total duration at the end |\n\n---\n\n## Prerequisites (auto-installed)\n\n| Tool | Description |\n|------|-------------|\n| **Xcode CLI Tools** | Compilers, git, headers -- required before everything else |\n| **Homebrew** | macOS package manager |\n| **coreutils** | GNU core utilities -- drop-in replacements for macOS' BSD versions |\n| **gnu-sed** | GNU sed -- GNU-flavored regex and flags |\n| **gnu-tar** | GNU tar -- GNU-flavored flags |\n| **gawk** | GNU awk -- full-featured awk replacement |\n| **findutils** | GNU find and xargs |\n\n---\n\n## Core Development\n\n| Tool | Description |\n|------|-------------|\n| **mise** | Universal version manager -- Node, Python, Go, Ruby all in one tool |\n| **Node.js LTS** | JavaScript runtime (latest Long Term Support version, installed via mise) |\n| **Go** | Go programming language |\n| **Python 3.12** | Python runtime (installed via mise) |\n| **uv** | Fast Python package manager -- 10-100x faster than pip |\n| **Rust** | Rust toolchain via rustup (rustc, cargo, etc.) |\n| **bun** | Fast JS runtime, bundler, and test runner |\n| **pnpm** | Fast, disk-efficient npm alternative |\n| **jq** | Lightweight command-line JSON processor |\n| **direnv** | Per-directory environment variables (auto-loads `.envrc`) |\n| **watchman** | File watching service (used by React Native, Jest, etc.) |\n| **cmake** | Cross-platform build system generator |\n| **pkg-config** | Helper tool for compiling libraries |\n| **OrbStack** | Fast container runtime -- 2-5x less memory than Docker Desktop, native macOS feel |\n\n---\n\n## Git \u0026 GitHub\n\n| Tool | Description |\n|------|-------------|\n| **git** | Distributed version control |\n| **gh** | GitHub CLI -- PRs, issues, Actions from the terminal |\n| **delta** | Beautiful git diffs with syntax highlighting and side-by-side view |\n| **git-lfs** | Git Large File Storage for binary assets |\n| **gpg** | GNU Privacy Guard for commit signing and encryption |\n| **pinentry-mac** | macOS keychain integration for GPG passphrases |\n| **lazygit** | Terminal UI for git -- visualize branches, stage hunks interactively |\n| **git-absorb** | Auto-fixup commits -- automatically amends the right commit |\n| **git-cliff** | Generate changelogs from conventional commits |\n| **pre-commit** | Git hook framework -- run linters/formatters before each commit |\n\n---\n\n## AWS \u0026 CDK\n\n| Tool | Description |\n|------|-------------|\n| **aws-cli v2** | Official AWS command-line interface |\n| **aws-cdk** | AWS Cloud Development Kit -- infrastructure as TypeScript/Python code |\n| **cdk-nag** | CDK rule packs for security and best-practice compliance |\n| **aws-sam-cli** | AWS Serverless Application Model -- local Lambda testing |\n| **cfn-lint** | CloudFormation template linter |\n| **session-manager-plugin** | SSH-less access to EC2 instances via AWS SSM |\n| **granted** | Fast multi-account AWS SSO credential switching |\n\n---\n\n## Infrastructure as Code (IaC)\n\n| Tool | Description |\n|------|-------------|\n| **OpenTofu** | Open-source Terraform alternative -- multi-cloud infrastructure as code |\n| **tflint** | Terraform/OpenTofu linter -- catches errors before apply |\n| **terraform-docs** | Auto-generate module README sections from variables and outputs |\n| **checkov** | IaC static analysis -- Terraform, CloudFormation, Kubernetes, Dockerfile |\n| **infracost** | Cost estimation for Terraform changes before apply |\n| _tfsec_ | _Folded into `trivy config` -- not installed separately_ |\n\n---\n\n## Security \u0026 Secrets\n\n| Tool | Description |\n|------|-------------|\n| **detect-secrets** | Yelp's pre-commit hook for catching secrets before they're committed |\n| **gitleaks** | Fast git secret scanning -- great for CI and pre-commit hooks |\n| **age** | Modern, simple file encryption (replaces GPG for file encryption) |\n| **sops** | Encrypt secrets in YAML/JSON files -- integrates with AWS KMS |\n| **trivy** | Vulnerability scanner for containers, filesystems, and IaC |\n| **semgrep** | Static analysis tool -- finds bugs and security issues in code |\n| **cosign** | Sign and verify container images and artifacts |\n| **snyk** | Dependency vulnerability scanning for npm, pip, Go, etc. |\n| **mkcert** | Create locally-trusted HTTPS certificates for development |\n| **ssh-audit** | Audit SSH server and client configuration for security |\n| **clamav** | Open-source antivirus engine -- on-demand malware scanning |\n\n---\n\n## Modern Tool Replacements\n\nFaster, prettier, smarter replacements for standard Unix utilities.\n\n| Replaces | Tool | Description |\n|----------|------|-------------|\n| `ls` | **eza** | File listing with icons, git status, tree view, colors |\n| `cat` | **bat** | Syntax highlighting, line numbers, git integration |\n| `find` | **fd** | Simpler syntax, faster, respects `.gitignore` |\n| `grep` | **ripgrep** | 10x faster search, `.gitignore`-aware, Unicode support |\n| `cd` | **zoxide** | Learns your most-used directories, fuzzy jump |\n| `diff` | **delta** | Syntax-highlighted diffs with side-by-side view |\n| `diff` (code) | **difftastic** | Structural diff that understands code syntax |\n| `man` | **tldr** | Community-driven simplified man pages with examples |\n| `top` | **btop** | Modern resource monitor with graphs and mouse support |\n| `sed` | **sd** | Intuitive find and replace with simpler regex syntax |\n| `cut`/`awk` | **choose** | Simple column selection with negative indexing |\n| `du` | **dust** | Visual disk usage tree with bar charts |\n| `df` | **duf** | Colorful disk usage table with smart formatting |\n| `ps` | **procs** | Sortable process list with tree view, Docker-aware |\n| `ping` | **gping** | Real-time latency graph for multiple hosts |\n| `curl` | **xh** | Colorized HTTP client with JSON shortcuts |\n| `curl` | **curlie** | curl with httpie-like output formatting |\n| `dig` | **doggo** | Colorized DNS lookup with DoH/DoT support |\n| `wc` (code) | **tokei** | Count lines of code by language with statistics |\n| `watch` | **viddy** | Modern watch with diff highlighting and history |\n| `hexdump` | **hexyl** | Colorized hex viewer with ASCII sidebar |\n| `curl`/`wget` | **aria2** | Multi-connection parallel downloads, 3-10x faster, BitTorrent |\n| `tar`/`unzip`/`7z` | **ouch** | Universal archive tool -- auto-detects format from extension |\n| `rm` | **trash** | Moves files to macOS Trash instead of permanent delete |\n| `rsync` | **rsync** (latest) | Updated rsync with better progress and Apple metadata |\n| `tree` | **tree** | Directory listing in tree format |\n| `make` | **just** | Modern task runner -- simpler