@anhth2/spec-driven-dev-plugin 0.5.0

package/commands/review-tech-docs.md

@@ -0,0 +1,518 @@
+# /review-tech-docs — Review Technical Design Document
+
+**READ-ONLY analysis mode — writes a findings file, does NOT modify the target.**
+**Use `--resume` to apply accepted findings.**
+
+## Gate
+# Gate — Universal Entry Procedure
+
+Every command must execute this gate before proceeding with its specific logic.
+
+## Step 0 — Sub-Agent Mode Check
+
+Before anything else, check if `$ARGUMENTS` is a JSON payload from an orchestrator:
+
+1. Attempt to parse `$ARGUMENTS` as JSON.
+2. If it parses successfully **and** contains `"_agent_mode": true`:
+   - **Skip Steps 1, 2, and 3 of this Gate entirely.**
+   - Set target file = `payload.target_file`
+   - Set loaded context = `payload.context` (do NOT run context-loader.md)
+   - Set UC scope = `payload.uc_id` (process only this UC)
+   - Set line range = `payload.uc_section` (read only that PRD section)
+   - Proceed directly to the command-specific logic.
+3. If `$ARGUMENTS` is not JSON or `_agent_mode` is absent → continue to Step 1 (normal mode).
+
+## Step 0-B — Model Check
+
+*Skip this step if `_agent_mode: true` (sub-agent — orchestrator already validated).*
+
+Complex generation and review commands require strong reasoning.
+Using a smaller model risks missed edge cases, incomplete spec analysis, and architecture violations.
+
+Display and wait for response:
+
+```
+⚙️  MODEL CHECK
+──────────────────────────────────────────────────────────────────
+  Recommended  : claude-opus-4-5 (or claude-opus-4)
+  Why needed   : Spec analysis, architecture review, code generation
+                 require deep reasoning. Smaller models miss edge cases.
+
+  To switch in Claude Code:
+    • Settings → Model → select "claude-opus"
+    • or: /model → choose claude-opus
+
+  Running on claude-opus?
+    Y — yes, on claude-opus → proceed
+    S — skip check (I accept lower quality risk with current model)
+──────────────────────────────────────────────────────────────────
+```
+
+- "Y" → proceed to Step 1.
+- "S" → proceed to Step 1 (user accepts risk, add ⚠️ to final report).
+- "N" or anything else → **STOP.** Output: "Please switch to claude-opus, then re-run this command."
+
+## Step 1 — Resolve Target File
+
+1. If `$ARGUMENTS` is provided and points to an existing file → use it directly as the target.
+2. If `$ARGUMENTS` is a UC-ID, ticket ID, or partial name → search for matching files in the relevant directory.
+3. If `$ARGUMENTS` is empty or no match found:
+   - List files in the relevant directory for this command (e.g., `specs/prd/**/*.md` for PRD commands, `specs/bdd/**/*.feature` for BDD commands).
+   - Present the list to the user and ask: "Which file do you want to work with? (Enter number or filename)"
+   - Wait for user selection before continuing.
+
+## Step 2 — Execute Context Loader
+
+Load all project context by following the procedure in `steps/context-loader.md`.
+Store all loaded context in memory for use throughout this command session.
+
+## Step 3 — CHECKPOINT
+
+After completing Steps 1 and 2, display a summary and wait for confirmation:
+
+```
+CHECKPOINT
+-----------
+Target     : {resolved file path}
+Project    : {project.name from project-context.yaml}
+Tech stack : {language} / {framework}
+Module     : {module if set, else "not configured"}
+Domains    : {comma-separated domain list}
+
+Proceed? (Y/N)
+```
+
+Wait for explicit "Y" or "N" from the user before continuing.
+- "Y" → proceed to the command-specific steps below.
+- "N" → stop and ask what the user wants to change.
+
+
+*Note: For this command, the target in Step 1 is a tech-design `.md` file in `{paths.tech_docs_dir}/{domain}/`.
+If `$ARGUMENTS` contains `--resume` → skip to Resume Mode below.*
+
+## Context
+# Context Loader — Load All Project Context
+
+Execute these steps in order. Store everything in memory for the duration of the command session.
+
+**Priority guide (anti-lost-in-middle):**
+- Steps 1–2 are PROJECT-CONFIG — loaded first, resolve all paths and metadata.
+- Step 3 is CRITICAL — architecture + coding standards, the highest-priority facts for generation.
+- Step 4 is SAFETY — data protection rules, enforced silently for the entire session.
