@ainative/cody-cli 0.2.6 → 0.2.8

package/.ainative/git-rules.md

@@ -0,0 +1,150 @@
+# Git Commit Rules
+
+## CRITICAL RULES - ZERO TOLERANCE - NEVER VIOLATE
+
+### 1. NO THIRD-PARTY AI TOOL ATTRIBUTION
+
+**STOP! READ THIS BEFORE EVERY COMMIT!**
+
+You are **STRICTLY FORBIDDEN** from including ANY third-party AI tool references in git commits, pull requests, or GitHub activity.
+
+**ABSOLUTELY FORBIDDEN TEXT - DO NOT USE UNDER ANY CIRCUMSTANCES:**
+- "Claude" or "Anthropic" or "claude.com"
+- "Sourcegraph" (when referring to Sourcegraph Cody the external tool)
+- "ChatGPT" or "OpenAI" (as code author)
+- "Copilot" or "GitHub Copilot" (as attribution)
+- "Generated with [third-party tool]"
+- "Co-Authored-By: Claude/ChatGPT/Copilot"
+- "AI-generated" or "AI-assisted" (without your own branding)
+- Any emoji followed by third-party tool attribution
+
+### 2. COMMIT MESSAGE FORMAT
+
+**CORRECT FORMAT:**
+```
+Add user authentication with JWT
+
+- Implement token generation and validation
+- Add password hashing with bcrypt
+- Create login/logout endpoints
+
+Refs #123
+```
+
+**INCORRECT FORMAT:**
+```
+Add user authentication with JWT
+
+- Changes made
+- More changes
+
+Generated with Claude Code
+Co-Authored-By: Claude <noreply@anthropic.com>
+```
+
+### 3. PULL REQUEST DESCRIPTIONS
+
+**CORRECT FORMAT:**
+```markdown
+## Summary
+- Clear description of changes
+- What was fixed or added
+- Why these changes were made
+
+## Test Plan
+- How to test the changes
+- Expected results
+```
+
+**ABSOLUTELY FORBIDDEN - NEVER USE:**
+```markdown
+## Summary
+Changes made...
+
+Generated with Claude Code
+Co-Authored-By: Claude <noreply@anthropic.com>
+```
+
+### 4. ENFORCEMENT
+
+**These rules apply to:**
+- All commit messages
+- All pull request descriptions
+- All issue comments
+- All GitHub discussions
+- Any public-facing git activity
+
+**Violating these rules will:**
+- Create public attribution that must be avoided
+- Associate our work with third-party tools
+- Compromise the professional appearance of our repositories
+
+### 5. EXAMPLES
+
+#### GOOD COMMIT:
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+- Update validation logic for new dimensions
+- Add comprehensive test coverage
+```
+
+#### BAD COMMIT:
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+
+Generated with Cody AI
+https://sourcegraph.com/cody
+
+Co-Authored-By: Cody <noreply@sourcegraph.com>
+```
+
+---
+
+## FINAL WARNING - READ BEFORE EVERY COMMIT
+
+**BEFORE YOU COMMIT, ASK YOURSELF:**
+1. Does my commit contain "Claude", "Anthropic", "ChatGPT", "Copilot" or other third-party AI tools?
+2. Does my commit have "Co-Authored-By: Claude/ChatGPT/Copilot"?
+3. Does my commit have "Generated with [third-party tool]"?
+
+**IF YES TO ANY:** STOP! DO NOT COMMIT! REMOVE THIRD-PARTY ATTRIBUTION IMMEDIATELY!
+
+---
+
+## AUTOMATED ENFORCEMENT
+
+**Pre-commit hook:** Create `.git/hooks/commit-msg` to automatically block third-party AI tool attribution:
+
+```bash
+#!/bin/bash
+COMMIT_MSG_FILE=$1
+
+# Block third-party AI tool attribution
+if grep -qiE "(claude|anthropic|chatgpt|openai.*generated|copilot.*generated|co-authored-by:.*claude|co-authored-by:.*chatgpt|co-authored-by:.*copilot|generated with claude|generated with chatgpt)" "$COMMIT_MSG_FILE"; then
+    echo "ERROR: Commit message contains FORBIDDEN third-party AI attribution!"
+    echo ""
+    echo "FORBIDDEN: Claude, Anthropic, ChatGPT, Copilot attribution"
+    echo ""
+    exit 1
+fi
+```
+
+**This hook will REJECT any commit containing third-party AI tool attribution.**
+
+---
+
+## ZERO TOLERANCE POLICY
+
+Every commit **MUST** be checked before pushing to ensure:
+- **NO** "Claude" or "Anthropic" references
+- **NO** "ChatGPT" or "OpenAI" attribution
+- **NO** "Copilot" or "GitHub Copilot" attribution
+- **NO** third-party AI tool references
+- **NO** "Co-Authored-By: Claude/ChatGPT/Copilot"
+- **NO** "Generated with [third-party tool]"
+
+**Violating this rule requires immediate commit amendment and force push to remove third-party attribution from git history.**

