Skip to main content
guidesSource-backedReview first Safety Privacy

Large Code Migration Workflow with Claude Code

A repeatable explore-plan-implement-verify workflow for large code migrations and refactors with Claude Code, using plan mode, /rewind checkpoints, subagents, and claude -p fan-out for batch file changes.

by JSONbored·added 2025-10-27·
HarnessClaude Code
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://code.claude.com/docs/en/best-practices, https://github.com/JSONbored/awesome-claude/blob/main/content/guides/migration-workflow-guide.mdx
Safety notes
The claude -p fan-out loop runs Claude non-interactively across many files. Scope it with --allowedTools (for example "Edit,Bash(git commit *)") so unattended runs cannot perform actions you did not intend, and test on 2-3 files before running at scale., Checkpoints only track Claude's direct file edits, not changes made by bash commands (rm, mv, cp) or other processes, so commit to git before a large migration.
Privacy notes
Claude Code sends the files it reads and command output to the model as context. Avoid piping secrets or credentials into prompts, and exclude sensitive paths from migration runs.
Author
JSONbored
Claim status
unclaimed
Last verified
2025-10-27

Decision playbook

Review trust signals before you adopt

Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.

Compare context
Selected

0

Current score

78

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as source-backed.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Needs review

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    No package verification flag provided.

    Pending
  • Checksum metadata

    No checksum provided for downloaded artifact.

    Pending

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

Copy & paste

Copy-ready — paste the snippet to get started.

Install command

Not provided

Config snippet

Not provided

Copy snippet

Provided

Prerequisites

None

Platforms

1 listed

Difficulty

35/100

Adoption plan

Balanced adoption plan

Current risk score 16/100. Use staged verification before broader rollout.

Risk 16

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    No package verification/checksum metadata.

    Pending

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (5/6 signals complete).

Risk 15

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Missing

Package integrity metadata is missing.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

5/6 steps complete with no blocking gaps for this preset.

Risk 14

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is missing.

Pending

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Safety & privacy surface

Safety & privacy surface

2 safety and 1 privacy notes across 3 risk areas. Review closely: credentials & tokens, permissions & scopes.

3 areas
  • SafetyPermissions & scopesThe claude -p fan-out loop runs Claude non-interactively across many files. Scope it with --allowedTools (for example "Edit,Bash(git commit *)") so unattended runs cannot perform actions you did not intend, and test on 2-3 files before running at scale.
  • SafetyLocal filesCheckpoints only track Claude's direct file edits, not changes made by bash commands (rm, mv, cp) or other processes, so commit to git before a large migration.
  • PrivacyCredentials & tokensClaude Code sends the files it reads and command output to the model as context. Avoid piping secrets or credentials into prompts, and exclude sensitive paths from migration runs.

Safety notes

  • The claude -p fan-out loop runs Claude non-interactively across many files. Scope it with --allowedTools (for example "Edit,Bash(git commit *)") so unattended runs cannot perform actions you did not intend, and test on 2-3 files before running at scale.
  • Checkpoints only track Claude's direct file edits, not changes made by bash commands (rm, mv, cp) or other processes, so commit to git before a large migration.

Privacy notes

  • Claude Code sends the files it reads and command output to the model as context. Avoid piping secrets or credentials into prompts, and exclude sensitive paths from migration runs.

Schema details

Install type
copy
Reading time
6 min
Difficulty score
35
Troubleshooting
Yes
Breaking changes
No
Skill and platform metadata
Retrieval sources
https://code.claude.com/docs/en/best-practiceshttps://code.claude.com/docs/en/common-workflowshttps://code.claude.com/docs/en/checkpointing
Full copyable content
## TL;DR

Large migrations fail when an agent jumps straight to editing and fills its
context with the wrong files. The reliable pattern in Claude Code is to separate
research from execution: explore in plan mode, commit to a written plan, then
implement against a check Claude can run itself. Use `/rewind` checkpoints to back
out of dead ends, delegate exploration and review to subagents to keep the main
context clean, and fan out with `claude -p` when the same change has to land across
hundreds of files.

