@boyingliu01/xp-gate 0.12.0 → 0.12.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/xp-gate.js +8 -0
- package/gate-3.sh +68 -0
- package/gate-4.sh +80 -0
- package/gate-7.sh +45 -0
- package/gate-8.sh +56 -0
- package/gate-9.sh +130 -0
- package/lib/__tests__/doctor.test.js +100 -1
- package/lib/__tests__/next-sprint.test.js +231 -0
- package/lib/doctor.js +61 -2
- package/lib/init.js +7 -0
- package/lib/next-sprint.js +129 -0
- package/mock-policy/AGENTS.md +2 -2
- package/mutation/AGENTS.md +2 -2
- package/package.json +7 -2
- package/plugins/claude-code/.claude-plugin/plugin.json +1 -1
- package/plugins/claude-code/skills/delphi-review/AGENTS.md +2 -2
- package/plugins/claude-code/skills/sprint-flow/AGENTS.md +2 -2
- package/plugins/claude-code/skills/test-specification-alignment/AGENTS.md +2 -2
- package/plugins/opencode/package.json +1 -1
- package/plugins/opencode/skills/delphi-review/AGENTS.md +2 -2
- package/plugins/opencode/skills/sprint-flow/AGENTS.md +2 -2
- package/plugins/opencode/skills/test-specification-alignment/AGENTS.md +2 -2
- package/plugins/qoder/plugin.json +1 -1
- package/plugins/qoder/skills/delphi-review/AGENTS.md +2 -2
- package/plugins/qoder/skills/sprint-flow/AGENTS.md +2 -2
- package/plugins/qoder/skills/test-specification-alignment/AGENTS.md +2 -2
- package/principles/AGENTS.md +2 -2
- package/skills/delphi-review/AGENTS.md +2 -2
- package/skills/sprint-flow/AGENTS.md +2 -2
- package/skills/test-specification-alignment/AGENTS.md +2 -2
package/bin/xp-gate.js
CHANGED
|
@@ -135,6 +135,14 @@ const COMMANDS = {
|
|
|
135
135
|
handleSprintStatus(subargs).then(code => process.exit(code));
|
|
136
136
|
},
|
|
137
137
|
usage: 'xp-gate sprint-status [--json] [--watch] [--dir <path>]'
|
|
138
|
+
},
|
|
139
|
+
'next-sprint': {
|
|
140
|
+
description: 'Analyze remaining open issues and plan next iteration',
|
|
141
|
+
run: subargs => {
|
|
142
|
+
const { handleNextSprint } = require('../lib/next-sprint.js');
|
|
143
|
+
handleNextSprint(subargs).then(code => process.exit(code));
|
|
144
|
+
},
|
|
145
|
+
usage: 'xp-gate next-sprint [--json] [--plan] [--dir <path>]'
|
|
138
146
|
}
|
|
139
147
|
};
|
|
140
148
|
|
package/gate-3.sh
ADDED
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
# ============================================================================
|
|
2
|
+
# GATE 3: Cyclomatic Complexity Check
|
|
3
|
+
# Uses lizard - checks cyclomatic complexity of changed source files
|
|
4
|
+
# ============================================================================
|
|
5
|
+
|
|
6
|
+
2>&1 echo ""
|
|
7
|
+
2>&1 echo "→ Gate 3: Cyclomatic complexity..."
|
|
8
|
+
GATE_3_START=$(gate_start_ms)
|
|
9
|
+
|
|
10
|
+
if [ "$PROJECT_LANG" = "documentation-only" ]; then
|
|
11
|
+
echo "⏭️ SKIPPED - Complexity (documentation project)."
|
|
12
|
+
GATE_3_STATUS="SKIP"
|
|
13
|
+
|
|
14
|
+
elif [ "$PROJECT_LANG" = "powershell" ]; then
|
|
15
|
+
echo "ℹ️ No PowerShell Clean Code / SOLID tool available"
|
|
16
|
+
echo "⏭️ SKIPPED - Complexity (no PowerShell tool)"
|
|
17
|
+
GATE_3_STATUS="SKIP"
|
|
18
|
+
|
|
19
|
+
else
|
|
20
|
+
CCN_THRESHOLD=5
|
|
21
|
+
|
|
22
|
+
# Check lizard availability
|
|
23
|
+
LIZARD_CMD=""
|
|
24
|
+
if command -v lizard > /dev/null 2>&1; then
|
|
25
|
+
LIZARD_CMD=lizard
|
|
26
|
+
elif [ -f ~/.local/bin/lizard ]; then
|
|
27
|
+
LIZARD_CMD=~/.local/bin/lizard
|
|
28
|
+
fi
|
|
29
|
+
|
|
30
|
+
if [ -n "$LIZARD_CMD" ]; then
|
|
31
|
+
LIZARD_PATH=$(eval echo "$LIZARD_CMD")
|
|
32
|
+
|
|
33
|
+
# Get changed source files for complexity check
|
|
34
|
+
CC_FILES=$(echo "$CHANGED_FILES" | grep -E '\.(ts|tsx|js|jsx|py|go|java|swift|cpp|c|hpp|h|m|mm|kt)$' || true)
|
|
35
|
+
|
|
36
|
+
if [ -n "$CC_FILES" ]; then
|
|
37
|
+
echo "Checking complexity for source files..."
|
|
38
|
+
|
|
39
|
+
# Run lizard with CCN threshold
|
|
40
|
+
CC_OUTPUT=$($LIZARD_PATH -C $CCN_THRESHOLD $CC_FILES 2>&1 || true)
|
|
41
|
+
|
|
42
|
+
# Parse warning count from the summary table: "Warning cnt 8"
|
|
43
|
+
# Use anchored grep to avoid matching lizard table headers (e.g. "Rt" column)
|
|
44
|
+
CC_WARNINGS=$(echo "$CC_OUTPUT" | grep "^Warning cnt" | awk '{print $NF}' | tr -d '[:space:]' | sed 's/[^0-9]//g' || true)
|
|
45
|
+
CC_WARNINGS=${CC_WARNINGS:-0}
|
|
46
|
+
|
|
47
|
+
if [ "$CC_WARNINGS" -gt 0 ]; then
|
|
48
|
+
echo "$CC_OUTPUT"
|
|
49
|
+
echo ""
|
|
50
|
+
echo "❌ BLOCKED - $CC_WARNINGS functions with CCN > $CCN_THRESHOLD found."
|
|
51
|
+
echo "Refactor high-complexity functions to keep below $CCN_THRESHOLD complexity."
|
|
52
|
+
exit 1
|
|
53
|
+
else
|
|
54
|
+
echo "✅ PASSED - All functions within complexity threshold ($CCN_THRESHOLD)."
|
|
55
|
+
GATE_3_STATUS="PASS"
|
|
56
|
+
fi
|
|
57
|
+
else
|
|
58
|
+
echo "⏭️ SKIPPED - Complexity (no source files to check)."
|
|
59
|
+
GATE_3_STATUS="SKIP"
|
|
60
|
+
fi
|
|
61
|
+
else
|
|
62
|
+
echo "⚠️ WARN - lizard not installed, complexity check not performed"
|
|
63
|
+
echo " Install with: pip install --user lizard"
|
|
64
|
+
echo " Gate 3: Complexity check (WARN, tool not available)"
|
|
65
|
+
GATE_3_STATUS="WARN"
|
|
66
|
+
fi
|
|
67
|
+
fi
|
|
68
|
+
record_gate_audit "gate-3" "complexity" "$GATE_3_STATUS" "${CC_WARNINGS:-0}" "$GATE_3_START"
|
package/gate-4.sh
ADDED
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# ============================================================================
|
|
2
|
+
# GATE 4: Principles Checker (Clean Code + SOLID)
|
|
3
|
+
# Reuses existing principles checker logic
|
|
4
|
+
# ============================================================================
|
|
5
|
+
|
|
6
|
+
2>&1 echo ""
|
|
7
|
+
2>&1 echo "→ Gate 4: Principles checker (Clean Code + SOLID)..."
|
|
8
|
+
GATE_4_START=$(gate_start_ms)
|
|
9
|
+
|
|
10
|
+
GATE_4_STATUS=""
|
|
11
|
+
|
|
12
|
+
if [ "$PROJECT_LANG" = "documentation-only" ]; then
|
|
13
|
+
echo "⏭️ SKIPPED - Principles check (documentation project)."