package/.ainative/settings.json

@@ -0,0 +1,116 @@
+{
+  "$schema": "https://google-gemini.github.io/gemini-cli/schemas/settings.schema.json",
+  "version": "1.0.0",
+  "project": {
+    "name": "My Project",
+    "type": "web-application",
+    "framework": "your-framework",
+    "language": "your-language"
+  },
+  "paths": {
+    "root": "__REPO_ROOT__",
+    "include_directories": [
+      "app",
+      "components",
+      "lib",
+      "services",
+      "public"
+    ],
+    "exclude_patterns": [
+      "node_modules",
+      ".next",
+      "dist",
+      "build",
+      "*.test.ts",
+      "*.test.tsx"
+    ]
+  },
+  "context": {
+    "primary_context_file": ".ainative/AINATIVE.md",
+    "supplementary_files": [
+      ".claude/CLAUDE.md"
+    ],
+    "max_context_files": 10
+  },
+  "model": {
+    "default": "gemini-2.5-pro",
+    "context_window": "1M",
+    "temperature": 0.7,
+    "tool_output_summarization": true
+  },
+  "tools": {
+    "enabled": [
+      "file_read",
+      "file_write",
+      "shell",
+      "web_fetch",
+      "memory"
+    ],
+    "shell": {
+      "allowed_commands": [
+        "npm",
+        "git",
+        "node",
+        "npx",
+        "curl",
+        "grep",
+        "find"
+      ],
+      "working_directory": "__REPO_ROOT__"
+    }
+  },
+  "security": {
+    "trusted_folders": [
+      "__REPO_ROOT__"
+    ],
+    "sandbox_profile": "default"
+  },
+  "ui": {
+    "theme": "dark",
+    "show_citations": true,
+    "show_line_numbers": true
+  },
+  "privacy": {
+    "collect_usage_stats": false
+  },
+  "extensions": {
+    "mcp_servers": {}
+  },
+  "ai_coding_rules": {
+    "git_attribution": {
+      "rule": "ZERO_TOLERANCE",
+      "description": "NEVER include AI tool attribution in commits, PRs, or issues",
+      "forbidden_terms": [
+        "Claude",
+        "Anthropic",
+        "Generated with Claude",
+        "Co-Authored-By: Claude",
+        "AI-generated"
+      ]
+    },
+    "commit_style": {
+      "format": "conventional",
+      "examples": [
+        "feat: Add user authentication",
+        "fix: Resolve navigation bug",
+        "docs: Update API documentation",
+        "style: Format code with Prettier",
+        "refactor: Simplify pricing logic",
+        "test: Add unit tests for services",
+        "chore: Update dependencies"
+      ]
+    },
+    "code_quality": {
+      "linting": "required",
+      "type_checking": "required",
+      "testing": "required_for_features",
+      "min_coverage": 80
+    }
+  },
+  "development": {
+    "port": 3000,
+    "auto_restart": true,
+    "hot_reload": true,
+    "source_maps": true
+  }
+}