**Key points:**

- Use the four-phase loop: explore, plan, implement, verify.
- Give Claude a verification check (tests, build, linter) so it can iterate on its own.
- Checkpoints (`/rewind`, `Esc Esc`) let you try risky changes and revert; they are local undo, not a replacement for git.
- For batch migrations, generate a file list and loop `claude -p` over it with scoped `--allowedTools`.

## Overview

A migration or large refactor is the case where Claude Code's main constraint
matters most: the context window holds the entire conversation, every file read,
and every command output, and model performance degrades as it fills. A naive
"migrate the whole codebase" prompt reads hundreds of files into one context and
produces worse edits as it goes.

The workflow below keeps each phase scoped. Exploration and review happen in
subagents or plan mode so they don't pollute the implementation context.
Implementation runs against a check that returns pass or fail, so Claude closes
its own loop instead of waiting for you to spot every mistake. And checkpoints
make ambitious, wide-scale changes safe to attempt because any step is reversible.

> **Workflow at a glance**
>
> **Best for:** framework upgrades, API/pattern migrations, large refactors, codemods
> **Core loop:** explore -> plan -> implement -> verify
> **Key tools:** plan mode, `/rewind`, subagents, `claude -p` fan-out
> **Safety net:** session checkpoints plus git commits

## The migration workflow

The recommended workflow has four phases. Run them in order; for a small,
one-sentence-diff change you can skip planning and ask Claude to do it directly.

```bash
# 1. EXPLORE — read and understand, no edits yet (plan mode)
claude --permission-mode plan
# In session:
#   read /src/auth and explain how sessions and login work today.
#   look at how environment variables for secrets are managed.
# Or delegate the reading so only findings return to your context:
#   use a subagent to investigate how token refresh works and
#   whether we already have OAuth utilities to reuse.

# 2. PLAN — produce a reviewable plan before anything touches disk
# In plan mode:
#   I want to migrate this module to the new API. What files change?
#   What is the order of operations? Create a detailed plan.
# Press Ctrl+G to open the plan in your editor and refine it.

# 3. IMPLEMENT — leave plan mode, code against a check it can run
# In default mode:
#   implement the migration from your plan. run the test suite
#   after each file and fix failures. address root causes.

# 4. VERIFY — fresh-context review of the diff, then commit
#   /code-review              # bundled skill: reviews the diff in a subagent
#   commit with a descriptive message and open a PR

# If an approach goes wrong at any point, back out and retry:
#   /rewind                   # or press Esc Esc on an empty prompt
```

### Why each phase exists

- **Explore** keeps Claude from solving the wrong problem. Plan mode reads files
  and answers questions but makes no edits until you approve.
- **Plan** gives you a diff you can review before code is written. Press `Ctrl+G`
  to open the plan in your text editor and edit it directly.
- **Implement** is where a verification check pays off: Claude does the work, runs
  the check, reads the result, and iterates until it passes. Without a check,
  "looks done" is the only signal and you become the verification loop.
- **Verify** with a fresh context. A reviewer subagent sees only the diff and your
  criteria, not the reasoning that produced the change, so it grades the result on
  its own terms.

## Phase reference

| Phase | What you do | Command or action |
| --- | --- | --- |
| Explore | Read code, ask questions, no edits | `claude --permission-mode plan`, or `Shift+Tab` to toggle plan mode mid-session |
| Explore (delegated) | Offload file reads so only findings return | `use a subagent to investigate X` |
| Plan | Produce and refine a written plan | Ask for a plan in plan mode; `Ctrl+G` to edit it |
| Implement | Code against a runnable check | Leave plan mode; ask Claude to implement and run tests/build |
| Verify | Fresh-context review of the diff | `/code-review`, or a verification subagent |
| Recover | Undo a bad step | `/rewind` or `Esc Esc` |
| Commit | Persist the change | `commit ... and open a PR` (uses `gh pr create`) |
| Resume | Continue across sittings | `claude --continue` or `claude --resume` |

## Checkpoints: try risky changes safely

Claude Code automatically snapshots files before each edit, and every prompt you
send creates a checkpoint. This lets you attempt a wide-scale change and revert if
it doesn't work, instead of planning every move defensively.