|
|
14
|
+
GATE_4_STATUS="SKIP"
|
|
15
|
+
|
|
16
|
+
else
|
|
17
|
+
# Get source files to check against principles
|
|
18
|
+
PRINCIPLES_FILES=$(echo "$CHANGED_FILES" | grep -E '\.(ts|tsx|js|jsx|py|go|java|kt|dart|swift|cpp|c|hpp|h|m|mm)$' || true)
|
|
19
|
+
|
|
20
|
+
if [ -n "$PRINCIPLES_FILES" ]; then
|
|
21
|
+
# Check for principles checker in installed modules first, then project src/
|
|
22
|
+
PRINCIPLES_DIR=""
|
|
23
|
+
if [ -d ".xp-gate/modules/principles" ]; then
|
|
24
|
+
PRINCIPLES_DIR=".xp-gate/modules/principles"
|
|
25
|
+
elif [ -f "src/principles/index.ts" ]; then
|
|
26
|
+
PRINCIPLES_DIR="src/principles"
|
|
27
|
+
elif [ -d "$HOME/.config/xp-gate/modules/principles" ]; then
|
|
28
|
+
PRINCIPLES_DIR="$HOME/.config/xp-gate/modules/principles"
|
|
29
|
+
fi
|
|
30
|
+
|
|
31
|
+
if [ -n "$PRINCIPLES_DIR" ]; then
|
|
32
|
+
echo "Checking Clean Code + SOLID principles..."
|
|
33
|
+
|
|
34
|
+
if command -v npx > /dev/null 2>&1; then
|
|
35
|
+
# Run principles checker and store results
|
|
36
|
+
if npx tsx $PRINCIPLES_DIR/index.ts --files $PRINCIPLES_FILES --format json > /tmp/principles-output.json 2>/dev/null; then
|
|
37
|
+
# Check severity levels
|
|
38
|
+
ERROR_COUNT=$(grep -c '"severity":"error"' /tmp/principles-output.json 2>/dev/null || true)
|
|
39
|
+
ERROR_COUNT=${ERROR_COUNT:-0}
|
|
40
|
+
WARNING_COUNT=$(grep -c '"severity":"warning"' /tmp/principles-output.json 2>/dev/null || true)
|
|
41
|
+
WARNING_COUNT=${WARNING_COUNT:-0}
|
|
42
|
+
|
|
43
|
+
if [ "$ERROR_COUNT" -gt 0 ]; then
|
|
44
|
+
echo ""
|
|
45
|
+
echo "❌ BLOCKED - $ERROR_COUNT principle ERROR(S) found"
|
|
46
|
+
echo "Critical violations must be fixed before commit:"
|
|
47
|
+
echo " - error-handling violations"
|
|
48
|
+
echo " - SOLID principle violations"
|
|
49
|
+
echo " - architectural violations"
|
|
50
|
+
npx tsx $PRINCIPLES_DIR/index.ts --files $PRINCIPLES_FILES --format console
|
|
51
|
+
GATE_4_STATUS="FAIL"
|
|
52
|
+
exit 1
|
|
53
|
+
fi
|
|
54
|
+
|
|
55
|
+
echo "✅ PASSED - Principles checker (no errors found)."
|
|
56
|
+
GATE_4_STATUS="PASS"
|
|
57
|
+
if [ "$WARNING_COUNT" -gt 0 ]; then
|
|
58
|
+
echo "ℹ️ $WARNING_COUNT warnings found (will be handled by Boy Scout Rule)."
|
|
59
|
+
fi
|
|
60
|
+
else
|
|
61
|
+
echo "⚠️ Warning: Principles checker execution failed"
|
|
62
|
+
echo "⏭️ SKIPPED - Principles check (execution issue)"
|
|
63
|
+
GATE_4_STATUS="SKIP"
|
|
64
|
+
fi
|
|
65
|
+
else
|
|
66
|
+
echo "ℹ️ npx not available - skipping principles check"
|
|
67
|
+
echo "⏭️ SKIPPED - Principles check (no Node.js/npx)"
|
|
68
|
+
GATE_4_STATUS="SKIP"
|
|
69
|
+
fi
|
|
70
|
+
else
|
|
71
|
+
echo "ℹ️ Principles checker not found in project - skipping"
|
|
72
|
+
echo "⏭️ SKIPPED - Principles check (checker not in project)"
|
|
73
|
+
GATE_4_STATUS="SKIP"
|
|
74
|
+
fi
|
|
75
|
+
else
|
|
76
|
+
echo "⏭️ SKIPPED - Principles check (no matching source files changed)"
|
|
77
|
+
GATE_4_STATUS="SKIP"
|
|
78
|
+
fi
|
|
79
|
+
fi
|
|
80
|
+
record_gate_audit "gate-4" "principles" "$GATE_4_STATUS" "${WARNING_COUNT:-0}" "$GATE_4_START"
|
package/gate-7.sh
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
# ============================================================================
|
|
2
|
+
# GATE 7: IaC Security Scanning (Terraform, Kubernetes, Docker)
|
|
3
|
+
# Detects security issues in Infrastructure as Code files
|
|
4
|
+
# Tools: checkov (recommended), hadolint, kube-score, tflint
|
|
5
|
+
# ============================================================================
|
|
6
|
+
|
|
7
|
+
2>&1 echo ""
|
|
8
|
+
2>&1 echo "→ Gate 7: IaC Security Scanning (Terraform, Kubernetes, Docker)..."
|
|
9
|
+
GATE_7_START=$(gate_start_ms)
|
|
10
|
+
|
|
11
|
+
# Check if any IaC files are changed
|
|
12
|
+
IAC_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null | grep -E "\.(tf|yaml|yml)$|Dockerfile" || true)
|
|
13
|
+
if [ -z "$IAC_FILES" ]; then
|
|
14
|
+
echo "✅ PASSED - No IaC files detected in changes."
|
|
15
|
+
GATE_7_STATUS="PASS"
|
|
16
|
+
else
|
|
17
|
+
# Run IaC adapter
|
|
18
|
+
if [ -f "githooks/adapters/iac.sh" ]; then
|
|
19
|
+
# shellcheck source=githooks/adapters/iac.sh
|
|
20
|
+
source "githooks/adapters/iac.sh"
|
|
21
|
+
|
|
22
|
+
# Run static analysis for IaC files
|
|
23
|
+
IAC_OUTPUT=$(run_static_analysis "$IAC_FILES" 2>&1)
|
|
24
|
+
IAC_EXIT=$?
|
|
25
|
+
|
|
26
|
+
echo "$IAC_OUTPUT"
|
|
27
|
+
|
|
28
|
+
if [ $IAC_EXIT -eq 0 ]; then
|
|
29
|
+
echo "✅ PASSED - IaC security scan."
|
|
30
|
+
GATE_7_STATUS="PASS"
|
|
31
|
+
else
|
|
32
|
+
echo ""
|
|
33
|
+
echo "❌ BLOCKED - IaC security issues detected"
|
|
34
|
+
echo "Fix the security issues above before committing."
|
|
35
|
+
echo "Tip: Install checkov for comprehensive IaC scanning: pip install checkov"
|
|
36
|
+
GATE_7_STATUS="FAIL"
|
|
37
|
+
exit 1
|
|
38
|
+
fi
|
|
39
|
+
else
|
|
40
|
+
echo "ℹ️ SKIP - IaC adapter not found"
|
|
41
|
+
echo "⏭️ SKIPPED - IaC security (no IaC adapter found)"
|
|
42
|
+
GATE_7_STATUS="SKIP"
|
|
43
|
+
fi
|
|
44
|
+
fi
|
|
45
|
+
record_gate_audit "gate-7" "iac-security" "$GATE_7_STATUS" "0" "$GATE_7_START"
|
package/gate-8.sh
ADDED
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
# ============================================================================
|
|
2
|
+
# GATE 8: Secret Scanning (gitleaks)
|
|
3
|
+
# Detects secrets (API keys, passwords, tokens) in staged files
|
|
4
|
+
# Tool: gitleaks -- https://github.com/gitleaks/gitleaks
|
|
5
|
+
# ============================================================================
|
|
6
|
+
|
|
7
|
+
2>&1 echo ""
|
|
8
|
+
2>&1 echo "→ Gate 8: Secret scanning (gitleaks)..."
|
|
9
|
+
GATE_8_START=$(gate_start_ms)
|
|
10
|
+
|
|
11
|
+
# Gitleaks availability check
|
|
12
|
+
GITLEAKS_CMD=""
|
|
13
|
+
if command -v gitleaks >/dev/null 2>&1; then
|
|
14
|
+
GITLEAKS_CMD="gitleaks"
|
|
15
|
+
elif [ -f "$HOME/.local/bin/gitleaks" ]; then
|
|
16
|
+
GIBLEAKS_CMD="$HOME/.local/bin/gitleaks"
|
|
17
|
+
fi
|
|
18
|
+
|
|
19
|
+
if [ -n "$GITLEAKS_CMD" ]; then
|
|
20
|
+
GITLEAKS_CONFIG=""
|
|
21
|
+
if [ -f ".gitleaks.toml" ]; then
|
|
22
|
+
GITLEAKS_CONFIG="--config=.gitleaks.toml"
|
|
23
|
+
fi
|
|
24
|
+
|
|
25
|
+
# Run gitleaks on staged changes only (pre-commit mode for speed)
|
|
26
|
+
GITLEAKS_OUTPUT=$($GITLEAKS_CMD git --pre-commit --redact --no-banner $GITLEAKS_CONFIG --report-format=json --report-path=/tmp/gitleaks-report.json 2>&1)
|
|
27
|
+
GITLEAKS_EXIT=$?