package/.ainative/skills/ci-cd-compliance/SKILL.md

@@ -0,0 +1,33 @@
+---
+name: ci-cd-compliance
+description: CI/CD pipeline requirements and deployment standards. Use when (1) Setting up CI/CD pipelines, (2) Debugging CI failures, (3) Configuring deployment workflows, (4) Managing staging/production releases, (5) Investigating build failures. Covers CI gate requirements, merge policies, auto-deploy to staging, production approval process.
+---
+
+# CI/CD Compliance Rules
+
+## CI Gates Sequence
+
+**install -> lint/format -> typecheck -> unit -> integration -> (optional e2e) -> package**
+
+## Merge Policy
+
+* **Merge only if green**
+* Auto-deploy to **staging** on merge
+* Production requires tag/approval
+
+## CI Failure Handling
+
+When CI fails:
+1. **Explain root cause** in PR comment
+2. **Include the fix** in the same PR when feasible
+3. Don't merge until all gates pass
+
+## IDE Integration
+
+* Use built-in code actions and terminal to run tests/linters
+* Prefer **unified diffs** in responses so changes are patchable across IDEs
+* Attach artifacts (test output, screenshots, logs) whenever you assert a claim
+
+## Reference Files
+
+See `references/pipeline-requirements.md` for detailed CI configuration, gate definitions, and failure debugging guide.

package/.ainative/skills/code-quality/SKILL.md

@@ -0,0 +1,35 @@
+---
+name: code-quality
+description: Coding style standards, security guidelines, and accessibility requirements. Use when (1) Writing new code, (2) Reviewing code for style/security, (3) Implementing UI/UX features, (4) Addressing security concerns, (5) Ensuring accessibility compliance. Covers naming conventions, formatting, security best practices (no secrets/PII), accessibility standards (semantic HTML, keyboard nav), and responsive design.
+---
+
+# Code Quality Standards
+
+## Coding Style
+
+* **Naming:** camelCase for vars/functions; PascalCase for classes/types
+* **Formatting:** 4-space indentation; target <=80 chars (wrap thoughtfully)
+* **Comments:** Meaningful, current; delete stale comments
+* **Security:** Never log secrets/PII; validate inputs; least privilege by default
+* **Errors/Logs:** Explicit error types; structured logs by level; actionable messages
+
+## Accessibility & UX Quality
+
+* Favor semantic roles/labels; keyboard nav and focus order must work
+* Include responsive checks at **375, 768, 1024, 1440** with notes/screenshots
+* Use deterministic test IDs; avoid brittle CSS/XPath
+
+## Security & Compliance Guardrails
+
+* No real credentials in code, tests, or screenshots
+* Use test accounts/fixtures; redact secrets
+* Follow least-privilege and input validation
+* Document threat considerations in PR when relevant
+
+## Reference Files
+
+See `references/coding-style.md` for detailed style guide, formatting rules, comment standards.
+
+See `references/security-checklist.md` for security validation checklist, threat modeling, PII handling.
+
+See `references/accessibility-standards.md` for WCAG compliance, semantic HTML patterns, keyboard nav testing.