syntax, no tab weirdness |\n| file manager | **yazi** | Terminal file manager with image preview, vim keys, bulk ops |\n| `jq` (interactive) | **fx** | Interactive JSON viewer/processor for exploring large JSON |\n| `jq` (interactive) | **jnv** | Interactive JSON navigator with jq filtering |\n| `LS_COLORS` | **vivid** | LS_COLORS generator -- colorize file listings by type (Dracula themed) |\n\n---\n\n## Data \u0026 File Processing\n\n| Tool | Description |\n|------|-------------|\n| **yq** | jq for YAML -- parse and manipulate YAML files (essential for k8s/CDK) |\n| **miller (mlr)** | awk/sed/jq for CSV, JSON, and tabular data |\n| **csvkit** | Suite of CSV tools -- csvcut, csvgrep, csvstat, csvlook |\n| **pandoc** | Universal document converter -- Markdown to PDF, DOCX, HTML, etc. |\n| **imagemagick** | Image manipulation CLI -- resize, convert, composite, watermark |\n| **ffmpeg** | Video/audio processing swiss army knife |\n| **yt-dlp** | Video/audio downloader for YouTube and hundreds of other sites |\n\n---\n\n## Code Quality\n\n| Tool | Description |\n|------|-------------|\n| **shellcheck** | Shell script linter -- catches bugs and bad practices |\n| **shfmt** | Shell script formatter -- consistent style for bash/zsh scripts |\n| **act** | Run GitHub Actions locally before pushing |\n| **hadolint** | Dockerfile linter -- catches bad practices and security issues |\n| **typos** | Source code spell checker -- fast, low false positives |\n| **ast-grep** | Structural code search/replace using AST -- like semgrep but interactive |\n| **ruff** | Extremely fast Python linter and formatter -- replaces flake8+black+isort |\n| **npkill** | Find and delete node_modules folders to reclaim disk space |\n| **commitizen** | Interactive conventional commit message generator |\n| **commitlint** | Enforce conventional commit message format |\n| **ni** | Universal package runner -- auto-detects npm/yarn/pnpm/bun |\n\n---\n\n## Performance \u0026 Load Testing\n\n| Tool | Description |\n|------|-------------|\n| **hyperfine** | Command-line benchmarking tool -- compare execution times |\n| **oha** | HTTP load testing tool written in Rust -- fast and simple |\n| **hurl** | Run HTTP requests from plain text files -- curl meets test runner |\n\n---\n\n## Dev Servers \u0026 Tunnels\n\n| Tool | Description |\n|------|-------------|\n| **ngrok** | Expose localhost to the internet for webhooks and demos |\n| **miniserve** | Instant file server from any directory -- one command |\n| **caddy** | Modern web server with automatic HTTPS |\n\n---\n\n## Terminal Productivity\n\n| Tool | Description |\n|------|-------------|\n| **glow** | Render Markdown beautifully in the terminal |\n| **watchexec** | Run commands on file changes -- supports globs, debouncing, process groups |\n| **pv** | Pipe viewer -- add progress bars to any piped command |\n| **parallel** | GNU parallel -- run commands in parallel across multiple cores |\n| **asciinema** | Record and share terminal sessions as text (not video) |\n| **gum** | Shell script UI toolkit -- pretty prompts, spinners, confirmations |\n| **nushell** | Structured data shell -- pipelines output tables, not strings |\n| **topgrade** | Update everything at once -- brew, npm, pip, macOS, all in one command |\n| **fastfetch** | Quick system info display -- faster neofetch replacement |\n| **nano** (latest) | Upgraded nano with syntax highlighting |\n| **lnav** | Advanced log file viewer -- auto-format, SQL queries on logs |\n\n---\n\n## Kubernetes \u0026 GitHub Extras\n\n| Tool | Description |\n|------|-------------|\n| **stern** | Multi-pod log tailing for Kubernetes |\n| **gh-dash** | GitHub dashboard in the terminal -- PRs, issues, notifications |\n\n---\n\n## Database \u0026 Data\n\n| Tool | Description |\n|------|-------------|\n| **pgcli** | Auto-completing PostgreSQL CLI with syntax highlighting |\n| **mycli** | Auto-completing MySQL CLI with syntax highlighting |\n| **lazysql** | TUI for databases -- interactive SQL queries in terminal |\n| **harlequin** | Terminal SQL IDE -- multi-tab, autocomplete, DuckDB/Postgres/MySQL/S3 |\n| **usql** | Universal SQL CLI -- connects to Postgres, MySQL, SQLite, and more |\n| **sq** | jq for databases -- query SQLite, Postgres, CSV from one tool |\n| **dbmate** | Lightweight, framework-agnostic database migration tool |\n| **TablePlus** | Native macOS database GUI -- fast, clean, supports 20+ databases |\n\n---\n\n## Containers \u0026 Orchestration\n\n| Tool | Description |\n|------|-------------|\n| **lazydocker** | Terminal UI for Docker -- manage containers, images, volumes |\n| **dive** | Explore Docker image layers -- find what's taking up space |\n| **kubectl** | Kubernetes CLI for managing clusters |\n| **k9s** | Terminal UI for Kubernetes -- navigate clusters with keyboard |\n\n---\n\n## API Development\n\n| Tool | Description |\n|------|-------------|\n| **Postman** | Industry-standard API client -- collections, environments, scripting |\n| **grpcurl** | curl for gRPC services |\n\n---\n\n## Networking \u0026 Debugging\n\n| Tool | Description |\n|------|-------------|\n| **mtr** | Combines ping and traceroute into a single diagnostic tool |\n| **bandwhich** | Real-time bandwidth usage by process, connection, and host |\n| **nmap** | Network scanner -- discover hosts and services |\n| **trippy** | Modern traceroute TUI with real-time charts and hop statistics |\n\n---\n\n## Developer Experience\n\n| Tool | Description |\n|------|-------------|\n| **fzf** | Fuzzy finder -- search files, history, branches interactively |\n| **starship** | Cross-shell prompt with git status, language versions, and more |\n| **zsh-autosuggestions** | Fish-like inline suggestions as you type |\n| **zsh-syntax-highlighting** | Command coloring in the terminal -- red for errors |\n| **atuin** | Replaces shell history with SQLite-backed, fuzzy-searchable database |\n| **mise** | Universal version manager -- Node, Python, Go, Ruby all in one (replaces nvm + pyenv + rbenv) |\n| **Kiro** | Primary code editor and IDE — VS Code fork with built-in Claude agent (specs, steering, hooks, MCP) |\n| **Claude Code** | AI-assisted coding in the terminal (Anthropic, agentic) |\n| **GitHub Copilot CLI** | AI suggestions in the terminal (via `gh copilot suggest`) |\n| **aider** | Terminal AI pair programmer -- git-aware edit loops, complementary to Claude Code |\n| **llm** | Simon Willison's CLI -- one-shot prompts, plugin ecosystem, SQLite logging, embeddings |\n| **repomix** | Pack a repo into a single LLM-friendly file with token counts -- great for bootstrapping any agent |\n| **chezmoi** | Dotfile manager -- backup and restore configs across machines |\n| **mitmproxy** | Free HTTP debugging proxy -- inspect and modify API calls from any app |\n| **Ghostty** | Fast GPU-accelerated terminal -- daily driver, native macOS feel |\n| **zellij** | Modern terminal multiplexer -- discoverable UI, layouts, Rust-based |\n| **Raycast** | Spotlight replacement with extensions, snippets, and workflows |\n| **TypeScript** | Typed JavaScript -- installed globally for scripts and tooling |\n| **tsx** | Run TypeScript files directly without a build step |\n| **Turborepo** | High-performance monorepo build system |\n\n---\n\n## UX \u0026 Design\n\n| Tool | Description |\n|------|-------------|\n| **Lighthouse** | Web performance, accessibility, and SEO auditing CLI |\n\n---\n\n## Documentation \u0026 Diagrams\n\n| Tool | Description |\n|------|-------------|\n| **d2** | Code-to-diagram scripting language -- declarative diagrams as code |\n| **Mermaid CLI** | Render Mermaid diagrams (flowcharts, sequences, ERDs) from CLI |\n\n---\n\n## Fonts\n\n| Font | Description |\n|------|-------------|\n| **JetBrains Mono** | Primary development font with ligatures |\n| **JetBrains Mono Nerd Font** | JetBrains Mono with patched icons for terminal tools |\n| **MesloLGS Nerd Font** | Classic terminal font with icons for starship/eza |\n| **Fira Code** | Popular ligature font -- alternative to JetBrains Mono |\n| **Fira Code Nerd Font** | Fira Code with patched icons |\n| **Inter** | Best UI font for web and design work |\n| **Hack Nerd Font** | Clean monospace font with icons |\n\n---\n\n## Quick Look Plugins\n\nPreview files in Finder by pressing spacebar.\n\n| Plugin | Description |\n|--------|-------------|\n| **QLMarkdown** | Preview Markdown files with rendered formatting |\n| **QLStephen** | Preview plain text files that have no file extension |\n\n---\n\n## Mac Apps -- System \u0026 Utilities\n\n| App | Description |\n|-----|-------------|\n| **Pearcleaner** | Open-source deep app uninstaller -- finds leftover files and preferences |\n| **UniFi Identity Endpoint** | Wi-Fi, VPN, and device management for UniFi NAS |\n| **LuLu** | Free open-source outbound firewall -- see what phones home |\n| **Mullvad VPN** | Privacy-focused VPN -- no account required, anonymous payment accepted |\n| **mas** | Mac App Store CLI -- script MAS installs and updates |\n| **dockutil** | Manage Dock pins programmatically (used by the setup script to curate the Dock) |\n| **terminal-notifier** | Send macOS notifications from shell scripts (used by the setup script for run-complete/failure alerts) |\n\n---\n\n## Mac Apps -- Productivity\n\n| App | Description |\n|-----|-------------|\n| **Notion** | All-in-one workspace -- docs, wikis, databases, project tracking |\n| **Notion Calendar** | Calendar app with Notion integration |\n| **Notion Mail** | Email client with Notion integration |\n| **Snagit** | Screenshots, scrolling capture, annotations, and video recording |\n| **Claude** | AI assistant |\n| **Skim** | Lightweight PDF reader with annotations -- faster than Preview |\n| **Transmit** | Premium SFTP/S3 file transfer client -- fast, dual-pane |\n\n---\n\n## Mac Apps -- Communication\n\n| App | Description |\n|-----|-------------|\n| **Slack** | Team messaging and collaboration |\n| **Telegram** | Encrypted messaging with channels and bots |\n\n---\n\n## Mac Apps -- Browsers\n\n| App | Description |\n|-----|-------------|\n| **Google Chrome** | Primary Chromium browser for development and DevTools |\n| **Firefox** | Privacy-focused browser for cross-browser testing |\n| **Brave** | Privacy-focused Chromium browser with built-in ad blocking |\n\n---\n\n## Mac Apps -- Media\n\n| App | Description |\n|-----|-------------|\n| **mpv** | Terminal video player -- keyboard-driven, scriptable |\n| **oxipng** | Lossless PNG compression -- CLI, scriptable, CI-friendly |\n| **jpegoptim** | Lossless JPEG compression -- strip metadata, optimize |\n| **p7zip** | Archive tool -- zip, 7z, rar, tar from the command line |\n| **LibreOffice** | Free office suite -- documents, spreadsheets, presentations |\n\n---\n\n## Mac Apps -- Cloud Storage \u0026 Backup\n\n| App | Description |\n|-----|-------------|\n| **Google Drive** | Cloud storage with Docs, Sheets, and Slides integration |\n| **rclone** | Sync files to any cloud -- Google Drive, S3, Dropbox, etc. |\n| **borg** | Deduplicated encrypted backups -- better than Time Machine for offsite |\n| **borgmatic** | Automated borg backup scheduling and configuration |\n\n---\n\n## Mac Apps -- Focus \u0026 Learning\n\n| App | Description |\n|-----|-------------|\n| **newsboat** | Terminal RSS/Atom reader -- vim-like keybindings, highly configurable |\n\n---\n\n---\n\n## Remove Pre-installed Apple Bloat\n\nThe `mac-bloat` category removes unused Apple apps (requires sudo, some need SIP disabled):\n\n| App | Location |\n|-----|----------|\n| **GarageBand** | `/Applications/GarageBand.app` |\n| **News** | `/System/Applications/News.app` |\n| **Journal** | `/System/Applications/Journal.app` |\n| **Chess** | `/System/Applications/Chess.app` |\n| **Games** | `/System/Applications/Games.app` |\n| **Stocks** | `/System/Applications/Stocks.app` |\n| **Tips** | `/System/Applications/Tips.app` |\n| **Voice Memos** | `/System/Applications/VoiceMemos.app` |\n\n```bash\n# Remove bloat only\n./scripts/setup-dev-tools-mac.sh --only mac-bloat\n\n# Skip bloat removal in a full run\n./scripts/setup-dev-tools-mac.sh --skip mac-bloat\n```\n\n\u003e **Note:** `/System/Applications` apps require SIP disabled on macOS Sonoma+. Boot into Recovery (Cmd+R) \u003e Terminal \u003e `csrutil disable` \u003e reboot. Re-enable after: `csrutil enable`.\n\n---\n\n## Dracula Theme\n\nApplied consistently across all tools:\n\n| Tool | How |\n|------|-----|\n| **Kiro** | Extension auto-installed, set as default theme |\n| **bat** | Dracula syntax theme in config |\n| **delta** | Dracula syntax theme for git diffs |\n| **Ghostty** | Full 16-color Dracula palette in config |\n| **fzf** | Dracula colors in `FZF_DEFAULT_OPTS` |\n| **Starship** | Dracula color palette in `starship.toml` |\n| **lazygit** | Full Dracula color scheme in config |\n| **k9s** | Dracula skin with all view colors |\n| **glow** | Dracula Markdown rendering style |\n| **gh-dash** | Dracula border and highlight colors |\n| **yazi** | Dracula file type colors and borders |\n| **btop** | Full Dracula theme with custom color palette |\n| **lazydocker** | Dracula borders and options colors |\n| **harlequin** | Dracula theme set in config.toml |\n| **vivid** | Dracula-themed LS_COLORS for file type coloring |\n| **vim** | Dracula-ish color scheme (no plugin needed) |\n| **Kiro brackets** | Dracula-colored bracket pair colorization |\n| **macOS** | System highlight color set to Dracula purple |\n\n---\n\n## Claude Code Configuration\n\nThe script sets up Claude Code with a comprehensive configuration for full-stack development.