|
|
28
|
+
|
|
29
|
+
if [ "$GITLEAKS_EXIT" -eq 0 ]; then
|
|
30
|
+
echo " ✅ PASSED - No secrets detected."
|
|
31
|
+
GATE_8_STATUS="PASS"
|
|
32
|
+
elif [ "$GITLEAKS_EXIT" -eq 1 ]; then
|
|
33
|
+
# Secrets found — output details
|
|
34
|
+
echo "$GITLEAKS_OUTPUT"
|
|
35
|
+
echo ""
|
|
36
|
+
echo "❌ BLOCKED - Secrets detected in staged files."
|
|
37
|
+
echo ""
|
|
38
|
+
echo "Remediation options:"
|
|
39
|
+
echo " 1. Remove the secret and use environment variables instead"
|
|
40
|
+
echo " 2. Add a false positive to .gitleaks.toml allowlist"
|
|
41
|
+
echo " 3. Use git secret or vault for sensitive data"
|
|
42
|
+
echo ""
|
|
43
|
+
echo "See: https://github.com/gitleaks/gitleaks"
|
|
44
|
+
exit 1
|
|
45
|
+
else
|
|
46
|
+
echo " ⚠️ gitleaks exited with code $GITLEAKS_EXIT - skipping gate"
|
|
47
|
+
echo " ✅ Secret Scanning (SKIP, gitleaks error)"
|
|
48
|
+
GATE_8_STATUS="SKIP"
|
|
49
|
+
fi
|
|
50
|
+
else
|
|
51
|
+
echo " ℹ️ gitleaks not installed — secret scanning unavailable"
|
|
52
|
+
echo " Install: brew install gitleaks (macOS) | winget install gitleaks (Windows) | scripts/install-gitleaks.sh (Linux)"
|
|
53
|
+
echo " ⏭️ SKIPPED - Secret scanning (gitleaks not installed)"
|
|
54
|
+
GATE_8_STATUS="SKIP"
|
|
55
|
+
fi
|
|
56
|
+
record_gate_audit "gate-8" "secret-scanning" "$GATE_8_STATUS" "0" "$GATE_8_START"
|
package/gate-9.sh
ADDED
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
# ============================================================================
|
|
2
|
+
# GATE 9: Semgrep SAST Security Scan
|
|
3
|
+
# Detects security vulnerabilities (SQL injection, XSS, etc.) in staged files
|
|
4
|
+
# Tool: semgrep -- https://semgrep.dev
|
|
5
|
+
# ============================================================================
|
|
6
|
+
|
|
7
|
+
2>&1 echo ""
|
|
8
|
+
2>&1 echo "→ Gate 9: Semgrep SAST Security Scan..."
|
|
9
|
+
GATE_9_START=$(gate_start_ms)
|
|
10
|
+
|
|
11
|
+
GATE_9_STATUS=""
|
|
12
|
+
|
|
13
|
+
# Semgrep availability check
|
|
14
|
+
SEMGREP_CMD=""
|
|
15
|
+
if command -v semgrep >/dev/null 2>&1; then
|
|
16
|
+
SEMGREP_CMD="semgrep"
|
|
17
|
+
elif [ -f "$HOME/.local/bin/semgrep" ]; then
|
|
18
|
+
SEMGREP_CMD="$HOME/.local/bin/semgrep"
|
|
19
|
+
fi
|
|
20
|
+
|
|
21
|
+
if [ -z "$SEMGREP_CMD" ]; then
|
|
22
|
+
echo " ⚠️ WARN - semgrep not installed — SAST scanning unavailable"
|
|
23
|
+
echo " Install: brew install semgrep (macOS) | pip install semgrep (Linux) | pip install semgrep (Windows)"
|
|
24
|
+
echo " Pre-cache rules: semgrep --config=p/security-audit"
|
|
25
|
+
echo " Gate 9: SAST Security (WARN, semgrep not installed)"
|
|
26
|
+
GATE_9_STATUS="WARN"
|
|
27
|
+
else
|
|
28
|
+
# Get staged files filtered to Semgrep-supported languages
|
|
29
|
+
SEMGREP_FILES=$(git diff --cached --name-only --diff-filter=ACM 2>/dev/null | grep -E '\.(ts|tsx|js|jsx|py|go|java|c|cpp|cs|rb|php|scala|swift)$' || true)
|
|
30
|
+
|
|
31
|
+
if [ -z "$SEMGREP_FILES" ]; then
|
|
32
|
+
echo " ⏭️ SKIPPED - SAST (no supported language files changed)"
|
|
33
|
+
GATE_9_STATUS="SKIP"
|
|
34
|
+
else
|
|
35
|
+
# Run semgrep with JSON output
|
|
36
|
+
# --config=p/security-audit: explicit security ruleset
|
|
37
|
+
# --json: machine-readable output
|
|
38
|
+
# --disable-version-check: skip network call
|
|
39
|
+
SEMGREP_OUTPUT=$($SEMGREP_CMD scan --config=p/security-audit --json --disable-version-check $SEMGREP_FILES 2>&1)
|
|
40
|
+
SEMGREP_EXIT=$?
|
|
41
|
+
|
|
42
|
+
if [ "$SEMGREP_EXIT" -eq 0 ]; then
|
|
43
|
+
echo " ✅ PASSED - No security vulnerabilities found."
|
|
44
|
+
GATE_9_STATUS="PASS"
|
|
45
|
+
elif [ "$SEMGREP_EXIT" -eq 1 ]; then
|
|
46
|
+
# Findings detected - parse JSON to categorize
|
|
47
|
+
CRITICAL_HIGH=$(echo "$SEMGREP_OUTPUT" | python3 -c "
|
|
48
|
+
import sys, json
|
|
49
|
+
try:
|
|
50
|
+
data = json.load(sys.stdin)
|
|
51
|
+
results = data.get('results', [])
|
|
52
|
+
count = 0
|
|
53
|
+
for r in results:
|
|
54
|
+
extra = r.get('extra', {})
|
|
55
|
+
severity = extra.get('severity', '').upper()
|
|
56
|
+
if severity in ('CRITICAL', 'HIGH'):
|
|
57
|
+
count += 1
|
|
58
|
+
print(count)
|
|
59
|
+
except:
|
|
60
|
+
print('0')
|
|
61
|
+
" 2>/dev/null || echo "0")
|
|
62
|
+
|
|
63
|
+
MEDIUM_LOW=$(echo "$SEMGREP_OUTPUT" | python3 -c "
|
|
64
|
+
import sys, json
|
|
65
|
+
try:
|
|
66
|
+
data = json.load(sys.stdin)
|
|
67
|
+
results = data.get('results', [])
|
|
68
|
+
count = 0
|
|
69
|
+
for r in results:
|
|
70
|
+
extra = r.get('extra', {})
|
|
71
|
+
severity = extra.get('severity', '').upper()
|
|
72
|
+
if severity in ('MEDIUM', 'LOW'):
|
|
73
|
+
count += 1
|
|
74
|
+
print(count)
|
|
75
|
+
except:
|
|
76
|
+
print('0')
|
|
77
|
+
" 2>/dev/null || echo "0")
|
|
78
|
+
|
|
79
|
+
# Extract top finding details
|
|
80
|
+
FINDING_DETAILS=$(echo "$SEMGREP_OUTPUT" | python3 -c "
|
|
81
|
+
import sys, json
|
|
82
|
+
try:
|
|
83
|
+
data = json.load(sys.stdin)
|
|
84
|
+
results = data.get('results', [])
|
|
85
|
+
for r in results[:5]: # Show top 5
|
|
86
|
+
extra = r.get('extra', {})
|
|
87
|
+
severity = extra.get('severity', 'UNKNOWN').upper()
|
|
88
|
+
rule_id = r.get('check_id', 'unknown')
|
|
89
|
+
path = r.get('path', 'unknown')
|
|
90
|
+
start_line = r.get('start', {}).get('line', '?')