package/.ainative/skills/file-placement/SKILL.md

@@ -0,0 +1,59 @@
+---
+name: file-placement
+description: Enforces ZERO TOLERANCE file placement rules for documentation and scripts. Use when (1) Creating any .md file, (2) Creating any .sh script, (3) Organizing documentation, (4) Writing guides or reports, (5) Adding utility scripts. CRITICAL RULES - NEVER create .md files in root directories (except README.md, CLAUDE.md), NEVER create .sh scripts in backend (except start.sh), ALL documentation goes in docs/ subfolders, ALL scripts go in scripts/ folder.
+---
+
+# File Placement Rules
+
+## ZERO TOLERANCE FILE PLACEMENT
+
+### STRICT RULES
+
+* **FORBIDDEN:** Creating .md files in project root (except README.md, CLAUDE.md)
+* **FORBIDDEN:** Creating .md files in src/backend/ (except README.md)
+* **FORBIDDEN:** Creating scripts (.sh) in src/backend/ (except start.sh)
+
+### REQUIRED LOCATIONS
+
+## Backend Documentation -> `docs/`
+
+* **Issues/Bugs:** `docs/issues/ISSUE_*.md`, `docs/issues/BUG_*.md`, `docs/issues/ROOT_CAUSE_*.md`
+* **Testing/QA:** `docs/testing/*_TEST*.md`, `docs/testing/QA_*.md`
+* **API Documentation:** `docs/api/API_*.md`, `docs/api/*_ENDPOINTS*.md`
+* **Implementation Reports:** `docs/reports/*_IMPLEMENTATION*.md`, `docs/reports/*_SUMMARY.md`
+* **Deployment:** `docs/deployment/DEPLOYMENT_*.md`, `docs/deployment/RAILWAY_*.md`
+* **Quick References:** `docs/quick-reference/*_QUICK_*.md`, `docs/quick-reference/*_REFERENCE.md`
+* **Development Guides:** `docs/development-guides/CODING_*.md`, `docs/development-guides/*_GUIDE.md`
+* **Planning:** `docs/planning/PRD_*.md`, `docs/planning/BACKLOG*.md`
+
+## Scripts -> `scripts/`
+
+* **ALL test scripts:** `scripts/test_*.sh`
+* **ALL migration scripts:** `scripts/*_migration.sh`
+* **ALL monitoring scripts:** `scripts/monitor_*.sh`
+* **ALL utility scripts:** `scripts/*.sh`
+
+## ENFORCEMENT WORKFLOW
+
+Before creating ANY .md file or .sh script, you MUST:
+
+1. Check if you're creating it in a root directory
+2. If yes, STOP and use the appropriate docs/ or scripts/ subfolder
+3. Choose the correct category based on filename patterns above
+4. Create in the correct location FIRST TIME, not in root then move later
+
+## VIOLATION CONSEQUENCES
+
+Creating documentation in root directories causes:
+
+* Project clutter and disorganization
+* Wasted time reorganizing files
+* Inconsistent documentation structure
+* Developer frustration
+* Loss of findability for important docs
+
+**THIS IS A ZERO-TOLERANCE RULE. ALWAYS use docs/ or scripts/ subfolders.**
+
+## Reference Files
+
+See `references/directory-mapping.md` for complete mapping table of filename patterns to required directory locations.

package/.ainative/skills/git-workflow/SKILL.md

@@ -0,0 +1,116 @@
+---
+name: git-workflow
+description: Git commit, PR, and branching standards with ZERO TOLERANCE for AI attribution. Use when (1) Creating commits, (2) Writing commit messages, (3) Creating pull requests, (4) Writing PR descriptions, (5) Branching or merging code. ABSOLUTE RULE - NEVER include "Claude", "Anthropic", "AI-generated", emojis with "Generated with", or any AI tool attribution in commits, PRs, issues, or documentation.
+---
+
+# Git & PR Workflow Standards
+
+## Core Principles
+
+* **Small PRs:** <=300 LOC changed ideally
+* **Commit often:** Early, meaningful commits with clear messages
+* **Linear history:** Prefer rebase over merge commits
+* **Professional:** No AI attribution, no tool branding, clean descriptions
+
+## ABSOLUTE ZERO-TOLERANCE RULE: NO AI ATTRIBUTION
+
+**NEVER, UNDER ANY CIRCUMSTANCES, include ANY of the following in:**
+* Git commit messages
+* Pull request descriptions
+* Issue comments
+* GitHub discussions
+* Code comments
+* Documentation
+* ANY public-facing repository content
+
+### STRICTLY FORBIDDEN TEXT - NEVER USE
+
+* "Claude"
+* "Anthropic"
+* "claude.com"
+* "Claude Code"
+* "Generated with Claude"
+* "Co-Authored-By: Claude"
+* Any emoji followed by "Generated with" or "Powered by"
+* Any reference to AI assistants, AI code generation, or automated tools
+* Any branding, attribution, or links to third-party AI services
+
+### CORRECT FORMAT - ALWAYS USE
+
+* Clean, professional commit messages
+* Clear description of what changed
+* Explanation of why the change was made
+* No attribution, no branding, no tool references
+
+## Examples
+
+### FORBIDDEN COMMIT
+
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+
+Generated with [Claude Code](https://claude.com/claude-code)
+
+Co-Authored-By: Claude <noreply@anthropic.com>
+```
+
+### CORRECT COMMIT
+
+```
+Add multi-dimension vector support
+
+- Support for 384, 768, 1024, and 1536 dimensions
+- Update validation logic for new dimensions
+- Add comprehensive test coverage
+```
+
+### FORBIDDEN PR DESCRIPTION
+
+```markdown
+## Summary
+Implemented new authentication flow with JWT tokens.
+
+## Test Plan
+All tests passing.
+
+---
+Powered by Claude
+```
+
+### CORRECT PR DESCRIPTION
+
+```markdown
+## Summary
+Implemented new authentication flow with JWT tokens.
+
+## Test Plan
+All tests passing.
+```
+
+## Enforcement
+
+* **ZERO TOLERANCE** rule with **NO EXCEPTIONS**
+* Every commit must be verified before pushing
+* Every PR must be reviewed for attribution before creating
+* If attribution is found, it must be removed immediately via force push or amendment
+* This rule applies to ALL repositories, ALL projects, ALL commits
+
+## PR Requirements
+
+Every PR must include:
+
+* **Problem/Context:** What issue are we solving and why?
+* **Solution summary:** How does this change address the problem?
+* **Test plan:** Commands + results proving functionality
+* **Risk/rollback:** Potential issues and how to revert if needed
+* **Story link + Type + Estimate:** Link to issue/story with type (feature/bug/chore) and points
+
+## Reference Files
+
+See `references/ai-attribution-enforcement.md` for comprehensive forbidden text list and enforcement details.
+
+See `references/pr-templates.md` for complete PR templates for feature, bug, and chore PRs.
+
+See `references/branch-conventions.md` for branch naming patterns and examples.