+- Steps 5–6 are DOMAIN KNOWLEDGE — terminology and entity definitions.
+- Step 7 is the WORKING MEMORY RECAP — locks critical facts into the top of working memory.
+
+---
+
+## Step 1 — [PROJECT-CONFIG] Load project-context.yaml
+
+Read `.agent/project-context.yaml`. Extract and store:
+
+**Tech Stack:**
+- `tech_stack.language` → active language (e.g., Java 17, TypeScript, C#, Go)
+- `tech_stack.framework` → active framework (e.g., Spring Boot 3.2, Angular 17, .NET 8)
+- `tech_stack.build_tool` → build tool (e.g., Maven, npm, dotnet, go)
+- `tech_stack.test_framework` → test framework (e.g., JUnit 5 + Mockito, Jest, xUnit)
+- `tech_stack.database` → database (e.g., PostgreSQL, MySQL, MongoDB)
+- `tech_stack.module` → active module profile (e.g., java-spring, angular, dotnet, golang, context-engineering)
+
+**Conventions:**
+- `conventions.build_command` → how to compile/build
+- `conventions.test_command` → how to run tests
+- `conventions.service_run` → how to start the service
+- `conventions.ticket_prefix` → ticket ID prefix (e.g., PROJ, FEAT, UC)
+
+**Domains:**
+- `domains` → list of active business domains
+
+**Paths (if present):**
+- `paths.specs_dir` → BDD specs root
+- `paths.prd_dir` → PRD documents root
+- `paths.refinement_dir` → findings/review output dir
+- `paths.product_definitions_dir` → product definitions root
+- `paths.domain_knowledge_dir` → domain knowledge root
+- `paths.business_dictionary` → path to business-dictionary.md
+- `paths.core_entities` → path to core-entities.md
+- `paths.tech_docs_dir` → technical documentation root
+- `paths.trace_dir` → trace state directory
+
+If `paths` section is absent, use these defaults:
+- `specs_dir` = `specs/bdd`
+- `prd_dir` = `specs/prd`
+- `refinement_dir` = `.agent/review`
+- `product_definitions_dir` = `specs/product-definition`
+- `domain_knowledge_dir` = `specs/domain-knowledge`
+- `business_dictionary` = `specs/domain-knowledge/business-dictionary.md`
+- `core_entities` = `specs/domain-knowledge/core-entities.md`
+- `tech_docs_dir` = `tech-docs`
+- `trace_dir` = `.trace`
+
+If `tech_stack.module` is set, also load `.agent/modules/{module}/stack-profile.yaml` if it exists.
+
+---
+
+## Step 2 — [PROJECT-CONFIG] Load module stack profile (conditional)
+
+If `tech_stack.module` is set, read `.agent/modules/{module}/stack-profile.yaml`.
+Merge framework-specific conventions (layer patterns, test patterns, naming rules) into the loaded context.
+If the file does not exist → skip silently.
+
+---
+
+## Step 3 — [CRITICAL] Load CLAUDE.md
+
+*This is the highest-priority context — it defines HOW to write code and documents for this project.*
+
+Read `CLAUDE.md`. Extract and store:
+
+- **§1 Project Overview** → project name, language, framework, build/test commands, domains
+- **§2 Architecture** → layer order (e.g., Controller → Facade → Service → Repository), architectural rules
+- **§3 Coding Standards** → naming conventions (classes, methods), response wrapper type, forbidden patterns
+- **§5 Error Handling** → exception types, HTTP status code mapping, not-found exception class name
+- **§7 Git Conventions** → branch naming pattern, commit message format
+
+If `CLAUDE.md` does not exist → note it as missing and continue with project-context.yaml data only.
+
+---
+
+## Step 4 — [SAFETY] Load Data Protection Rules
+
+Read `.agent/rules/data-protection.md` (or `rules/data-protection.md` from the framework installation).
+
+Store the sensitive file patterns — you must **never** read, write, display, or reference content from files matching those patterns for the entire session.
+
+If neither file exists → apply built-in defaults: never access `.env*`, `*.key`, `*.pem`, `*secret*`, `*password*`, `*credential*`.
+
+---
+
+## Step 5 — [DOMAIN] Load Business Dictionary (conditional)
+
+Check if the business dictionary file exists (use `paths.business_dictionary` resolved in Step 1).