Run `/rewind`, or press `Esc` twice when the prompt input is empty, to open the
rewind menu. From there you can:

- **Restore code and conversation** — revert both to a prior checkpoint
- **Restore conversation** — rewind the chat but keep current code
- **Restore code** — revert file changes but keep the conversation
- **Summarize from here / up to here** — compress part of the conversation to free context

Checkpoints persist across sessions and are cleaned up with the session after 30
days (configurable). Two limits matter for migrations:

- **Bash changes are not tracked.** Files modified by `rm`, `mv`, or `cp` cannot be
  undone through rewind. Only direct edits from Claude's file-editing tools are tracked.
- **It is not version control.** Treat checkpoints as local undo and git as
  permanent history. Commit before a large migration so you have a real fallback.

## Fan out across many files

When the same change has to land across hundreds or thousands of files, distribute
the work across parallel non-interactive invocations instead of one long session.

```bash
# 1. Have Claude list the files that need migrating
#    e.g. ask it to write files.txt containing every file to change

# 2. Loop claude -p over the list with scoped tools
for file in $(cat files.txt); do
  claude -p "Migrate $file from React to Vue. Return OK or FAIL." \
    --allowedTools "Edit,Bash(git commit *)"
done

# 3. Test on 2-3 files, refine the prompt, then run the full set
```

`--allowedTools` restricts what each unattended invocation can do, which is the key
safety control when no human is approving steps. For batch runs that need to keep
moving without prompts but with a safety classifier, use auto mode:

```bash
claude --permission-mode auto -p "fix all lint errors"
```

For non-interactive runs, auto mode aborts if the classifier repeatedly blocks
actions, since there is no user to fall back to.

## Set up before a large migration

- **Write a CLAUDE.md.** Run `/init` to generate a starter file, then add the build
  command, test runner, and any code-style rules that differ from defaults. Claude
  reads it at the start of every conversation. Keep it short — a bloated CLAUDE.md
  causes Claude to ignore your actual instructions.
- **Define the verification check.** Have a test suite, build, or linter ready so
  Claude can self-correct. Spell out the check in the prompt: "run the tests after
  implementing and fix failures."
- **Reference existing patterns.** Point Claude at a file that already follows the
  target pattern (for example, "follow the pattern in HotDogWidget.php") rather than
  describing it abstractly.
- **Commit first.** Get a clean git state so `/rewind` plus git together cover both
  session-level and permanent recovery.

## Manage context during the migration

Long migrations fill the context window with file contents and failed attempts,
which degrades quality. Manage it actively:

- `/clear` between unrelated tasks to reset context entirely.
- If you've corrected Claude more than twice on the same issue, `/clear` and restart
  with a sharper prompt that incorporates what you learned. A clean session with a
  better prompt almost always beats a long polluted one.
- Use subagents for exploration and review so those file reads never enter the main
  context.
- When approaching limits, Claude auto-compacts; for control use `/compact <instructions>`,
  for example `/compact Focus on the API changes`.

## Troubleshooting

**Claude edits the wrong files or solves the wrong problem.** You skipped
exploration. Start in plan mode (`claude --permission-mode plan` or `Shift+Tab`),
have it read the relevant code and produce a plan, and approve it before any edits.

**A change broke something and you want to back out.** Run `/rewind` (or `Esc Esc`
on an empty prompt) and restore code, conversation, or both to a prior checkpoint.
If the breakage came from a bash command (`rm`/`mv`/`cp`), rewind won't help —
recover from git instead.

**Quality degrades partway through a long session.** The context window is filling.
`/clear` between tasks, delegate reads to subagents, or `/compact` with focus
instructions. After two failed corrections on the same issue, clear and restart.

**Claude reports success but edge cases are broken.** Don't trust unverified output.
Add a verification check it must run, and add an adversarial review step with
`/code-review` or a verification subagent that sees only the diff.

**The fan-out loop does something unintended.** Tighten `--allowedTools` to the
minimum set (for example `"Edit,Bash(git commit *)"`) and test on a few files
before running at scale.