package/.ainative/skills/local-environment-check/SKILL.md

@@ -0,0 +1,78 @@
+---
+name: local-environment-check
+description: Verify local development environment is correctly configured. Use when (1) Setting up a new development machine, (2) Debugging environment issues, (3) Onboarding new team members, (4) Verifying tool versions, (5) Checking port availability.
+---
+
+# Local Environment Check
+
+## Purpose
+
+Verify that the local development environment has all required tools, correct versions, and proper configuration before starting work.
+
+## Checks to Perform
+
+### 1. Required Tools
+```bash
+# Check Node.js
+node --version    # Expected: v18+ or v20+
+
+# Check npm/bun/pnpm
+npm --version     # Expected: 9+
+bun --version     # If using bun
+pnpm --version    # If using pnpm
+
+# Check Python (if applicable)
+python3 --version # Expected: 3.10+
+pip --version
+
+# Check Git
+git --version     # Expected: 2.30+
+
+# Check GitHub CLI
+gh --version
+gh auth status    # Verify authenticated
+```
+
+### 2. Environment Variables
+```bash
+# Check required env vars are set
+env | grep -E "^(NODE_ENV|API_URL|DATABASE_URL)" || echo "Missing env vars"
+
+# Check .env file exists
+[ -f .env ] && echo ".env exists" || echo "WARNING: No .env file"
+```
+
+### 3. Port Availability
+```bash
+# Check if common dev ports are free
+lsof -i :3000 2>/dev/null && echo "Port 3000 in use" || echo "Port 3000 available"
+lsof -i :5432 2>/dev/null && echo "Port 5432 in use" || echo "Port 5432 available"
+lsof -i :8080 2>/dev/null && echo "Port 8080 in use" || echo "Port 8080 available"
+```
+
+### 4. Dependencies
+```bash
+# Install and verify dependencies
+npm install       # or bun install / pnpm install
+npm run build     # Verify build works
+npm test          # Verify tests pass
+```
+
+### 5. Git Configuration
+```bash
+# Verify git hooks are installed
+ls -la .git/hooks/pre-commit .git/hooks/commit-msg 2>/dev/null
+
+# If missing, install them
+bash .claude/hooks/install-hooks.sh
+```
+
+## Troubleshooting
+
+| Issue | Solution |
+|-------|---------|
+| Node version too old | Use `nvm install 20` |
+| Port already in use | Kill process: `kill $(lsof -t -i:3000)` |
+| Missing env vars | Copy from `.env.example`: `cp .env.example .env` |
+| Git hooks not installed | Run `bash .claude/hooks/install-hooks.sh` |
+| npm install fails | Delete `node_modules` and `package-lock.json`, retry |