+
+If it exists, read it and extract:
+- **Canonical Terms** → complete list of approved terms and their definitions
+- **Banned Terms** → complete list of banned terms and their canonical replacements
+- **Status / Enum Registry** → allowed enum values per entity
+
+Store the banned terms list for **active enforcement** throughout the command session:
+- When generating any text (PRD, BDD, code comments, tech docs), verify no banned terms appear
+- Replace banned terms with their canonical equivalents automatically
+
+If the file does not exist → skip silently. Do not warn or block.
+
+---
+
+## Step 6 — [DOMAIN] Load Core Entities (conditional)
+
+Check if the core entities file exists at `paths.core_entities` (resolved in Step 1).
+Default path: `specs/domain-knowledge/core-entities.md`.
+
+If it exists, read it and store:
+- **Entity catalog** → for each entity: its name, purpose, owner service, key fields (name + type), business invariants, and relationships
+- **Field name registry** → canonical field names to use in generated code and documents
+- **Relationship map** → how entities relate to each other (1:N, N:N, embedded, etc.)
+
+**How to use this catalog:**
+- When generating code: use the field names, types, and relationships defined here — do NOT infer from existing code
+- When generating PRD/BDD: reference entity names from this catalog for consistency
+- When generating tech-docs: use this catalog as the source-of-truth for entity definitions
+
+If the file does not exist → skip silently.
+
+---
+
+## Step 7 — [RECAP] Working Memory Recap (anti-lost-in-middle)
+
+After loading all context, synthesize and output a compact summary block.
+This recap ensures the most critical facts are stated at the END of context loading
+(recency effect — freshest in working memory when the task begins).
+
+Output exactly this block:
+```
+[CTX LOADED]
+Stack     : {language} / {framework} / {database}
+Layers    : {layer order from CLAUDE.md §2, e.g., Controller → Facade → Service → Repository}
+Ticket    : {ticket_prefix}-
+Dict      : {loaded — N canonical terms, M banned terms | missing}
+Entities  : {loaded — EntityA, EntityB, EntityC | missing}
+Status    : {FULL | PARTIAL — missing: CLAUDE.md / business-dict / core-entities | MINIMAL}
+```
+
+If any CRITICAL file is missing (CLAUDE.md), flag it clearly so the user can decide whether to proceed.
+
+---
+
+## Context Load Complete
+
+After completing all steps, you have loaded:
+- Project identity, tech stack, module conventions
+- Architecture rules and layer order  ← **[CRITICAL — hold in working memory]**
+- Coding standards and naming conventions  ← **[CRITICAL — hold in working memory]**
+- Data protection rules (sensitive file patterns to never access)
+- Terminology rules with banned-term list  ← **[DOMAIN — apply to every generated word]**
+- Entity catalog (field names, types, invariants)  ← **[DOMAIN — use for code generation]**
+- All configured paths
+
+Proceed to the next step of the calling command.
+
+
+---
+
+## Load Review Materials
+
+After loading base context, read the following in order:
+
+1. **Target tech-doc** — read fully. Extract from header:
+   - `@trace.id` → UC-ID
+   - `@trace.domain` → domain
+   - `@trace.prd` → source PRD ticket ID
+   - `@trace.status` → current status (draft / in-review / approved)
+
+2. **Source feature file** — load `{paths.specs_dir}/{domain}/{UC-ID}*.feature` if exists.
+
+3. **Other tech-docs in same domain** — list and load all `.md` files in
+   `{paths.tech_docs_dir}/{domain}/` excluding the target. Used for conflict checking (T4).
+
+4. **Architecture reference** — re-confirm CLAUDE.md §2: layer order, architectural rules.
+
+5. **Core entities** — already loaded in context (Step 6 of context-loader).
+
+Derive findings filename:
+`{paths.refinement_dir}/{uc-id}-tech-review-findings.yaml`
+
+---
+
+## Review Dimensions
+
+### T1 — Architecture Alignment *(always CRITICAL if violated)*
+
+Cross-reference the proposed design against CLAUDE.md §2 rules:
+
+| Violation type | Severity |
+|----------------|----------|
+| Controller calls Repository directly (layer skip) | Critical |
+| Business logic in Controller or DTO | Critical |
+| Forbidden pattern from §3 | Critical |
+| Dependency going upstream (Service → Controller DTO) | Critical |
+| Transaction annotation on wrong layer | Major |
+| Missing separation (no Facade when arch requires it) | Major |
+
+For each finding:
+```
+Component: {class or method name}
+Violates:  "{rule text}" (CLAUDE.md §2)
+Fix:       {which layer/component should own this instead}
+```
+→ **Not auto-fixable.** Human must decide structural fix. Note required in Review Board.