\n\n### Files Created\n\n| File | Purpose |\n|------|---------|\n| `~/.claude/settings.json` | Global permissions (110 entries), file ignore patterns, env vars |\n| `~/.claude/CLAUDE.md` | Global memory -- coding standards, available CLI tools reference, React/Next.js/AWS/CDK/Python/IaC conventions, security checks runbook |\n| `~/.claude/rules/workflow.md` | Trunk-based workflow rules (PR-first, issues, README-driven) |\n| `~/.claude/rules/git.md` | Git rules (no force-push, conventional commits, branch naming) |\n| `~/.claude/rules/security.md` | Security rules (no hardcoded secrets, parameterized SQL) |\n| `~/.claude/rules/typescript.md` | TypeScript rules (strict mode, no any, zod schemas) |\n| `~/.claude/rules/python.md` | Python rules (uv for packages, ruff for linting, type hints, pydantic) |\n| `~/.claude/rules/docker.md` | Docker rules (multi-stage builds, non-root, hadolint, dive) |\n| `~/.claude/rules/iac.md` | IaC rules (remote state, tflint, infracost, trivy config scan) |\n| `~/.claude/hooks/format-on-edit.sh` | Auto-format with Prettier after Claude edits JS/TS/CSS/JSON/MD files |\n| `~/.claude/hooks/lint-python.sh` | Auto-lint and fix Python files with ruff after Claude edits them |\n| `~/.claude/hooks/lint-dockerfile.sh` | Lint Dockerfiles with hadolint after Claude edits them |\n\n### Custom Slash Commands\n\n| Command | Purpose |\n|---------|---------|\n| `/pr-review` | Review current branch changes vs main -- flags security, bugs, edge cases |\n| `/test-plan` | Generate a test plan with unit/integration/e2e cases for recent changes |\n| `/dep-audit` | Audit dependencies for vulnerabilities, outdated packages, bundle size |\n| `/quick-doc` | Generate JSDoc/docstring documentation for a file or function |\n| `/cleanup` | Find dead code, unused imports, debug statements, empty catches |\n| `/security-scan` | Run all security tools (gitleaks, npm audit, semgrep, trivy) and report findings |\n| `/perf-check` | Benchmark with hyperfine, load test with oha, check for performance anti-patterns |\n| `/docker-lint` | Lint Dockerfiles with hadolint, analyze layers with dive, check docker-compose best practices |\n| `/iac-review` | Run tflint, trivy config scan, infracost estimate, check for IaC best practices |\n| `/convert` | Convert between formats using pandoc, d2, mermaid, ffmpeg, or imagemagick |\n| `/new-feature` | Full trunk-based workflow: create issue, branch, implement with tests, PR |\n| `/fix-bug` | Full trunk-based workflow: create issue, branch, test-first fix, PR |\n| `/create-readme` | Analyze codebase and generate comprehensive README.md |\n| `/init-project` | Scaffold new project with git, README, CLAUDE.md, linting, CI, Docker, templates |\n| `/refactor` | Refactor code with tests preserved, SOLID principles, verify tests pass |\n| `/add-endpoint` | Add full API endpoint: types, handler, validation, tests, docs |\n| `/add-component` | Add React component: TSX, tests, props interface, accessibility |\n| `/ci-fix` | Diagnose CI failures with `gh run view`, fix, verify locally with `act` |\n| `/changelog` | Generate changelog from conventional commits grouped by type |\n| `/commit-msg` | Analyze staged changes and generate conventional commit message |\n\n### Permissions Pre-approved\n\nCommon safe commands are pre-approved so Claude doesn't ask every time:\n- **Package managers**: npm, pnpm, bun, npx, uv, cargo, pip\n- **Git**: all git and gh commands\n- **AWS \u0026 IaC**: aws, cdk, sam, tofu, tflint, terraform-docs, checkov, infracost\n- **Docker \u0026 K8s**: docker, docker-compose, kubectl, k9s, stern\n- **Build tools**: make, just, tsc, jest, vitest\n- **File tools**: cat, bat, ls, eza, find, grep, rg, fd, fzf, tree, jq, yq, fx, mlr, csvlook\n- **Linters**: eslint, prettier, shellcheck, shfmt, ruff, hadolint, typos, ast-grep, commitizen, commitlint\n- **Security**: trivy, semgrep, gitleaks, snyk, cosign\n- **Media \u0026 docs**: pandoc, d2, mmdc, ffmpeg, magick\n- **Database**: pgcli, mycli, lazysql, sq, dbmate\n- **Other**: lazygit, lazydocker, dive, hyperfine, oha, tokei, dust, difft, delta\n\n### Denied Commands\n\nDestructive commands are blocked:\n- `rm -rf /`, `rm -rf ~`, `sudo rm`, `chmod 777`, `mkfs`, `\u003e /dev/sda*`\n\n---\n\n## Filesystem Structure\n\nThe scripts create an organized directory layout for both development and personal use:\n\n```\n~/\n|-- Code/                        # -- Development --\n|   |-- work/                    # Work projects\n|   |   |-- \u003corg-name\u003e/          # Grouped by GitHub org\n|   |   +-- scratch/             # Throwaway experiments\n|   |-- personal/                # Personal projects\n|   |   +-- scratch/\n|   |-- oss/                     # Open source contributions\n|   +-- learning/\n|       |-- courses/\n|       +-- playground/\n|\n|-- Scripts/                     # -- Automation --\n|   |-- bin/                     # Custom scripts (added to PATH)\n|   +-- cron/                    # Cron job scripts\n|\n|-- Screenshots/                 # Screenshots save here\n|\n|-- Documents/                   # -- Life Admin --\n|   |-- finance/\n|   |   |-- taxes/               # Tax returns, W-2s, 1099s\n|   |   |-- invoices/            # Sent/received invoices\n|   |   +-- statements/          # Bank/credit card statements\n|   |-- health/                  # Medical records, insurance cards\n|   |-- legal/                   # Contracts, agreements, legal docs\n|   |-- travel/                  # Itineraries, bookings, visa docs\n|   |-- insurance/               # Policies, claims\n|   |-- contracts/               # Work/freelance contracts\n|   |-- receipts/                # Purchase receipts, warranties\n|   +-- design/                  # Design files, mockups\n|\n|-- Reference/                   # -- Quick-Access Knowledge --\n|   |-- manuals/                 # Product/software manuals\n|   |-- cheatsheets/             # CLI, language, tool cheatsheets\n|   +-- bookmarks-export/        # Exported browser bookmarks\n|\n|-- Creative/                    # -- Creative Work --\n|   |-- design/                  # Graphic design projects\n|   |-- writing/                 # Blog posts, drafts, notes\n|   |-- video-editing/           # Video projects, raw footage\n|   +-- assets/\n|       |-- icons/               # Icon collections\n|       |-- fonts/               # Custom/downloaded