package/.ainative/skills/mandatory-tdd/SKILL.md

@@ -0,0 +1,112 @@
+---
+name: mandatory-tdd
+description: Enforces Test-Driven Development (TDD) with BDD-style tests and mandatory test execution. Use when (1) Writing any new code or feature, (2) Fixing bugs, (3) Refactoring existing code, (4) Creating pull requests, (5) Closing issues. CRITICAL RULE - Tests MUST be actually executed with proof of passing status and coverage >= 80% before ANY commit, PR, or issue closure.
+---
+
+# Mandatory TDD/BDD Testing Strategy
+
+## Core Principles
+
+* **BDD Style:** Use `describe/it` syntax for unit, integration, and functional/API tests
+* **Test-First:** Write failing tests before implementation
+* **Deterministic:** Use data-testid, role, or label selectors (never brittle CSS/XPath)
+* **Fast & Light:** Prefer fast unit/integration tests; save heavy e2e for nightly unless required
+
+## Example BDD Structure
+
+```js
+describe('Calculator', () => {
+  describe('addition', () => {
+    it('adds two positive numbers', () => {
+      expect(add(5, 7)).to.equal(12);
+    });
+  });
+});
+```
+
+## MANDATORY TEST EXECUTION REQUIREMENT
+
+**BEFORE claiming tests pass or closing any issue:**
+
+1. **ACTUALLY RUN THE TESTS** - Execute test suite with coverage
+2. **VERIFY THEY PASS** - Confirm all tests show green/passing status
+3. **CHECK COVERAGE** - Verify minimum 80% coverage requirement met
+4. **INCLUDE OUTPUT** - Paste actual test execution output in PR/commit/issue
+
+### ABSOLUTELY FORBIDDEN
+
+* Writing tests but NOT running them
+* Claiming "All tests passing" without proof
+* Stating "80%+ coverage" without actual coverage report
+* Closing issues without running test suite
+* Creating PRs without executing pytest/jest/etc.
+* Assuming tests work based on syntax checking alone
+
+### REQUIRED WORKFLOW
+
+**Backend (Python/FastAPI):**
+```bash
+cd /path/to/your/backend
+python3 -m pytest tests/test_your_feature.py -v --cov=app.your.module --cov-report=term-missing
+
+# Verify output shows:
+# - All tests passed (green checkmarks)
+# - Coverage >= 80%
+# - No import errors or test failures
+```
+
+**Frontend (TypeScript/React):**
+```bash
+cd /path/to/your/frontend
+npm test -- --coverage
+
+# Verify output shows:
+# - All tests passed
+# - Coverage >= 80% for statements, branches, functions, lines
+```
+
+### Evidence Requirement
+
+Every PR, commit, or issue closure involving tests MUST include:
+
+```
+## Test Execution Evidence
+
+### Command Run:
+`pytest tests/test_feature.py -v --cov=app.module`
+
+### Output:
+test_create_item PASSED                                        [  5%]
+test_validation PASSED                                         [ 10%]
+==================== 20 passed in 3.42s ====================
+Coverage: 87%
+
+### Coverage Report:
+app/api/v1/endpoints/feature.py    422    35    87%
+app/schemas/item.py                192    18    91%
+```
+
+## Why This Matters
+
+* **Prevents false confidence** - Tests may have import errors, assertion failures
+* **Catches infrastructure issues** - Broken test setup, missing dependencies
+* **Validates coverage claims** - Actual coverage may be lower than estimated
+* **Ensures production readiness** - Code that doesn't pass tests shouldn't ship
+* **Saves debugging time** - Finding test failures BEFORE merge, not after
+
+## Enforcement
+
+* **MANDATORY** requirement with **NO EXCEPTIONS**
+* Tests must be run LOCALLY before any git commit
+* Test output must be included in PR descriptions
+* Coverage reports must show actual percentages, not estimates
+* If tests cannot run due to infrastructure issues, **DOCUMENT THE ISSUE** and fix it before proceeding
+* Never claim "tests passing" without proving it with actual command output
+
+**THIS IS A ZERO-TOLERANCE RULE. ALWAYS RUN TESTS AND PROVIDE PROOF.**
+
+## Reference Files
+
+See `references/bdd-patterns.md` for detailed BDD test pattern examples across unit, integration, and API tests.
+
+See `references/coverage-requirements.md` for detailed coverage configuration, thresholds, and exclusion patterns.