|
|
91
|
+
message = extra.get('message', '')[:80]
|
|
92
|
+
print(f' [{severity}] {rule_id}')
|
|
93
|
+
print(f' {path}:{start_line} → {message}')
|
|
94
|
+
print()
|
|
95
|
+
except:
|
|
96
|
+
print(' (Failed to parse semgrep output)')
|
|
97
|
+
" 2>/dev/null || echo " (Failed to parse semgrep output)")
|
|
98
|
+
|
|
99
|
+
if [ "$CRITICAL_HIGH" -gt 0 ]; then
|
|
100
|
+
echo ""
|
|
101
|
+
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
102
|
+
echo " GATE 9: Semgrep Security Gate"
|
|
103
|
+
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
104
|
+
echo " CRITICAL/HIGH: ${CRITICAL_HIGH} ❌ BLOCKED"
|
|
105
|
+
echo " MEDIUM/LOW: ${MEDIUM_LOW} ⚠️ warning"
|
|
106
|
+
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
107
|
+
echo " ❌ BLOCKED — Critical/High vulnerability found"
|
|
108
|
+
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
109
|
+
echo "$FINDING_DETAILS"
|
|
110
|
+
echo " Run 'semgrep scan --config=p/security-audit' to review all findings."
|
|
111
|
+
GATE_9_STATUS="FAIL"
|
|
112
|
+
exit 1
|
|
113
|
+
else
|
|
114
|
+
echo ""
|
|
115
|
+
echo " ✅ PASSED - No critical/high vulnerabilities"
|
|
116
|
+
if [ "$MEDIUM_LOW" -gt 0 ]; then
|
|
117
|
+
echo " ⚠️ ${MEDIUM_LOW} medium/low findings (warnings only)"
|
|
118
|
+
echo "$FINDING_DETAILS"
|
|
119
|
+
fi
|
|
120
|
+
GATE_9_STATUS="PASS"
|
|
121
|
+
fi
|
|
122
|
+
else
|
|
123
|
+
# semgrep runtime error (timeout, config error, etc.)
|
|
124
|
+
echo " ⚠️ semgrep exited with code ${SEMGREP_EXIT} — skipping gate"
|
|
125
|
+
echo " ⏭️ SKIPPED - SAST (semgrep runtime error)"
|
|
126
|
+
GATE_9_STATUS="SKIP"
|
|
127
|
+
fi
|
|
128
|
+
fi
|
|
129
|
+
fi
|
|
130
|
+
record_gate_audit "gate-9" "sast-security" "$GATE_9_STATUS" "0" "$GATE_9_START"
|
|
@@ -108,6 +108,10 @@ describe('doctor', () => {
|
|
|
108
108
|
path.join(dir, 'adapters', 'python.sh'),
|
|
109
109
|
'#!/usr/bin/env bash\necho "py adapter"\n'
|
|
110
110
|
);
|
|
111
|
+
const gateScripts = ['gate-3.sh', 'gate-4.sh', 'gate-7.sh', 'gate-8.sh', 'gate-9.sh'];
|
|
112
|
+
for (const script of gateScripts) {
|
|
113
|
+
fs.writeFileSync(path.join(dir, 'adapters', script), `#!/bin/bash\n# ${script}\n`);
|
|
114
|
+
}
|
|
111
115
|
}
|
|
112
116
|
|
|
113
117
|
function tuiJsonPath() {
|
|
@@ -139,7 +143,14 @@ describe('doctor', () => {
|
|
|
139
143
|
createXpGatePreCommit(globalHooksDir());
|
|
140
144
|
createXpGatePrePush(globalHooksDir());
|
|
141
145
|
createXpGateAdapterCommon(globalAdaptersDir());
|
|
142
|
-
|
|
146
|
+
// For global mode, create adapters directly in globalAdaptersDir (not in a subdirectory)
|
|
147
|
+
fs.mkdirSync(globalAdaptersDir(), { recursive: true });
|
|
148
|
+
fs.writeFileSync(path.join(globalAdaptersDir(), 'typescript.sh'), '#!/usr/bin/env bash\necho "ts adapter"\n');
|
|
149
|
+
fs.writeFileSync(path.join(globalAdaptersDir(), 'python.sh'), '#!/usr/bin/env bash\necho "py adapter"\n');
|
|
150
|
+
const gateScripts = ['gate-3.sh', 'gate-4.sh', 'gate-7.sh', 'gate-8.sh', 'gate-9.sh'];
|
|
151
|
+
for (const script of gateScripts) {
|
|
152
|
+
fs.writeFileSync(path.join(globalAdaptersDir(), script), `#!/bin/bash\n# ${script}\n`);
|
|
153
|
+
}
|
|
143
154
|
createXpGatePreCommit(projectHooksDir());
|
|
144
155
|
createXpGatePrePush(projectHooksDir());
|
|
145
156
|
createXpGateAdapterCommon(projectGithooksDir());
|
|
@@ -805,4 +816,92 @@ describe('doctor', () => {
|
|
|
805
816
|
// Should still have exactly one entry
|
|
806
817
|
expect(tui.plugin.filter(p => p === '@boyingliu01/opencode-plugin/tui').length).toBe(1);
|
|
807
818
|
});
|
|
819
|
+
|
|
820
|
+
// === Issue #263 follow-up: Gate script detection ===
|
|
821
|
+
|
|
822
|
+
function createGateScripts(dir) {
|
|
823
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
824
|
+
const gateScripts = ['gate-3.sh', 'gate-4.sh', 'gate-7.sh', 'gate-8.sh', 'gate-9.sh'];
|
|
825
|
+
for (const script of gateScripts) {
|
|
826
|
+
fs.writeFileSync(path.join(dir, script), `#!/bin/bash\n# ${script}\n`);
|
|
827
|
+
}
|
|
828
|
+
}
|
|
829
|
+
|
|
830
|
+
it('gate scripts: PASS when all expected gate scripts exist', async () => {
|
|
831
|
+
setupLocalInstall();
|
|
832
|
+
ensureTuiRegistered();
|
|
833
|
+
seedVersionCache();
|
|
834
|
+
createGateScripts(projectAdaptersDir());
|
|
835
|
+
mockExecSuccess();
|
|
836
|
+
const { doctor } = require('../doctor');
|
|
837
|
+
|
|
838
|
+
const result = await doctor([]);
|
|
839
|
+
|
|
840
|
+
expect(result).toBe(0);
|
|
841
|
+
expect(logSpy).toHaveBeenCalledWith(
|
|
842
|
+
expect.stringContaining('Gate scripts')
|
|
843
|
+
);
|
|
844
|
+
expect(logSpy).toHaveBeenCalledWith(
|
|
845
|
+
expect.stringContaining('5 gate script(s)')
|
|
846
|
+
);
|
|
847
|
+
});
|
|
848
|
+
|
|
849
|
+
it('gate scripts: FAIL when gate scripts are missing', async () => {
|
|
850
|
+
setupLocalInstall();
|
|
851
|
+
seedVersionCache();
|
|
852
|
+
// Clear adapters dir and create with only language adapters, no gate scripts
|
|
853
|
+
fs.rmSync(projectAdaptersDir(), { recursive: true, force: true });
|
|
854
|
+
fs.mkdirSync(projectAdaptersDir(), { recursive: true });
|
|
855
|
+
fs.writeFileSync(path.join(projectAdaptersDir(), 'typescript.sh'), '#!/bin/bash\n');
|
|
856
|
+
mockExecSuccess();
|
|
857
|
+
const { doctor } = require('../doctor');
|
|
858
|
+
|
|
859
|
+
const result = await doctor([]);
|
|
860
|
+
|
|
861
|
+
expect(result).toBe(1);
|
|
862
|
+
expect(logSpy).toHaveBeenCalledWith(
|
|
863
|
+
expect.stringContaining('Gate scripts')
|
|
864
|
+
);
|
|
865
|
+
expect(logSpy).toHaveBeenCalledWith(
|
|
866
|
+
expect.stringContaining('Missing')
|
|
867
|
+
);
|
|
868
|
+
});
|
|
869
|
+
|
|
870
|
+
it('--fix: restores missing gate scripts', async () => {
|
|
871
|
+
setupLocalInstall();
|
|
872
|
+
seedVersionCache();
|
|
873
|
+
// Clear adapters dir and create with only language adapters, no gate scripts
|
|
874
|
+
fs.rmSync(projectAdaptersDir(), { recursive: true, force: true });
|
|
875
|
+
fs.mkdirSync(projectAdaptersDir(), { recursive: true });
|
|
876
|
+
fs.writeFileSync(path.join(projectAdaptersDir(), 'typescript.sh'), '#!/bin/bash\n');
|
|
877
|
+
mockExecSuccess();
|
|
878
|
+
const { doctor } = require('../doctor');
|
|
879
|
+
|
|
880
|
+
const result = await doctor(['--fix']);
|
|
881
|
+
|
|
882
|
+
expect(result).toBe(0);
|
|
883
|
+
expect(fs.existsSync(path.join(projectAdaptersDir(), 'gate-3.sh'))).toBe(true);
|
|
884
|
+
expect(fs.existsSync(path.join(projectAdaptersDir(), 'gate-4.sh'))).toBe(true);
|
|
885
|
+
expect(fs.existsSync(path.join(projectAdaptersDir(), 'gate-7.sh'))).toBe(true);
|
|
886
|
+
expect(fs.existsSync(path.join(projectAdaptersDir(), 'gate-8.sh'))).toBe(true);
|
|
887
|
+
expect(fs.existsSync(path.join(projectAdaptersDir(), 'gate-9.sh'))).toBe(true);
|
|
888
|
+
expect(logSpy).toHaveBeenCalledWith(