fonts\n|       |-- stock-photos/        # Stock imagery\n|       +-- templates/           # Document/design templates\n|\n|-- Media/                       # -- Personal Media --\n|   |-- photos/                  # Personal photos\n|   |-- videos/                  # Personal videos\n|   |-- music/                   # Music files\n|   +-- wallpapers/              # Desktop/phone wallpapers\n|\n|-- Projects/                    # -- Non-Code Projects --\n|   |-- side-hustles/            # Business/freelance projects\n|   +-- home/                    # Home improvement, DIY\n|\n+-- Archive/                     # -- Cold Storage --\n    |-- old-projects/            # Completed/abandoned projects\n    +-- old-docs/                # Old documents for reference\n```\n\n### Helper Scripts (~/Scripts/bin/)\n\n| Script | Alias | Description |\n|--------|-------|-------------|\n| `new-project` | `nproj` | Scaffold a new project with git, .editorconfig, .gitignore |\n| `clone-work` | `cwork` | Clone a work repo into `~/Code/work/\u003corg\u003e/\u003crepo\u003e` |\n| `clone-personal` | `cpers` | Clone a personal repo into `~/Code/personal/\u003crepo\u003e` |\n| `clean-downloads` | `cleandl` | Delete files in ~/Downloads older than 30 days (interactive) |\n| `backup-dotfiles` | `dotback` | Push dotfile changes via chezmoi |\n| `project-stats` | `pstats` | Show repo counts, disk usage, recently modified projects |\n| `health-check` | `hc` | Quick system health overview (disk, memory, battery, brew, Docker, node_modules) |\n| `setup-ssh` | `sshsetup` | Generate an Ed25519 SSH key and optionally add it to GitHub via gh CLI |\n| `export-brewfile` | `brewsnap` | Export a Brewfile snapshot with descriptions for reproducibility |\n\n### Global Justfile (~/.justfile)\n\n27 task-runner recipes available from any directory via `gj`:\n\n| Recipe | Description |\n|--------|-------------|\n| `gj default` | List all available recipes |\n| `gj update` | Update everything via topgrade |\n| `gj info` | Show system info via fastfetch |\n| `gj flush-dns` | Flush DNS cache |\n| `gj ports` | Show listening ports |\n| `gj rebase` | Interactive rebase last N commits |\n| `gj undo` | Undo last commit (keep changes staged) |\n| `gj branches` | Show recent branches by last commit |\n| `gj docker-clean` | Clean unused Docker images, containers, volumes |\n| `gj docker-usage` | Show Docker disk usage |\n| `gj serve` | Serve current directory on a port |\n| `gj uuid` | Generate a UUID |\n| `gj b64-encode` | Encode text to base64 |\n| `gj b64-decode` | Decode base64 text |\n| `gj ip` | Show public IP address |\n| `gj local-ip` | Show local IP address |\n| `gj kill-port` | Kill process on a specific port |\n| `gj status` | Quick HTTP status check for a URL |\n| `gj node-clean` | Find all node_modules under ~/Code with sizes |\n| `gj docker-nuke` | Nuclear Docker cleanup (remove everything) |\n| `gj ds-clean` | Remove .DS_Store files recursively |\n| `gj cheat` | Show a cheatsheet for a command (via tldr) |\n| `gj timestamp` | Generate an ISO timestamp |\n| `gj weather` | Show weather for a city (via wttr.in) |\n| `gj standup` | Git standup -- what did I do yesterday? |\n| `gj loc` | Count lines of code in current directory (via tokei) |\n\n### Directory Shortcut Aliases\n\n| Alias | Directory |\n|-------|-----------|\n| `cw` | `~/Code/work` |\n| `cper` | `~/Code/personal` |\n| `coss` | `~/Code/oss` |\n| `clearn` | `~/Code/learning` |\n| `cscratch` | `~/Code/work/scratch` |\n| `cscripts` | `~/Scripts` |\n\n### Per-Directory Git Identity\n\nAutomatically uses different git identities for work vs personal:\n\n```\n~/Code/work/     -\u003e uses ~/.gitconfig-work     (work email)\n~/Code/personal/ -\u003e uses ~/.gitconfig-personal  (personal email)\n```\n\nEdit these files after running the script to fill in your details.\n\n---\n\n## Configurations Created\n\nThe script generates config files with sensible defaults:\n\n| File | Tool | Highlights |\n|------|------|------------|\n| `~/.zshrc` | Shell | Auto-written managed block with all init scripts, aliases, welcome screen |\n| `~/.zprofile` | Shell | Login shell PATH, editor, pager, LESS, XDG dirs, ulimit increase for Node.js |\n| `~/.gitconfig` | git | Rebase pull, histogram diff, 30 aliases (st, co, lg, wip, cleanup, gone, standup, recent, worktree, stash-all, etc.), delta, rerere, auto-stash |\n| `~/.gitignore_global` | git | .DS_Store, .env, node_modules, editor files, secrets |\n| `~/.gitmessage` | git | Commit template with type/scope format |\n| `~/.gnupg/gpg-agent.conf` | GPG | pinentry-mac, 8-hour passphrase cache |\n| `~/.ssh/config` | SSH | Multiplexing, keychain, keep-alive, strong algorithms |\n| `~/.npmrc` | npm | save-exact, no telemetry, prefer-offline, engine-strict |\n| `~/.editorconfig` | EditorConfig | UTF-8, LF, 2-space indent, per-language overrides (Python 4-space, Go tabs) |\n| `~/.prettierrc` | Prettier | Single quotes, trailing commas, 100 width |\n| `~/.curlrc` | curl | Follow redirects, retry 3x, compression, timeouts |\n| `~/.docker/daemon.json` | Docker | BuildKit enabled, log rotation 10m x 3, DNS, garbage collection |\n| `~/.aria2/aria2.conf` | aria2 | 16 connections, auto-resume, BitTorrent, 64MB cache |\n| `~/.config/atuin/config.toml` | atuin | Fuzzy search, local-only, compact style, enter=paste (not execute), history filter (ls/cd/clear/exit), secrets filter |\n| `~/.config/starship.toml` | Starship | Rich two-line prompt with Dracula palette, OS icon, git status with counts, Node/Python/Rust/Go/Docker/AWS/Terraform versions, battery warning, time, Nerd Font icons |\n| `~/.config/glow/glow.yml` | glow | Dracula style, mouse, pager |\n| `~/.config/yt-dlp/config` | yt-dlp | Best quality mp4, aria2c downloader, metadata, subtitles |\n| `~/.config/gh-dash/config.yml` | gh-dash | PR/issue sections, Dracula theme |\n| `~/.config/stern/config.yaml` | stern | 50 tail lines, 5m lookback, timestamps |\n| `~/.config/ngrok/ngrok.yml` | ngrok | Base config (add authtoken) |\n| `~/.config/caddy/Caddyfile` | Caddy | Development server template |\n| `~/.config/asciinema/config` | asciinema | 2s idle limit, no keystroke recording |\n| `~/.config/yazi/yazi.toml` | yazi | Hidden files, Kiro opener, Dracula theme |\n| `~/.config/zellij/config.kdl` | zellij | Dracula theme, compact layout, mouse, Ctrl-a prefix |\n| `~/.config/mpv/mpv.conf` | mpv | Hardware accel, save position, screenshots to ~/Screenshots |\n| `~/.config/git-cliff/cliff.toml` | git-cliff | Conventional commits changelog template |\n| `~/.newsboat/config` | newsboat | Vim keys, Dracula colors, auto-reload |\n| `~/.newsboat/urls` | newsboat | Starter RSS feeds (Claude Code, Node, Rust, GitHub) |\n| `~/Library/Application Support/nushell/env.nu` | nushell | Starship prompt, Homebrew paths |\n| `~/.config/ghostty/config` | Ghostty | JetBrains Mono, Dracula palette, transparent titlebar |\n| `~/.config/fastfetch/config.jsonc` | fastfetch | Nerd Font icons, package counts, Node/Python/Go/Rust/Docker versions, battery, disk, colored output |\n| `~/.config/mise/config.toml` | mise | Auto-install, trust ~/Code |\n| `~/.config/topgrade.toml` | topgrade | Cleanup, greedy cask updates |\n| `~/.config/direnv/direnv.toml` | direnv | Hidden env diff, auto-trust ~/Code, load .env |\n| `~/.config/btop/` | btop | Dracula theme with full color palette |\n| `~/.config/lazydocker/` | lazydocker | Dracula theme, timestamps, compose support |\n| `~/.config/pip/pip.conf` | pip | Require virtualenv, no telemetry |\n| `~/.config/pgcli/config` | pgcli | Multi-line, auto-expand, destructive warnings, bat pager |\n| `~/.config/harlequin/config.toml` | harlequin | Dracula theme, vscode keymap, file tree on |\n| `~/.config/gh/config.yml` | GitHub CLI | SSH protocol, Kiro editor, delta pager, aliases (co, pv, pc, pl, il, pm, rel) |\n| `~/.aws/config` | AWS CLI | Default region, json output, bat pager, auto-prompt, SSO template |\n| `~/.config/git/hooks/` | git | Global pre-commit hooks (debug statements, large files \u003e5MB, conflict markers) |\n| `~/.config/brewfile/Brewfile` | Homebrew | Snapshot of all installed packages with descriptions |\n| `~/.justfile` | just | 27 global task-runner recipes (system, git, Docker, network, cleanup, info) |\n| `~/.shellcheckrc` | shellcheck | External sources, disabled false positives |\n| `~/.actrc` | act | Medium Ubuntu images, container reuse |\n| `~/.mlrrc` | miller | CSV input, pretty table output |\n| `~/.hushlogin` | Terminal | Suppresses \"Last login\" message |\n| `~/.ripgreprc` | ripgrep | Smart case, hidden files, ignore patterns, custom types (web, config, doc, style) |\n| `~/.fdignore` | fd | Global ignore patterns (node_modules, .git, dist, etc.) |\n| `~/.vimrc` | vim | Line numbers, clipboard, mouse, Dracula colors, space leader, persistent undo |\n| `~/.nanorc` | nano | Line numbers, auto-indent, mouse, syntax highlighting |\n| `~/.myclirc` | mycli | Multi-line, auto-expand, destructive warnings |\n| `~/.gemrc` | Ruby | No docs on gem install |\n| `~/Library/.../Kiro/User/settings.json` | Kiro | Dracula, JetBrains Mono, format on save, file nesting, bracket pair colorization, per-language formatters (ruff for Python, go for Go, rust-analyzer for Rust), agent + MCP toggles |\n| `~/Library/.../Kiro/User/keybindings.json` | Kiro | Custom keyboard shortcuts (incl. ⌘I open agent, ⌘⇧I inline edit, ⌘⇧S create spec) |\n| `~/.kiro/settings/mcp.json` | Kiro MCP | Global MCP servers — enabled: filesystem, github, git, fetch, context7, notion, aws-docs, aws-pricing, aws-iac, aws-knowledge, cloudwatch, iam. Disabled (opt-in): playwright, postgres, aws-ccapi, aws-serverless, aws-lambda-tool, aws-eks, aws-ecs, aws-dynamodb |\n| `~/Library/.../lazygit/config.yml` | lazygit | Dracula theme, delta pager, nerd fonts, auto-fetch, Kiro editor (`kiro --goto`), rounded borders |\n| `~/Library/.../k9s/skins/dracula.yaml` | k9s | Full Dracula skin |\n\n---\n\n## macOS System Defaults\n\n| Category | Changes |\n|----------|---------|\n| **Dock** | Auto-hide, small icons (40px), no recents, scale minimize, no delay, spacers, all default pins cleared |\n| **Wallpaper** | Auto-set from `assets/wolf-wallpaper.jpg` to all desktops |\n| **Screensaver** | 45min idle, display sleep at 2hr (charger) / 1h15m (battery) |\n| **Screenshots** | PNG format, saved to `~/Screenshots`, no shadow, no thumbnail |\n| **Keyboard** | Fast key repeat (2/15), no press-and-hold, no auto-correct/capitalize/smart quotes/dashes/periods |\n| **Trackpad** | Faster tracking speed (2.0) |\n| **Mission Control** | Fixed spaces (no auto-rearrange), fast animations, group by app |\n| **Hot Corners** | Top-left: Mission Control, Top-right: Desktop |\n| **Stage Manager** | Disabled (prevents accidental activation) |\n| **Safari** | Developer menu enabled, full URL in address bar |\n| **TextEdit** | Plain text default, UTF-8 encoding |\n| **Finder** | Hidden files visible, path bar, status bar, list view, folders first, no .DS_Store on network/USB, full POSIX path in title bar |\n| **Finder sidebar** | Configured via LSSharedFileList API (Code, Screenshots, Scripts, Documents, Reference, Creative, Media, Projects, Archive, Downloads) |\n| **Animations** | Reduced motion, fast window resize |\n| **Misc** | No quarantine dialog, battery %, Dracula purple highlight, expanded save/print panels |\n| **Touch ID** | Enabled for sudo -- use fingerprint instead of password in terminal |\n| **DNS** | Set to Cloudflare (1.1.1.1) + Quad9 (9.9.9.9) + Google (8.8.8.8) |\n| **Spotlight** | Excluded ~/Code, ~/.config, node_modules, caches, Homebrew directories from indexing |\n| **Time Machine** | Excluded node_modules, Docker, caches, Downloads from backups |\n| **Siri** | Disabled and removed from menubar |\n\n---\n\n## Shell Aliases\n\nAll aliases are auto-written to `~/.zshrc`:\n\n| Alias | Command | Purpose |\n|-------|---------|---------|\n| `ls` | `eza --icons` | File listing with icons |\n| `ll` | `eza -la --icons --git` | Long list with git status |\n| `la` | `eza -a --icons` | List all including hidden |\n| `lt` | `eza --tree --icons --level=3` | Tree view |\n| `cat` | `bat --paging=never` | Syntax-highlighted file viewer |\n| `top` | `btop` | System monitor |\n| `du` | `dust` | Disk usage |\n| `df` | `duf` | Disk free |\n| `ps` | `procs` | Process list |\n| `ping` | `gping` | Latency graph |\n| `dig` | `doggo` | DNS lookup |\n| `watch` | `viddy` | Watch command output |\n| `hexdump` | `hexyl` | Hex viewer |\n| `rm` | `trash` | Safe delete (Trash) |\n| `make` | `just` | Task runner |\n| `y` | `yazi` | File manager |\n| `jx` | `fx` | Interactive JSON viewer |\n| `f` | `fd` | Fast find |\n| `dft` | `difft` | Syntax-aware diff |\n| `dl` | `aria2c` | Fast download |\n| `wget` | `aria2c` | Fast download |\n| `pip` | `uv pip` | Fast Python packages |\n| `venv` | `uv venv` | Fast virtualenv creation |\n| `pyrun` | `uv run` | Run Python with uv |\n| `gj` | `just --justfile ~/.justfile` | Global justfile recipes |\n| `lg` | `lazygit` | Git UI |\n| `lzd` | `lazydocker` | Docker UI |\n| `k` | `kubectl` | Kubernetes |\n| `klog` | `stern` | K8s pod logs |\n| `md` | `glow` | Markdown viewer |\n| `serve` | `miniserve ...