## Related resources and next steps

- [Best practices for Claude Code](https://code.claude.com/docs/en/best-practices) — explore/plan/code, verification, context management, fan-out
- [Common workflows](https://code.claude.com/docs/en/common-workflows) — recipes for refactoring, testing, PRs, subagents, and `claude -p`
- [Checkpointing](https://code.claude.com/docs/en/checkpointing) — how `/rewind` and summarize work, and their limits

---

_Last reviewed: 2026-06-16. Grounded in the official Claude Code documentation for common workflows, best practices, and checkpointing. Part of the [HeyClaude](https://heyclau.de) guides collection._

About this resource

TL;DR

Large migrations fail when an agent jumps straight to editing and fills its context with the wrong files. The reliable pattern in Claude Code is to separate research from execution: explore in plan mode, commit to a written plan, then implement against a check Claude can run itself. Use /rewind checkpoints to back out of dead ends, delegate exploration and review to subagents to keep the main context clean, and fan out with claude -p when the same change has to land across hundreds of files.

Key points:

  • Use the four-phase loop: explore, plan, implement, verify.
  • Give Claude a verification check (tests, build, linter) so it can iterate on its own.
  • Checkpoints (/rewind, Esc Esc) let you try risky changes and revert; they are local undo, not a replacement for git.
  • For batch migrations, generate a file list and loop claude -p over it with scoped --allowedTools.

Overview

A migration or large refactor is the case where Claude Code's main constraint matters most: the context window holds the entire conversation, every file read, and every command output, and model performance degrades as it fills. A naive "migrate the whole codebase" prompt reads hundreds of files into one context and produces worse edits as it goes.

The workflow below keeps each phase scoped. Exploration and review happen in subagents or plan mode so they don't pollute the implementation context. Implementation runs against a check that returns pass or fail, so Claude closes its own loop instead of waiting for you to spot every mistake. And checkpoints make ambitious, wide-scale changes safe to attempt because any step is reversible.

Workflow at a glance

Best for: framework upgrades, API/pattern migrations, large refactors, codemods Core loop: explore -> plan -> implement -> verify Key tools: plan mode, /rewind, subagents, claude -p fan-out Safety net: session checkpoints plus git commits

The migration workflow

The recommended workflow has four phases. Run them in order; for a small, one-sentence-diff change you can skip planning and ask Claude to do it directly.

# 1. EXPLORE — read and understand, no edits yet (plan mode)
claude --permission-mode plan
# In session:
#   read /src/auth and explain how sessions and login work today.
#   look at how environment variables for secrets are managed.
# Or delegate the reading so only findings return to your context:
#   use a subagent to investigate how token refresh works and
#   whether we already have OAuth utilities to reuse.

# 2. PLAN — produce a reviewable plan before anything touches disk
# In plan mode:
#   I want to migrate this module to the new API. What files change?
#   What is the order of operations? Create a detailed plan.
# Press Ctrl+G to open the plan in your editor and refine it.

# 3. IMPLEMENT — leave plan mode, code against a check it can run
# In default mode:
#   implement the migration from your plan. run the test suite
#   after each file and fix failures. address root causes.

# 4. VERIFY — fresh-context review of the diff, then commit
#   /code-review              # bundled skill: reviews the diff in a subagent
#   commit with a descriptive message and open a PR

# If an approach goes wrong at any point, back out and retry:
#   /rewind                   # or press Esc Esc on an empty prompt

Why each phase exists

  • Explore keeps Claude from solving the wrong problem. Plan mode reads files and answers questions but makes no edits until you approve.
  • Plan gives you a diff you can review before code is written. Press Ctrl+G to open the plan in your text editor and edit it directly.
  • Implement is where a verification check pays off: Claude does the work, runs the check, reads the result, and iterates until it passes. Without a check, "looks done" is the only signal and you become the verification loop.
  • Verify with a fresh context. A reviewer subagent sees only the diff and your criteria, not the reasoning that produced the change, so it grades the result on its own terms.

Phase reference

Phase What you do Command or action
Explore Read code, ask questions, no edits claude --permission-mode plan, or Shift+Tab to toggle plan mode mid-session
Explore (delegated) Offload file reads so only findings return use a subagent to investigate X
Plan Produce and refine a written plan Ask for a plan in plan mode; Ctrl+G to edit it
Implement Code against a runnable check Leave plan mode; ask Claude to implement and run tests/build
Verify Fresh-context review of the diff /code-review, or a verification subagent
Recover Undo a bad step /rewind or Esc Esc
Commit Persist the change commit ... and open a PR (uses gh pr create)
Resume Continue across sittings claude --continue or claude --resume

Checkpoints: try risky changes safely

Claude Code automatically snapshots files before each edit, and every prompt you send creates a checkpoint. This lets you attempt a wide-scale change and revert if it doesn't work, instead of planning every move defensively.