|
|
889
|
+
expect.stringContaining('Restored')
|
|
890
|
+
);
|
|
891
|
+
});
|
|
892
|
+
|
|
893
|
+
it('--fix: idempotent for gate scripts — does not overwrite existing', async () => {
|
|
894
|
+
setupLocalInstall();
|
|
895
|
+
seedVersionCache();
|
|
896
|
+
createGateScripts(projectAdaptersDir());
|
|
897
|
+
const originalContent = fs.readFileSync(path.join(projectAdaptersDir(), 'gate-3.sh'), 'utf8');
|
|
898
|
+
mockExecSuccess();
|
|
899
|
+
const { doctor } = require('../doctor');
|
|
900
|
+
|
|
901
|
+
const result = await doctor(['--fix']);
|
|
902
|
+
|
|
903
|
+
expect(result).toBe(0);
|
|
904
|
+
const currentContent = fs.readFileSync(path.join(projectAdaptersDir(), 'gate-3.sh'), 'utf8');
|
|
905
|
+
expect(currentContent).toBe(originalContent);
|
|
906
|
+
});
|
|
808
907
|
});
|
|
@@ -0,0 +1,231 @@
|
|
|
1
|
+
const fs = require('fs');
|
|
2
|
+
const path = require('path');
|
|
3
|
+
const os = require('os');
|
|
4
|
+
|
|
5
|
+
describe('next-sprint', () => {
|
|
6
|
+
let tmpDir;
|
|
7
|
+
let consoleSpy;
|
|
8
|
+
let processExitSpy;
|
|
9
|
+
|
|
10
|
+
beforeEach(() => {
|
|
11
|
+
tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'next-sprint-test-'));
|
|
12
|
+
consoleSpy = vi.spyOn(console, 'log').mockImplementation(() => {});
|
|
13
|
+
vi.spyOn(console, 'error').mockImplementation(() => {});
|
|
14
|
+
processExitSpy = vi.spyOn(process, 'exit').mockImplementation(() => {});
|
|
15
|
+
// Clear require cache to ensure fresh module for each test
|
|
16
|
+
delete require.cache[require.resolve('../next-sprint')];
|
|
17
|
+
});
|
|
18
|
+
|
|
19
|
+
afterEach(() => {
|
|
20
|
+
fs.rmSync(tmpDir, { recursive: true, force: true });
|
|
21
|
+
vi.restoreAllMocks();
|
|
22
|
+
});
|
|
23
|
+
|
|
24
|
+
function createState(overrides = {}) {
|
|
25
|
+
const stateDir = path.join(tmpDir, '.sprint-state');
|
|
26
|
+
fs.mkdirSync(stateDir, { recursive: true });
|
|
27
|
+
const state = {
|
|
28
|
+
id: 'sprint-2026-06-30-01',
|
|
29
|
+
task_description: 'Test Sprint',
|
|
30
|
+
phase: 4,
|
|
31
|
+
status: 'completed',
|
|
32
|
+
started_at: new Date().toISOString(),
|
|
33
|
+
phase_history: [
|
|
34
|
+
{
|
|
35
|
+
phase: 2,
|
|
36
|
+
phase_name: 'BUILD',
|
|
37
|
+
status: 'completed',
|
|
38
|
+
reqs: {
|
|
39
|
+
'REQ-001': { name: 'Implement login', status: 'completed' },
|
|
40
|
+
'REQ-002': { name: 'Implement logout', status: 'completed' },
|
|
41
|
+
},
|
|
42
|
+
},
|
|
43
|
+
],
|
|
44
|
+
...overrides,
|
|
45
|
+
};
|
|
46
|
+
fs.writeFileSync(path.join(stateDir, 'sprint-state.json'), JSON.stringify(state));
|
|
47
|
+
return state;
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
function mockGhCli(issues) {
|
|
51
|
+
const { execSync } = require('child_process');
|
|
52
|
+
vi.spyOn(require('child_process'), 'execSync').mockImplementation((cmd) => {
|
|
53
|
+
if (cmd.includes('gh issue list')) {
|
|
54
|
+
return JSON.stringify(issues);
|
|
55
|
+
}
|
|
56
|
+
return '';
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
describe('readSprintState', () => {
|
|
61
|
+
it('returns null when no sprint state exists', () => {
|
|
62
|
+
const { readSprintState } = require('../next-sprint');
|
|
63
|
+
const result = readSprintState(tmpDir);
|
|
64
|
+
expect(result).toBeNull();
|
|
65
|
+
});
|
|
66
|
+
|
|
67
|
+
it('returns parsed state when sprint state exists', () => {
|
|
68
|
+
const state = createState();
|
|
69
|
+
const { readSprintState } = require('../next-sprint');
|
|
70
|
+
const result = readSprintState(tmpDir);
|
|
71
|
+
expect(result).toBeDefined();
|
|
72
|
+
expect(result.id).toBe('sprint-2026-06-30-01');
|
|
73
|
+
});
|
|
74
|
+
});
|
|
75
|
+
|
|
76
|
+
describe('getCurrentSprintReqs', () => {
|
|
77
|
+
it('extracts requirements from sprint state', () => {
|
|
78
|
+
createState();
|
|
79
|
+
const { readSprintState, getCurrentSprintReqs } = require('../next-sprint');
|
|
80
|
+
const state = readSprintState(tmpDir);
|
|
81
|
+
const reqs = getCurrentSprintReqs(state);
|
|
82
|
+
expect(reqs).toHaveLength(2);
|
|
83
|
+
expect(reqs[0].name).toBe('Implement login');
|
|
84
|
+
expect(reqs[1].name).toBe('Implement logout');
|
|
85
|
+
});
|
|
86
|
+
|
|
87
|
+
it('returns empty array when no phase history', () => {
|
|
88
|
+
const { getCurrentSprintReqs } = require('../next-sprint');
|
|
89
|
+
const reqs = getCurrentSprintReqs({ phase_history: [] });
|
|
90
|
+
expect(reqs).toEqual([]);
|
|
91
|
+
});
|
|
92
|
+
});
|
|
93
|
+
|
|
94
|
+
describe('filterRemainingIssues', () => {
|
|
95
|
+
it('filters out issues already in sprint', () => {
|
|
96
|
+
const issues = [
|
|
97
|
+
{ number: 1, title: 'Implement login', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
98
|
+
{ number: 2, title: 'Implement logout', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
99
|
+
{ number: 3, title: 'Implement signup', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
100
|
+
];
|
|
101
|
+
const sprintReqs = [{ name: 'Implement login' }, { name: 'Implement logout' }];
|
|
102
|
+
const { filterRemainingIssues } = require('../next-sprint');
|
|
103
|
+
const result = filterRemainingIssues(issues, sprintReqs);
|
|
104
|
+
expect(result).toHaveLength(1);
|
|
105
|
+
expect(result[0].number).toBe(3);
|
|
106
|
+
});
|
|
107
|
+
|
|
108
|
+
it('returns all issues when no sprint reqs', () => {
|
|
109
|
+
const issues = [
|
|
110
|
+
{ number: 1, title: 'Implement login', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
111
|
+
{ number: 2, title: 'Implement logout', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
112
|
+
];
|
|
113
|
+
const { filterRemainingIssues } = require('../next-sprint');
|
|
114
|
+
const result = filterRemainingIssues(issues, []);
|
|
115
|
+
expect(result).toHaveLength(2);
|
|
116
|
+
});
|
|
117
|
+
});
|
|
118
|
+
|
|
119
|
+
describe('formatIssuesTable', () => {
|
|
120
|
+
it('formats issues as table', () => {
|
|
121
|
+
const issues = [
|
|
122
|
+
{ number: 1, title: 'Implement login', labels: [{ name: 'feature' }], createdAt: '2026-06-30T00:00:00Z' },
|
|
123
|
+
{ number: 2, title: 'Implement logout', labels: [{ name: 'bug' }], createdAt: '2026-06-30T00:00:00Z' },
|
|
124
|
+
];
|
|
125
|
+
const { formatIssuesTable } = require('../next-sprint');
|
|
126
|
+
const result = formatIssuesTable(issues);
|
|
127
|
+
expect(result).toContain('Remaining Open Issues');
|
|
128
|
+
expect(result).toContain('Implement login');
|
|
129
|
+
expect(result).toContain('feature');
|
|
130
|
+
});
|
|
131
|
+
|
|
132
|
+
it('handles empty issues', () => {
|
|
133
|
+
const { formatIssuesTable } = require('../next-sprint');
|
|
134
|
+
const result = formatIssuesTable([]);
|
|
135
|
+
expect(result).toBe('No remaining issues found.');
|
|
136
|
+
});
|
|
137
|
+
});
|
|
138
|
+
|
|
139
|
+