+
+### T2 — Entity Consistency
+
+Using the loaded core-entities catalog:
+
+| Issue | Severity | Auto-fixable? |
+|-------|----------|---------------|
+| Entity mentioned not in core-entities.md | Major | No — human confirms if DTO or domain entity |
+| Field name differs from core-entities.md | Major | Yes — rename to canonical |
+| Relationship described differently | Major | No — human decides |
+| New entity introduced but not in core-entities.md | Minor | No — add to core-entities first |
+
+### T3 — BDD Traceability
+
+Cross-reference against the source `.feature` file:
+
+| Issue | Severity | Auto-fixable? |
+|-------|----------|---------------|
+| Tech-doc proposes behavior not in any BDD scenario | Major | No — create scenario first |
+| Tech-doc contradicts a BDD scenario | Critical | No — resolve conflict first |
+| UC scenario has no corresponding design decision | Minor | Yes — add missing design note |
+
+### T4 — Domain Conflict Check
+
+Compare against other tech-docs in `{paths.tech_docs_dir}/{domain}/`:
+
+| Issue | Severity | Auto-fixable? |
+|-------|----------|---------------|
+| Same endpoint defined with different request/response | Critical | No — human resolves |
+| Same service method with different behavior | Critical | No — human resolves |
+| Entity status transitions differ between docs | Critical | No — human resolves |
+| Overlapping responsibility (both docs claim ownership of same logic) | Major | No — human resolves |
+
+### T5 — Internal Consistency
+
+Within the tech-doc itself:
+
+| Check | Severity | Auto-fixable? |
+|-------|----------|---------------|
+| Sequence diagram shows different flow than written description | Major | No |
+| API spec return type differs from code sketch | Major | Yes — align one to the other |
+| Section references a component/concept never defined later | Minor | Yes — add definition |
+| Assumption stated but no design addresses it | Minor | Yes — add note or remove assumption |
+
+### T6 — Structural Completeness
+
+Check all standard sections are present and non-empty:
+
+| Section | Missing severity |
+|---------|-----------------|
+| Header (`@trace.id`, `@trace.prd`, `@trace.domain`, `@trace.status`) | Major |
+| Overview / Context | Major |
+| Architecture Decision with rationale | Major |
+| Component Diagram or Layer Description | Major |
+| Sequence Diagram or Flow Steps | Major |
+| API Contract (if HTTP-facing) | Major |
+| Data Model Changes (if entity changes) | Major |
+| Error Handling Strategy | Major |
+| Open Questions / Assumptions | Minor |
+
+→ All T6 missing-section findings are **auto-fixable**: AI adds skeleton section with prompts.
+
+---
+
+## Write Findings File
+
+After running all checks, write findings to `{paths.refinement_dir}/{uc-id}-tech-review-findings.yaml`:
+
+```yaml
+source_file: "{absolute path to tech-doc}"
+uc_id: "{UC-ID}"
+domain: "{domain}"
+generated_at: "{ISO datetime}"
+review_type: "tech-design"
+status: "pending_review"
+
+findings:
+  - id: "F001"
+    check_id: "T1"           # T1–T6
+    severity: "critical"     # critical | major | minor
+    section: "{section heading or component name where issue was found}"
+    finding: "{clear description of the violation or gap}"
+    suggestion: "{specific fix — AI applies this in --resume if accepted}"
+    auto_fixable: false      # true = AI can apply; false = human must write decision in note
+    status: "pending"        # pending | accepted | modified | rejected | deferred
+
+summary:
+  total_findings: {N}
+  by_severity: { critical: {N}, major: {N}, minor: {N} }
+  auto_fixable: {N}
+  requires_human_decision: {N}
+  recommendation: "APPROVED | NEEDS_REVISION | BLOCKED"
+```
+
+## Report
+
+# Report Footer — Standard Command Output Format
+
+Every command report must end with this standard footer section.
+
+## Status Badge
+
+Choose one based on outcome:
+- `✅ Complete` — all steps succeeded, no issues found
+- `❌ Failed` — command could not complete due to a blocking error
+- `⚠️ Warnings` — completed with non-blocking issues that should be reviewed
+
+## Output Artifacts
+
+List every file created or modified by this command:
+```
+Output Artifacts:
+  {created|updated} {file-path} ({brief description})
+  {created|updated} {file-path} ({brief description})
+```
+
+If no files were written (e.g., review or analysis commands) → write `Output Artifacts: none (read-only)`.