Run /rewind, or press Esc twice when the prompt input is empty, to open the rewind menu. From there you can:

  • Restore code and conversation — revert both to a prior checkpoint
  • Restore conversation — rewind the chat but keep current code
  • Restore code — revert file changes but keep the conversation
  • Summarize from here / up to here — compress part of the conversation to free context

Checkpoints persist across sessions and are cleaned up with the session after 30 days (configurable). Two limits matter for migrations:

  • Bash changes are not tracked. Files modified by rm, mv, or cp cannot be undone through rewind. Only direct edits from Claude's file-editing tools are tracked.
  • It is not version control. Treat checkpoints as local undo and git as permanent history. Commit before a large migration so you have a real fallback.

Fan out across many files

When the same change has to land across hundreds or thousands of files, distribute the work across parallel non-interactive invocations instead of one long session.

# 1. Have Claude list the files that need migrating
#    e.g. ask it to write files.txt containing every file to change

# 2. Loop claude -p over the list with scoped tools
for file in $(cat files.txt); do
  claude -p "Migrate $file from React to Vue. Return OK or FAIL." \
    --allowedTools "Edit,Bash(git commit *)"
done

# 3. Test on 2-3 files, refine the prompt, then run the full set

--allowedTools restricts what each unattended invocation can do, which is the key safety control when no human is approving steps. For batch runs that need to keep moving without prompts but with a safety classifier, use auto mode:

claude --permission-mode auto -p "fix all lint errors"

For non-interactive runs, auto mode aborts if the classifier repeatedly blocks actions, since there is no user to fall back to.

Set up before a large migration

  • Write a CLAUDE.md. Run /init to generate a starter file, then add the build command, test runner, and any code-style rules that differ from defaults. Claude reads it at the start of every conversation. Keep it short — a bloated CLAUDE.md causes Claude to ignore your actual instructions.
  • Define the verification check. Have a test suite, build, or linter ready so Claude can self-correct. Spell out the check in the prompt: "run the tests after implementing and fix failures."
  • Reference existing patterns. Point Claude at a file that already follows the target pattern (for example, "follow the pattern in HotDogWidget.php") rather than describing it abstractly.
  • Commit first. Get a clean git state so /rewind plus git together cover both session-level and permanent recovery.

Manage context during the migration

Long migrations fill the context window with file contents and failed attempts, which degrades quality. Manage it actively:

  • /clear between unrelated tasks to reset context entirely.
  • If you've corrected Claude more than twice on the same issue, /clear and restart with a sharper prompt that incorporates what you learned. A clean session with a better prompt almost always beats a long polluted one.
  • Use subagents for exploration and review so those file reads never enter the main context.
  • When approaching limits, Claude auto-compacts; for control use /compact <instructions>, for example /compact Focus on the API changes.

Troubleshooting

Claude edits the wrong files or solves the wrong problem. You skipped exploration. Start in plan mode (claude --permission-mode plan or Shift+Tab), have it read the relevant code and produce a plan, and approve it before any edits.

A change broke something and you want to back out. Run /rewind (or Esc Esc on an empty prompt) and restore code, conversation, or both to a prior checkpoint. If the breakage came from a bash command (rm/mv/cp), rewind won't help — recover from git instead.

Quality degrades partway through a long session. The context window is filling. /clear between tasks, delegate reads to subagents, or /compact with focus instructions. After two failed corrections on the same issue, clear and restart.

Claude reports success but edge cases are broken. Don't trust unverified output. Add a verification check it must run, and add an adversarial review step with /code-review or a verification subagent that sees only the diff.

The fan-out loop does something unintended. Tighten --allowedTools to the minimum set (for example "Edit,Bash(git commit *)") and test on a few files before running at scale.

Related resources and next steps


Last reviewed: 2026-06-16. Grounded in the official Claude Code documentation for common workflows, best practices, and checkpointing. Part of the HeyClaude guides collection.

Source citations

Add this badge to your README

Show that Large Code Migration Workflow with Claude Code is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/guides/migration-workflow-guide.svg)](https://heyclau.de/entry/guides/migration-workflow-guide)

How it compares

Large Code Migration Workflow with Claude Code side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

2 trust signals differ across this comparison (Source provenance, Submitter).