describe('generateSprintPlan', () => {
|
|
140
|
+
it('generates sprint plan for remaining issues', () => {
|
|
141
|
+
const issues = [
|
|
142
|
+
{ number: 1, title: 'Implement login', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
143
|
+
{ number: 2, title: 'Implement logout', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
144
|
+
];
|
|
145
|
+
const { generateSprintPlan } = require('../next-sprint');
|
|
146
|
+
const result = generateSprintPlan(issues);
|
|
147
|
+
expect(result).toContain('Suggested Next Sprint Plan');
|
|
148
|
+
expect(result).toContain('#1');
|
|
149
|
+
expect(result).toContain('sprint-flow');
|
|
150
|
+
});
|
|
151
|
+
|
|
152
|
+
it('returns null when no issues', () => {
|
|
153
|
+
const { generateSprintPlan } = require('../next-sprint');
|
|
154
|
+
const result = generateSprintPlan([]);
|
|
155
|
+
expect(result).toBeNull();
|
|
156
|
+
});
|
|
157
|
+
});
|
|
158
|
+
|
|
159
|
+
describe('handleNextSprint', () => {
|
|
160
|
+
it('outputs remaining issues in table format', async () => {
|
|
161
|
+
createState();
|
|
162
|
+
const { execSync } = require('child_process');
|
|
163
|
+
vi.spyOn(require('child_process'), 'execSync').mockImplementation((cmd) => {
|
|
164
|
+
if (cmd.includes('gh issue list')) {
|
|
165
|
+
return JSON.stringify([
|
|
166
|
+
{ number: 1, title: 'Implement login', labels: [{ name: 'feature' }], createdAt: '2026-06-30T00:00:00Z' },
|
|
167
|
+
{ number: 2, title: 'Implement logout', labels: [{ name: 'bug' }], createdAt: '2026-06-30T00:00:00Z' },
|
|
168
|
+
{ number: 3, title: 'Implement signup', labels: [{ name: 'enhancement' }], createdAt: '2026-06-30T00:00:00Z' },
|
|
169
|
+
]);
|
|
170
|
+
}
|
|
171
|
+
return '';
|
|
172
|
+
});
|
|
173
|
+
delete require.cache[require.resolve('../next-sprint')];
|
|
174
|
+
const { handleNextSprint } = require('../next-sprint');
|
|
175
|
+
const result = await handleNextSprint(['--dir', tmpDir]);
|
|
176
|
+
expect(result).toBe(0);
|
|
177
|
+
expect(consoleSpy).toHaveBeenCalled();
|
|
178
|
+
const output = consoleSpy.mock.calls.map(c => c[0]).join('\n');
|
|
179
|
+
expect(output).toContain('Remaining Open Issues');
|
|
180
|
+
expect(output).toContain('Implement signup');
|
|
181
|
+
});
|
|
182
|
+
|
|
183
|
+
it('outputs JSON when --json flag', async () => {
|
|
184
|
+
createState();
|
|
185
|
+
vi.spyOn(require('child_process'), 'execSync').mockImplementation((cmd) => {
|
|
186
|
+
if (cmd.includes('gh issue list')) {
|
|
187
|
+
return JSON.stringify([
|
|
188
|
+
{ number: 1, title: 'Implement login', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
189
|
+
]);
|
|
190
|
+
}
|
|
191
|
+
return '';
|
|
192
|
+
});
|
|
193
|
+
delete require.cache[require.resolve('../next-sprint')];
|
|
194
|
+
const { handleNextSprint } = require('../next-sprint');
|
|
195
|
+
const result = await handleNextSprint(['--json', '--dir', tmpDir]);
|
|
196
|
+
expect(result).toBe(0);
|
|
197
|
+
const output = consoleSpy.mock.calls.map(c => c[0]).join('\n');
|
|
198
|
+
const parsed = JSON.parse(output);
|
|
199
|
+
expect(parsed).toHaveProperty('current_sprint');
|
|
200
|
+
expect(parsed).toHaveProperty('remaining_issues');
|
|
201
|
+
});
|
|
202
|
+
|
|
203
|
+
it('outputs plan when --plan flag', async () => {
|
|
204
|
+
createState();
|
|
205
|
+
vi.spyOn(require('child_process'), 'execSync').mockImplementation((cmd) => {
|
|
206
|
+
if (cmd.includes('gh issue list')) {
|
|
207
|
+
return JSON.stringify([
|
|
208
|
+
{ number: 5, title: 'Implement password reset', labels: [], createdAt: '2026-06-30T00:00:00Z' },
|
|
209
|
+
]);
|
|
210
|
+
}
|
|
211
|
+
return '';
|
|
212
|
+
});
|
|
213
|
+
delete require.cache[require.resolve('../next-sprint')];
|
|
214
|
+
const { handleNextSprint } = require('../next-sprint');
|
|
215
|
+
const result = await handleNextSprint(['--plan', '--dir', tmpDir]);
|
|
216
|
+
expect(result).toBe(0);
|
|
217
|
+
const output = consoleSpy.mock.calls.map(c => c[0]).join('\n');
|
|
218
|
+
expect(output).toContain('Suggested Next Sprint Plan');
|
|
219
|
+
});
|
|
220
|
+
|
|
221
|
+
it('returns 1 when gh CLI not available', async () => {
|
|
222
|
+
vi.spyOn(require('child_process'), 'execSync').mockImplementation(() => {
|
|
223
|
+
throw new Error('gh: command not found');
|
|
224
|
+
});
|
|
225
|
+
delete require.cache[require.resolve('../next-sprint')];
|
|
226
|
+
const { handleNextSprint } = require('../next-sprint');
|
|
227
|
+
const result = await handleNextSprint(['--dir', tmpDir]);
|
|
228
|
+
expect(result).toBe(1);
|
|
229
|
+
});
|
|
230
|
+
});
|
|
231
|
+
});
|
package/lib/doctor.js
CHANGED
|
@@ -176,7 +176,20 @@ function checkSingleHook(hooksDir, name, signature, label, checks) {
|
|
|
176
176
|
return 0;
|
|
177
177
|
}
|
|
178
178
|
|
|
179
|
+
/**
|
|
180
|
+
* Expected gate scripts that should be present in the adapters directory.
|
|
181
|
+
* gate-5.sh and gate-6.sh are inline in pre-commit, so they are NOT expected here.
|
|
182
|
+
*/
|
|
183
|
+
const EXPECTED_GATE_SCRIPTS = [
|
|
184
|
+
'gate-3.sh',
|
|
185
|
+
'gate-4.sh',
|
|
186
|
+
'gate-7.sh',
|
|
187
|
+
'gate-8.sh',
|
|
188
|
+
'gate-9.sh',
|
|
189
|
+
];
|
|
190
|
+
|
|
179
191
|
function checkAdapters(checks, mode, gitDir) {
|
|
192
|
+
let issues = 0;
|
|
180
193
|
const adaptersDir = mode === 'local'
|
|
181
194
|
? path.join(path.dirname(gitDir || ''), 'githooks', 'adapters')
|
|
182
195
|
: GLOBAL_ADAPTERS_DIR;
|
|
@@ -190,8 +203,22 @@ function checkAdapters(checks, mode, gitDir) {
|
|
|
190
203
|
checks.push({ name: 'Adapters directory', status: 'FAIL', detail: 'Empty directory' });
|
|
191
204
|
return 1;
|
|
192
205
|
}
|
|
193
|
-
checks.push({ name: 'Adapters directory', status: 'PASS', detail: `${adapterFiles.length}
|
|
194
|
-
|
|
206
|
+
checks.push({ name: 'Adapters directory', status: 'PASS', detail: `${adapterFiles.length} file(s)` });
|
|
207
|
+
|
|
208
|
+
// Check for missing gate scripts (Issue #263 follow-up)
|
|
209
|
+
const missingGates = EXPECTED_GATE_SCRIPTS.filter(g => !adapterFiles.includes(g));
|
|
210
|
+
if (missingGates.length > 0) {
|
|
211
|
+
checks.push({
|
|
212
|
+
name: 'Gate scripts',
|
|
213
|
+
status: 'FAIL',
|
|
214
|
+
detail: `Missing: ${missingGates.join(', ')} — run 'xp-gate doctor --fix' to restore`
|
|
215
|
+
});
|
|
216
|
+
issues++;
|
|
217
|
+
} else {
|
|
218
|
+
checks.push({ name: 'Gate scripts', status: 'PASS', detail: `${EXPECTED_GATE_SCRIPTS.length} gate script(s)` });
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
return issues;
|
|
195
222
|
}
|
|
196
223
|
|
|
197
224
|
/**
|
|
@@ -429,6 +456,37 @@ function fixMissingAdapters(mode, srcDir, adaptersDir) {
|
|
|
429
456
|
return false;
|
|
430
457
|
}
|
|
431
458
|
|
|
459
|
+
/**
|
|
460
|
+
* Restore missing gate scripts from package root to adapters directory.