` | Quick file server |\n| `ghd` | `gh dash` | GitHub dashboard |\n| `gdft` | `git dft` | Syntax-aware git diff |\n| `gha` | `act` | Run GitHub Actions locally |\n| `ytdl` | `yt-dlp` | Download video |\n| `ytmp3` | `yt-dlp -x --audio-format mp3` | Download audio |\n| `bench` | `hyperfine` | Benchmark commands |\n| `loadtest` | `oha` | HTTP load test |\n| `md2pdf` | `pandoc -f markdown -t pdf` | Markdown to PDF |\n| `md2html` | `pandoc -f markdown -t html -s` | Markdown to HTML |\n| `md2docx` | `pandoc -f markdown -t docx` | Markdown to Word |\n| `resize` | `magick mogrify -resize` | Resize images |\n| `ffq` | `ffmpeg -hide_banner ...` | Quiet ffmpeg |\n| `par` | `parallel` | Run in parallel |\n| `lint-sh` | `shellcheck` | Lint shell scripts |\n| `fmt-sh` | `shfmt -w -i 4` | Format shell scripts |\n| `csvp` | `csvlook` | Pretty-print CSV |\n| `watchrun` | `watchexec` | Watch and rerun on changes |\n| `update` | `topgrade` | Update everything |\n| `sysinfo` | `fastfetch` | Quick system info |\n| `nproj` | `new-project` | Scaffold new project |\n| `cwork` | `clone-work` | Clone work repo |\n| `cpers` | `clone-personal` | Clone personal repo |\n| `dotback` | `backup-dotfiles` | Backup dotfiles via chezmoi |\n| `pstats` | `project-stats` | Show project stats |\n| `cleandl` | `clean-downloads` | Clean old downloads |\n| `hc` | `health-check` | System health overview |\n| `sshsetup` | `setup-ssh` | Generate SSH key + add to GitHub |\n| `brewsnap` | `export-brewfile` | Export Brewfile snapshot |\n\n### Shell Extras\n\n| Feature | Description |\n|---------|-------------|\n| **Zsh completions** | kubectl, gh, aws auto-completions loaded |\n| **GPG_TTY** | Set in zshrc for commit signing to work |\n| **ulimit increase** | `ulimit -n 65536` in zprofile for Node.js/webpack/vite |\n| **vivid LS_COLORS** | Dracula-themed file type coloring via `vivid generate dracula` |\n| **fzf config** | Dracula colors, fd for file finding, bat for preview, eza tree for directory preview, keybindings (ctrl-/ toggle preview, ctrl-y copy) |\n| **Plugin guards** | Zsh plugin sources have defensive `[[ -f ]]` guards |\n| **Terminal welcome** | fastfetch + date + random dev tip on new terminal sessions (not in Kiro/VS Code integrated terminal) |\n\n---\n\n## Kiro Extensions\n\nExtensions are resolved from **OpenVSX** (the open-source registry — Kiro is a VS Code fork that does not use the Microsoft Marketplace). Closed-source extensions like `github.copilot` and `ms-vscode.*` are unavailable; Kiro's built-in Claude agent replaces Copilot anyway.\n\nAuto-installed by the script:\n\n| Extension | Purpose |\n|-----------|---------|\n| **Dracula Official** | Color theme |\n| **Prettier** | Code formatter (default for JS/TS/CSS/JSON/MD) |\n| **ESLint** | JavaScript/TypeScript linter |\n| **Ruff** | Python linter/formatter (set as default formatter for `.py`) |\n| **Tailwind CSS IntelliSense** | Tailwind class autocomplete |\n| **Python** | Python language support |\n| **Go** | Go language support (also used as formatter for Go files) |\n| **rust-analyzer** | Rust language support (also used as formatter for Rust files) |\n| **Astro** | Astro component support |\n| **Svelte** | Svelte component support |\n| **Auto Rename Tag** | Rename paired HTML/JSX tags |\n| **Path Intellisense** | Autocomplete file paths |\n| **Error Lens** | Inline error/warning highlights |\n| **Better Comments** | Colorized comment annotations (TODO, FIXME, etc.) |\n| **Code Spell Checker** | Spell checking for code and comments |\n| **npm Intellisense** | Autocomplete npm module imports |\n| **Color Highlight** | Highlight color codes in the editor |\n| **Rainbow CSV** | Colorize CSV columns for readability |\n| **EditorConfig** | Honour `.editorconfig` per-project rules |\n| **GitLens** | Git blame, history, and annotations |\n| **Git Graph** | Visual git history graph |\n| **Todo Tree** | Find and highlight TODO/FIXME comments across the project |\n| **Import Cost** | Show size of imported JS/TS packages inline |\n| **Docker** | Dockerfile and docker-compose support |\n| **DotENV** | .env file syntax highlighting |\n| **Markdown All in One** | Markdown shortcuts, preview, table of contents |\n| **markdownlint** | Lint Markdown for style/consistency |\n| **YAML** | YAML language support with validation |\n| **Even Better TOML** | TOML language support |\n| **Terraform (HashiCorp)** | Terraform / OpenTofu language support |\n| **AWS Toolkit** | Local Lambda debugging via SAM, CloudFormation/SAM YAML schemas, ECS exec terminal, AWS resource explorer (S3/Lambda/CloudWatch), credential/SSO management ([OpenVSX](https://open-vsx.org/extension/amazonwebservices/aws-toolkit-vscode)) |\n| **cfn-lint** | CloudFormation/SAM template linter — pairs with the `cfn-lint` CLI |\n\n### Kiro Settings Highlights\n\n- File nesting enabled (test files, lockfiles, config files grouped under parent)\n- Bracket pair colorization with Dracula colors\n- Per-language formatters: Ruff for Python, Go extension for Go, rust-analyzer for Rust\n- Sticky scroll (3 lines max)\n- Inlay hints on unless pressed\n- Terminal uses JetBrains Mono NF\n- VS Code-style telemetry disabled (`telemetry.telemetryLevel: off`); Kiro agent settings (steering, specs, hooks, MCP) are configured through Kiro's own UI / `Cmd+,`, not via `settings.json`\n\n### Kiro AI Agent (built-in Claude)\n\nKiro ships with a Claude-powered agent and four primitives — no extension required:\n\n| Primitive | What it is | Where it lives |\n|-----------|------------|----------------|\n| **Steering** | Project-wide rules and conventions the agent always reads | `.kiro/steering/*.md` |\n| **Specs** | Structured plan + design docs for a feature, generated from a one-line ask | `.kiro/specs/\u003cfeature\u003e/` |\n| **Hooks** | Triggers that run an agent action on file events (save, create, etc.) | `.kiro/hooks/*.json` |\n| **MCP servers** | External tools (filesystem, GitHub, docs, browsers, DBs) the agent can call | `~/.kiro/settings/mcp.json` (global), `.kiro/settings/mcp.json` (workspace) |\n\nWorkspace-scoped `.kiro/steering`, `.kiro/specs`, `.kiro/hooks`, and `.kiro/settings/mcp.json` should be **committed** so teammates and CI agents share the same context. Local-only state (`.kiro/.cache`, `.kiro/.tmp`, `.kiro/local`) is gitignored by the script.\n\n### Kiro MCP Servers\n\nThe script writes a sensible default `~/.kiro/settings/mcp.json` with these enabled:\n\n| Server | Purpose | Notes |\n|--------|---------|-------|\n| **filesystem** | Read/list/search files in `~/Code` | `@modelcontextprotocol/server-filesystem` (npx) |\n| **github** | Search repos, read files, list issues/PRs | needs `GITHUB_TOKEN` env var |\n| **git** | `git status/diff/log/show` for the current repo | `mcp-server-git` (uvx) |\n| **fetch** | HTTP fetch with HTML→Markdown conversion | `mcp-server-fetch` (uvx) |\n| **context7** | Fetch up-to-date library docs by package name | `@upstash/context7-mcp` (npx) |\n| **aws-docs** | Search and read AWS documentation | `awslabs.aws-documentation-mcp-server` (uvx) |\n| **aws-pricing** | Pre-deployment cost estimation (\"what would this CDK stack cost?