Field

A repeatable explore-plan-implement-verify workflow for large code migrations and refactors with Claude Code, using plan mode, /rewind checkpoints, subagents, and claude -p fan-out for batch file changes.

Open dossier

A practical walkthrough of Claude Code checkpointing: how automatic checkpoints capture code before each edit, how to rewind and summarize with /rewind, the difference between restore and summarize, and the limitations you must know before a risky refactor.

Open dossier

Automate business and engineering processes with Claude Code: headless `claude -p` runs, GitHub Actions, scheduled routines, and in-session loops, with permission and output-format guidance.

Open dossier

Delegate repository maintenance to Claude Code subagents: docs drift scans, dependency report triage, README sync checks, and stale issue grooming with scoped tools, read-first policies, and human merge gates.

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage not verifiedPackage not verifiedPackage not verifiedPackage not verified
Source provenanceDiffersSource-backedSource-backedSource-backedSubmission linkedSource submission
SubmitterDiffersJPette1783kiannidev
Install riskReview firstReview firstReview firstReview first
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
Brand
Categoryguidesguidesguidesguides
Sourcesource-backedsource-backedsource-backedsource-backed
AuthorJSONboredJPette1783JSONboredkiannidev
Added2025-10-272026-06-052025-10-272026-06-16
Platforms
Claude Code
Claude Code
Claude Code
Claude Code
Source repo
Safety notesThe claude -p fan-out loop runs Claude non-interactively across many files. Scope it with --allowedTools (for example "Edit,Bash(git commit *)") so unattended runs cannot perform actions you did not intend, and test on 2-3 files before running at scale. Checkpoints only track Claude's direct file edits, not changes made by bash commands (rm, mv, cp) or other processes, so commit to git before a large migration.Checkpoints only track files edited through Claude's file-editing tools; changes made by bash commands (rm, mv, cp) are NOT tracked and cannot be undone via rewind. External or concurrent-session edits are generally not captured unless they touch the same files; do not rely on checkpoints for those. Checkpoints are session-level local undo, not version control; commit to Git before and after risky work for permanent history.Automated runs can execute Bash and edit/write files. Scope `--allowedTools` and `--permission-mode` tightly; `dontAsk` denies anything outside your allow rules. Routines run with no approval prompts, so limit repositories, connectors, and network access to what each task actually needs.Maintenance subagents can propose file edits and shell commands—start read-only and add write tools only after review policy exists. Parallel subagents multiply tool calls; cap concurrent maintenance runs on large monorepos to control cost and noise. Dependency upgrade suggestions require human verification against semver, license, and security advisories before merge.
Privacy notesClaude Code sends the files it reads and command output to the model as context. Avoid piping secrets or credentials into prompts, and exclude sensitive paths from migration runs.Checkpoints and session state are stored locally and cleaned up with the session after 30 days by default. Restoring or summarizing changes session state locally; it does not transmit anything beyond the normal model requests. Summaries are AI-generated from your conversation; the original messages remain in the local transcript.Headless and CI runs read your codebase and any piped stdin; GitHub Actions and routines need an `ANTHROPIC_API_KEY` or provider credentials stored as secrets, never hardcoded in workflow files. Routine actions appear under your linked GitHub and connector identities, so commits, PRs, and connector writes are attributed to you.Maintenance scans read internal docs, issue titles, dependency manifests, and CI configuration that may describe unreleased features. Subagent transcripts may retain file paths and package names from private forks; avoid pasting customer data into maintenance prompts. External MCP connectors can expose additional metadata—document what each maintenance subagent may read.
Prerequisites— none listed
  • Claude Code installed and a session where Claude makes edits with its file-editing tools.
  • A working understanding that checkpoints complement, not replace, Git.
  • Optional: configured cleanupPeriodDays if you want to change the 30-day retention.
— none listed
  • Claude Code with subagents available for your account and project.
  • Recurring maintenance work that benefits from separate specialist context.
  • Documented human owners for merges, label changes, and dependency upgrades.
  • Optional MCP or GitHub integrations scoped to maintenance repositories only.
Install
Config
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.