|
|
461
|
+
* Gate scripts (gate-3.sh through gate-9.sh) are stored in the package root,
|
|
462
|
+
* not in the adapters subdirectory.
|
|
463
|
+
*/
|
|
464
|
+
function fixMissingGateScripts(srcDir, adaptersDir) {
|
|
465
|
+
if (!adaptersDir || !fs.existsSync(adaptersDir)) return false;
|
|
466
|
+
|
|
467
|
+
const existingFiles = fs.readdirSync(adaptersDir);
|
|
468
|
+
const missingGates = EXPECTED_GATE_SCRIPTS.filter(g => !existingFiles.includes(g));
|
|
469
|
+
|
|
470
|
+
if (missingGates.length === 0) return false;
|
|
471
|
+
|
|
472
|
+
let restored = 0;
|
|
473
|
+
for (const gateScript of missingGates) {
|
|
474
|
+
const srcFile = path.join(srcDir, gateScript);
|
|
475
|
+
const destFile = path.join(adaptersDir, gateScript);
|
|
476
|
+
if (fs.existsSync(srcFile)) {
|
|
477
|
+
fs.copyFileSync(srcFile, destFile);
|
|
478
|
+
fs.chmodSync(destFile, 0o755);
|
|
479
|
+
restored++;
|
|
480
|
+
}
|
|
481
|
+
}
|
|
482
|
+
|
|
483
|
+
if (restored > 0) {
|
|
484
|
+
console.log(` ✓ Restored ${restored} gate script(s)`);
|
|
485
|
+
return true;
|
|
486
|
+
}
|
|
487
|
+
return false;
|
|
488
|
+
}
|
|
489
|
+
|
|
432
490
|
function fixConfigMismatches(config) {
|
|
433
491
|
let fixed = false;
|
|
434
492
|
fixed = fixVersionMismatch(config, getPackageVersion()) || fixed;
|
|
@@ -481,6 +539,7 @@ function fixIssues(checks, config) {
|
|
|
481
539
|
fixed = fixHooksByMode(config, srcDir) || fixed;
|
|
482
540
|
fixed = fixGlobalHooksPath(config) || fixed;
|
|
483
541
|
fixed = fixMissingAdapters(config.mode, srcDir, getAdaptersDirByMode(config)) || fixed;
|
|
542
|
+
fixed = fixMissingGateScripts(srcDir, getAdaptersDirByMode(config)) || fixed;
|
|
484
543
|
fixed = fixTuiRegistration() || fixed;
|
|
485
544
|
fixed = printCliToolGuidance() || fixed;
|
|
486
545
|
|
package/lib/init.js
CHANGED
|
@@ -35,6 +35,13 @@ function copyAdapters(srcDir, destDir) {
|
|
|
35
35
|
}
|
|
36
36
|
});
|
|
37
37
|
}
|
|
38
|
+
// Copy gate scripts (gate-3.sh through gate-9.sh) from package root to destDir.
|
|
39
|
+
// These are sourced by pre-commit via GATE_DIR which resolves to the adapter dir.
|
|
40
|
+
fs.readdirSync(srcDir).forEach(f => {
|
|
41
|
+
if (f.startsWith('gate-') && f.endsWith('.sh')) {
|
|
42
|
+
fs.copyFileSync(path.join(srcDir, f), path.join(destDir, f));
|
|
43
|
+
}
|
|
44
|
+
});
|
|
38
45
|
}
|
|
39
46
|
|
|
40
47
|
function copyRecursive(src, dest) {
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
const childProcess = require('child_process');
|
|
2
|
+
const fs = require('fs');
|
|
3
|
+
const path = require('path');
|
|
4
|
+
|
|
5
|
+
function readSprintState(dir) {
|
|
6
|
+
try {
|
|
7
|
+
const stateFile = path.join(dir, '.sprint-state', 'sprint-state.json');
|
|
8
|
+
if (!fs.existsSync(stateFile)) return null;
|
|
9
|
+
return JSON.parse(fs.readFileSync(stateFile, 'utf8'));
|
|
10
|
+
} catch {
|
|
11
|
+
return null;
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
function getCurrentSprintReqs(state) {
|
|
16
|
+
if (!state?.phase_history) return [];
|
|
17
|
+
const reqs = [];
|
|
18
|
+
for (const phase of state.phase_history) {
|
|
19
|
+
if (phase.reqs) {
|
|
20
|
+
for (const [id, req] of Object.entries(phase.reqs)) {
|
|
21
|
+
reqs.push({ id, name: req.name, status: req.status });
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
return reqs;
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
function fetchOpenIssues(repoRoot) {
|
|
29
|
+
try {
|
|
30
|
+
const result = childProcess.execSync('gh issue list --state open --json number,title,labels,createdAt', {
|
|
31
|
+
cwd: repoRoot,
|
|
32
|
+
encoding: 'utf8',
|
|
33
|
+
timeout: 30000,
|
|
34
|
+
});
|
|
35
|
+
return JSON.parse(result);
|
|
36
|
+
} catch (err) {
|
|
37
|
+
if (err.message.includes('gh: command not found')) {
|
|
38
|
+
console.error('Error: gh CLI not found. Install it from https://cli.github.com/');
|
|
39
|
+
return null;
|
|
40
|
+
}
|
|
41
|
+
if (err.message.includes('not logged in')) {
|
|
42
|
+
console.error('Error: Not logged in to GitHub. Run "gh auth login" first.');
|
|
43
|
+
return null;
|
|
44
|
+
}
|
|
45
|
+
console.error('Error fetching issues:', err.message);
|
|
46
|
+
return null;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
function filterRemainingIssues(issues, sprintReqs) {
|
|
51
|
+
const sprintTitles = new Set(sprintReqs.map(r => r.name?.toLowerCase()));
|
|
52
|
+
return issues.filter(issue => {
|
|
53
|
+
const titleLower = issue.title.toLowerCase();
|
|
54
|
+
return !sprintTitles.has(titleLower);
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
function formatIssuesTable(issues) {
|
|
59
|
+
if (issues.length === 0) return 'No remaining issues found.';
|
|
60
|
+
const lines = ['Remaining Open Issues:', ''];
|
|
61
|
+
lines.push('┌──────┬────────────────────────────────────────────┬─────────────────────┬───────────┐');
|
|
62
|
+
lines.push('│ # │ Title │ Labels │ Created │');
|
|
63
|
+
lines.push('├──────┼────────────────────────────────────────────┼─────────────────────┼───────────┤');
|
|
64
|
+
for (const issue of issues) {
|
|
65
|
+
const num = String(issue.number).padEnd(4);
|
|
66
|
+
const title = issue.title.slice(0, 40).padEnd(40);
|
|
67
|
+
const labels = (issue.labels || []).map(l => l.name).join(', ').slice(0, 19).padEnd(19);
|
|
68
|
+
const created = issue.createdAt ? issue.createdAt.slice(0, 10) : 'N/A';
|
|
69
|
+
lines.push(`│ ${num} │ ${title} │ ${labels} │ ${created} │`);
|
|
70
|
+
}
|
|
71
|
+
lines.push('└──────┴────────────────────────────────────────────┴─────────────────────┴───────────┘');
|
|
72
|
+
lines.push(`Total: ${issues.length} remaining issues`);
|
|
73
|
+
return lines.join('\n');
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
function generateSprintPlan(issues) {
|
|
77
|
+
if (issues.length === 0) return null;
|
|
78
|
+
const lines = ['Suggested Next Sprint Plan:', ''];
|
|
79
|
+
const prioritized = issues.slice(0, 5);
|
|
80
|
+
for (let i = 0; i < prioritized.length; i++) {
|
|
81
|
+
const issue = prioritized[i];
|
|
82
|
+
lines.push(`${i + 1}. #${issue.number} - ${issue.title}`);
|
|
83
|
+
}
|
|
84
|
+
if (issues.length > 5) {
|
|
85
|
+
lines.push(`... and ${issues.length - 5} more issues`);
|
|
86
|
+
}
|
|
87
|
+
lines.push('');
|
|
88
|
+
lines.push('To start a sprint, run:');
|
|
89
|
+
lines.push(` /sprint-flow "Implement #${prioritized[0].number}: ${prioritized[0].title}"`);
|
|
90
|
+
return lines.join('\n');
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
async function handleNextSprint(args = []) {
|
|
94
|
+
const jsonFlag = args.includes('--json');
|
|
95
|
+
const planFlag = args.includes('--plan');
|
|
96
|
+
const dirIdx = args.indexOf('--dir');
|
|
97
|
+
let repoRoot = process.cwd();
|
|
98
|
+
if (dirIdx >= 0 && dirIdx + 1 < args.length) {
|
|
99
|
+
repoRoot = path.resolve(args[dirIdx + 1]);
|
|
100
|
+
}
|
|
101
|
+
const state = readSprintState(repoRoot);
|
|
102
|
+
const sprintReqs = state ? getCurrentSprintReqs(state) : [];
|
|
103
|
+
const issues = fetchOpenIssues(repoRoot);
|
|
104
|
+
if (issues === null) return 1;
|
|
105
|
+
const remaining = filterRemainingIssues(issues, sprintReqs);
|
|
106
|
+
if (jsonFlag) {
|
|
107
|
+
console.log(JSON.stringify({ current_sprint: state?.id || null, sprint_reqs: sprintReqs, remaining_issues: remaining }, null, 2));
|
|
108
|
+
return 0;
|
|
109
|
+
}
|
|
110
|
+
console.log(formatIssuesTable(remaining));
|
|
111
|
+
if (planFlag) {
|
|
112
|
+
const plan = generateSprintPlan(remaining);
|
|
113
|
+
if (plan) {
|
|
114
|
+
console.log('');
|
|
115
|
+
console.log(plan);
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
return 0;
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
module.exports = {
|
|
122
|
+
handleNextSprint,
|
|
123
|
+
fetchOpenIssues,
|
|
124
|
+
filterRemainingIssues,
|
|
125
|
+
formatIssuesTable,
|
|
126
|
+
generateSprintPlan,
|
|
127
|
+
readSprintState,
|
|
128
|
+
getCurrentSprintReqs,
|
|
129
|
+
};
|
package/mock-policy/AGENTS.md
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SRC/MOCK-POLICY KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Mock layering policy enforcement — Gate M3 of pre-push hook. Ensures integration tests use real implementations for internal dependencies, mock external dependencies, and annotate pending mocks with removal plans. Combines project scope scanning, mock decision engine, and per-file validation into a single pipeline.