\") | `awslabs.aws-pricing-mcp-server` (uvx) — no AWS credentials needed |\n| **aws-iac** | CDK + Terraform + CloudFormation patterns, security guidance, cdk-nag | `awslabs.aws-iac-mcp-server` (uvx) — replaces deprecated cdk-mcp-server |\n| **aws-knowledge** | Broader AWS knowledge base — services overview, best practices, FAQs | `awslabs.aws-knowledge-mcp-server` (uvx) |\n| **cloudwatch** | Query CloudWatch Logs + metrics, inspect alarm state | `awslabs.cloudwatch-mcp-server` (uvx); needs AWS creds; only read-only ops auto-approved |\n| **iam** | Read IAM users, roles, groups, policies; simulate principal policies | `awslabs.iam-mcp-server` (uvx); needs AWS creds; **only `list_*` / `get_*` / `simulate_*` auto-approved — every mutation prompts** |\n| **notion** | Search Notion pages/databases, read blocks, retrieve users | `@notionhq/notion-mcp-server` (npx); needs `NOTION_TOKEN` from an internal integration |\n\nAnd these are written **disabled** — flip `\"disabled\": false` to opt in per-workspace:\n\n| Server | Why disabled by default |\n|--------|-------------------------|\n| **playwright** | Spawns a real browser; only enable when doing E2E work |\n| **postgres** | Needs a running database and connection string |\n| **aws-ccapi** | AWS Cloud Control API — full CRUD on any supported resource. Extreme blast radius; enable per-workspace when actively doing infra work |\n| **aws-serverless** | Full SAM application lifecycle (build, deploy, invoke). Mutates Lambda/API GW/etc. |\n| **aws-lambda-tool** | Calls your *already-deployed* Lambdas as MCP tools. Different shape — for using Lambdas as agent tools, not deploying them |\n| **aws-eks** | EKS cluster + Kubernetes resource management |\n| **aws-ecs** | ECS task / service deployment |\n| **aws-dynamodb** | DynamoDB table operations and data access |\n\nEdit `~/.kiro/settings/mcp.json` to add more (Linear, Slack, Sentry, Stripe, etc.) or override per-project at `\u003crepo\u003e/.kiro/settings/mcp.json` — workspace config wins.\n\n**Notion setup:** create an internal integration at \u003chttps://www.notion.so/profile/integrations\u003e, copy the `secret_...` token, export it (`echo 'export NOTION_TOKEN=secret_...' \u003e\u003e ~/.zshrc.local`), then share the specific Notion pages/databases you want the agent to reach via the page's `…` menu → \"Connect to\" → your integration. Without page access the integration sees nothing; this is the intended Notion permission model.\n\n**AWS setup:** the AWS servers use the standard AWS credential chain — anything that works for `aws sts get-caller-identity` works here. Three common setups:\n\n```bash\n# 1) Long-lived access keys (least preferred)\naws configure                       # writes ~/.aws/credentials\n\n# 2) AWS SSO via `granted` (installed under the `aws` module)\nassume \u003cprofile\u003e                    # exports AWS_PROFILE for the shell\n\n# 3) Per-shell env vars (CI-style)\nexport AWS_REGION=us-east-1\nexport AWS_PROFILE=my-dev-account\n```\n\nKiro reads `${AWS_REGION}` and `${AWS_PROFILE}` from the shell that launched it at startup. If you change profile mid-session, restart Kiro (or use `Kiro: Reload Window`). The pre-approved `autoApprove` list for `iam` covers only read/simulate operations — every IAM mutation (`create_role`, `attach_role_policy`, etc.) will still prompt for confirmation.\n\n---\n\n## Chrome Extensions (manual install)\n\n| Extension | Purpose |\n|-----------|---------|\n| **axe DevTools** | Accessibility testing |\n| **React Developer Tools** | React component inspection |\n| **Lighthouse** | Performance and accessibility audits |\n| **JSON Formatter** | Pretty-print JSON in the browser |\n\n---\n\n## Raycast Extensions (manual install via Raycast Store)\n\n| Extension | Purpose |\n|-----------|---------|\n| **Clipboard History** | Built-in clipboard manager with search |\n| **GitHub** | Search repos, PRs, and issues from Raycast |\n| **AWS** | Quick access to AWS console services |\n| **Docker** | Manage containers from Raycast |\n| **Notion** | Search Notion pages and databases |\n| **Brew** | Search and install Homebrew packages |\n| **Kill Process** | Fast process killer |\n| **Color Picker** | System-wide color picker |\n\n---\n\n## Restoring on a New Machine\n\n```bash\n# Option 1: Run the full script\n./scripts/setup-dev-tools-mac.sh\n\n# Option 2: Resume after a failure\n./scripts/setup-dev-tools-mac.sh --resume\n\n# Option 3: Restore from Brewfile (packages only, no configs)\nbrew bundle install --file=~/.config/brewfile/Brewfile\n\n# Option 4: Restore dotfiles via chezmoi\nchezmoi init \u003cyour-github-username\u003e \u0026\u0026 chezmoi apply\n\n# Option 5: Run only specific categories\n./scripts/setup-dev-tools-mac.sh --only core,git,dx,configs\n```\n\n---\n\n## Updating\n\n```bash\n# Update everything at once (via topgrade)\ntopgrade\n\n# Or update manually\nbrew update \u0026\u0026 brew upgrade \u0026\u0026 brew cleanup\n\n# Re-run this script to pick up new tools/configs\n./scripts/setup-dev-tools-mac.sh\n```\n\nThe script will:\n- Skip already-installed tools\n- Update the `~/.zshrc` managed block\n- Export a fresh Brewfile\n- Apply any new macOS defaults\n- Report what changed\n\n---\n\n## Uninstalling\n\n```bash\n# Show removal commands (no changes made)\n./scripts/setup-dev-tools-mac.sh --uninstall\n```\n\nThis prints a full guide for removing all installed tools, configs, and settings. Review each command before running.\n\n---\n\n## Troubleshooting\n\n```bash\n# Inspect the failure log\ncat ~/.local/share/dev-setup/setup-*.log | grep ERROR\n\n# Check Homebrew health\nbrew doctor\n\n# Resume after a failure (skips already-completed steps)\n./scripts/setup-dev-tools-mac.sh --resume\n\n# Preview without changes\n./scripts/setup-dev-tools-mac.sh --dry-run\n\n# Run only specific categories\n./scripts/setup-dev-tools-mac.sh --only core,git,dx\n\n# Show removal commands\n./scripts/setup-dev-tools-mac.sh --uninstall\n```\n\n---\n\n## License\n\nMIT — see [LICENSE](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvixygrey%2Fvixygrey-dev-setup","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvixygrey%2Fvixygrey-dev-setup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvixygrey%2Fvixygrey-dev-setup/lists"}