+
+## Next Command Suggestion
+
+Suggest the logical next command based on workflow phase:
+
+| Current command         | Suggest next                                  |
+|-------------------------|-----------------------------------------------|
+| /define-product         | `/generate-prd {product-definition-file}`     |
+| /generate-prd           | `/refine-prd {prd-file}` then `/review-context {prd-file}` |
+| /refine-prd             | Open Review Board → update PRD → `/review-context {prd-file}` |
+| /review-context (PRD)   | `/generate-bdd {prd-file}` if APPROVED; fix PRD if NEEDS_FIX |
+| /generate-bdd           | `/review-context {feature-file}` to verify coverage |
+| /review-context (BDD)   | `/generate-tech-docs {UC-ID}` if APPROVED; regenerate if NEEDS_FIX |
+| /generate-tech-docs     | `/review-tech-docs {tech-design-file}`        |
+| /review-tech-docs       | `/generate-code {feature-file}` if APPROVED; fix doc if NEEDS_FIX |
+| /generate-code          | `/generate-tests {UC-ID}`                     |
+| /generate-tests         | `/run-tests {UC-ID}`                          |
+| /run-tests (passing)    | `/review-code {UC-ID}`                        |
+| /run-tests (failing)    | `/fix-bug {ticket-id}` or `/debug {error}`    |
+| /review-code            | `/smoke-test {UC-ID}` or create PR            |
+| /smoke-test             | Create PR and link to ticket                  |
+| /validate-traces        | `/generate-code {UC-ID}` for gaps             |
+| /fix-bug                | Create PR and link to ticket                  |
+| /debug                  | `/fix-bug {ticket-id}` if fix needed          |
+
+Format the footer as:
+```
+---
+Status : {badge}
+{Output Artifacts block}
+Next   : {suggested command with example arguments}
+```
+
+
+```
+/review-tech-docs Complete — {target file}
+UC: {UC-ID} | Domain: {domain}
+Findings: {total} | 🔴 Critical: {N} | 🟡 Major: {N} | 🟢 Minor: {N}
+Auto-fixable: {N} | Needs human decision: {N}
+
+Findings file: {paths.refinement_dir}/{uc-id}-tech-review-findings.yaml
+Next: Open in Review Board → Accept/Modify/Reject each finding
+      Then run: /review-tech-docs --resume {tech-design-file}
+```
+
+---
+
+## Resume Mode — Apply Accepted Findings
+
+*Triggered when `$ARGUMENTS` contains `--resume`.*
+*Example: `/review-tech-docs --resume tech-docs/payment/PAY-UC1-tech-design.md`*
+
+### Phase 1 — Read accepted findings
+
+1. Derive findings file from target: `{paths.refinement_dir}/{uc-id}-tech-review-findings.yaml`
+2. Read the file. Collect findings where `status: "accepted"` or `status: "modified"`.
+3. If none → report "No accepted findings. File unchanged." and stop.
+
+### Phase 2 — Apply fixes
+
+Apply in order: critical → major → minor.
+
+| check_id | What to do |
+|----------|-----------|
+| T1 (Architecture) | Apply the structural fix from finding note — move logic to correct layer, update component description |
+| T2 (Field name) | Rename field to canonical name from core-entities.md throughout the document |
+| T3 (Missing design note) | Add design decision note for the uncovered scenario |
+| T5 (Internal inconsistency) | Align the conflicting sections to the decision stated in the note |
+| T6 (Missing section) | Add skeleton section with placeholder prompts for the tech lead to fill |
+
+**T1, T2, T4 findings with `auto_fixable: false`:** require a human-written resolution in the
+Review Board "Modify" note. Apply exactly what the note says. Do not invent the fix.
+
+### Phase 3 — Update header + Report
+
+1. Increment `@trace.revision` in the tech-doc header by 1.
+2. Update `@trace.status` to `draft` (reset — must be re-approved after changes).
+
+```
+/review-tech-docs --resume Applied — {target file}
+UC: {UC-ID}
+
+Applied  : {N} findings ({critical} critical, {major} major, {minor} minor)
+Skipped  : {N} rejected/deferred
+
+Changes:
+  - {change 1}
+  - {change 2}
+
+Revision : {old} → {new}
+Status   : reset to draft (re-approval required)
+
+Re-run /review-tech-docs {file} to confirm 0 remaining critical findings.
+Next: /generate-code {feature-file}
+```