|
package/mutation/AGENTS.md
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SRC/MUTATION KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
**Gate M** (incremental mutation testing) + **Gate M2** helpers (test-layer detection used by `src/mock-policy/`). Pre-push quality gate. TypeScript-only; uses Stryker.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@boyingliu01/xp-gate",
|
|
3
|
-
"version": "0.12.
|
|
3
|
+
"version": "0.12.2",
|
|
4
4
|
"description": "AI-driven development workflow: 6 quality gates + Delphi review + Sprint Flow",
|
|
5
5
|
"bin": {
|
|
6
6
|
"xp-gate": "./bin/xp-gate.js"
|
|
@@ -16,7 +16,12 @@
|
|
|
16
16
|
"principles/",
|
|
17
17
|
"mutation/",
|
|
18
18
|
"mock-policy/",
|
|
19
|
-
"build-integrity/"
|
|
19
|
+
"build-integrity/",
|
|
20
|
+
"gate-3.sh",
|
|
21
|
+
"gate-4.sh",
|
|
22
|
+
"gate-7.sh",
|
|
23
|
+
"gate-8.sh",
|
|
24
|
+
"gate-9.sh"
|
|
20
25
|
],
|
|
21
26
|
"exports": {
|
|
22
27
|
"./tui": "./plugins/opencode/tui-plugin.ts"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "xp-gate",
|
|
3
|
-
"version": "0.12.
|
|
3
|
+
"version": "0.12.2",
|
|
4
4
|
"displayName": "XP-Gate",
|
|
5
5
|
"description": "Extreme Programming quality gates + AI workflow skills for Claude Code. Includes 10 quality gates (Gate 0-9), Sprint Flow (11 phases), and Delphi multi-expert review (>=90% consensus).",
|
|
6
6
|
"author": {
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/DELPHI-REVIEW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Delphi Consensus Review — multi-round anonymous expert review (≥90% threshold, 3 experts from ≥2 providers, domestic models only). Supports design + code-walkthrough modes.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/SPRINT-FLOW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
**11-phase** development pipeline: ISOLATE → AUTO-ESTIMATE → THINK → PLAN → BUILD → REVIEW → SHIP → LAND → USER ACCEPTANCE → FEEDBACK → CLEANUP. Phase 2 default build mode is **ralph-loop** (REQ-level iteration, 40-67% token savings vs parallel). HARD-GATE in Phase 1: design must pass Delphi review (≥90% consensus) before any coding.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/TEST-SPECIFICATION-ALIGNMENT KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Test-Specification Alignment Engine — two-stage validation ensuring tests accurately reflect requirements and design specs.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/DELPHI-REVIEW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Delphi Consensus Review — multi-round anonymous expert review (≥90% threshold, 3 experts from ≥2 providers, domestic models only). Supports design + code-walkthrough modes.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/SPRINT-FLOW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
**11-phase** development pipeline: ISOLATE → AUTO-ESTIMATE → THINK → PLAN → BUILD → REVIEW → SHIP → LAND → USER ACCEPTANCE → FEEDBACK → CLEANUP. Phase 2 default build mode is **ralph-loop** (REQ-level iteration, 40-67% token savings vs parallel). HARD-GATE in Phase 1: design must pass Delphi review (≥90% consensus) before any coding.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/TEST-SPECIFICATION-ALIGNMENT KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Test-Specification Alignment Engine — two-stage validation ensuring tests accurately reflect requirements and design specs.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "xp-gate",
|
|
3
|
-
"version": "0.12.
|
|
3
|
+
"version": "0.12.2",
|
|
4
4
|
"displayName": "XP-Gate",
|
|
5
5
|
"description": "Extreme Programming quality gates + AI workflow skills for Qoder. Includes 10 quality gates (Gate 0-9), Sprint Flow (11 phases), and Delphi multi-expert review (>=90% consensus).",
|
|
6
6
|
"author": {
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/DELPHI-REVIEW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Delphi Consensus Review — multi-round anonymous expert review (≥90% threshold, 3 experts from ≥2 providers, domestic models only). Supports design + code-walkthrough modes.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/SPRINT-FLOW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
**11-phase** development pipeline: ISOLATE → AUTO-ESTIMATE → THINK → PLAN → BUILD → REVIEW → USER ACCEPTANCE → FEEDBACK → SHIP → LAND → CLEANUP. Phase 2 default build mode is **ralph-loop** (REQ-level iteration, 40-67% token savings vs parallel). HARD-GATE in Phase 1: design must pass Delphi review (≥90% consensus) before any coding.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/TEST-SPECIFICATION-ALIGNMENT KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Test-Specification Alignment Engine — two-stage validation ensuring tests accurately reflect requirements and design specs.
|
package/principles/AGENTS.md
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# PRINCIPLES CHECKER MODULE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Clean Code & SOLID principles checker — **Gate 4** of pre-commit. 14 rules × 9 language adapters, SARIF 2.1.0 output. Houses the **Boy Scout Rule** enforcement engine (Gate 6) and warning-baseline storage.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/DELPHI-REVIEW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Delphi Consensus Review — multi-round anonymous expert review (≥90% threshold, 3 experts from ≥2 providers, domestic models only). Supports design + code-walkthrough modes.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/SPRINT-FLOW KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
**11-phase** development pipeline: ISOLATE → AUTO-ESTIMATE → THINK → PLAN → BUILD → REVIEW → SHIP → LAND → USER ACCEPTANCE → FEEDBACK → CLEANUP. Phase 2 default build mode is **ralph-loop** (REQ-level iteration, 40-67% token savings vs parallel). HARD-GATE in Phase 1: design must pass Delphi review (≥90% consensus) before any coding.
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# SKILLS/TEST-SPECIFICATION-ALIGNMENT KNOWLEDGE BASE
|
|
2
2
|
|
|
3
3
|
**Generated:** 2026-07-01
|
|
4
|
-
**Commit:**
|
|
4
|
+
**Commit:** 58ec6df
|
|
5
5
|
**Branch:** main
|
|
6
|
-
**Version:** 0.12.
|
|
6
|
+
**Version:** 0.12.2.0
|
|
7
7
|
|
|
8
8
|
## OVERVIEW
|
|
9
9
|
Test-Specification Alignment Engine — two-stage validation ensuring tests accurately reflect requirements and design specs.
|