@colin4k1024/tsp 2.4.1 → 2.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -6
- package/docs/.vitepress/config.mts +199 -0
- package/docs/adr/ADR-001-doc-architecture-integration.md +33 -0
- package/docs/guides/README.md +5 -0
- package/docs/guides/installation.md +33 -0
- package/docs/guides/user-guide.md +36 -0
- package/docs/index.md +65 -0
- package/docs/memory/backlog.md +10 -0
- package/docs/memory/decisions.md +43 -0
- package/docs/memory/lessons-learned.md +87 -0
- package/docs/plans/2026-04-03-python-remnants-audit.md +265 -0
- package/docs/plans/2026-04-03-scripts-python-to-js-migration.md +372 -0
- package/docs/plans/2026-04-03-solo-delivery-execution-checklist.md +413 -0
- package/docs/plans/2026-04-03-solo-delivery-gap-plan.md +377 -0
- package/docs/plans/2026-04-03-team-skills-workflow-gates.md +548 -0
- package/docs/plans/2026-04-21-open-source-readiness-gap-plan.md +217 -0
- package/docs/plans/llm-surface-reduction-audit.md +147 -0
- package/docs/plans/llm-surface-reduction-execution-checklist.md +217 -0
- package/docs/plans/llm-surface-reduction-execution-history.md +124 -0
- package/docs/plans/team-skills-platform-migration.md +54 -0
- package/docs/presentation/README.md +42 -0
- package/docs/presentation/audience-presentation-route-map.md +84 -0
- package/docs/presentation/executive-briefing-talk-track.md +50 -0
- package/docs/presentation/generate_capability_matrix.py +396 -0
- package/docs/presentation/generate_ppt.py +354 -0
- package/docs/presentation/implementation-onboarding-brief.md +38 -0
- package/docs/presentation/presentation-talk-track.md +97 -0
- package/docs/presentation/vertical-scenario-route-map.md +99 -0
- package/docs/presentation/workshop-facilitator-guide.md +47 -0
- package/docs/runbooks/actionlint-workflow-gates.md +80 -0
- package/docs/runbooks/agent-governance.md +131 -0
- package/docs/runbooks/ai-eval-platform-demo-execution-log.md +147 -0
- package/docs/runbooks/ai-eval-platform-demo-script.md +136 -0
- package/docs/runbooks/ai-eval-platform-walkthrough.md +113 -0
- package/docs/runbooks/ai-pr-review-automation.md +56 -0
- package/docs/runbooks/api-breaking-change-gates.md +58 -0
- package/docs/runbooks/api-design-evolution-walkthrough.md +42 -0
- package/docs/runbooks/api-lint-gates.md +57 -0
- package/docs/runbooks/api-mocking-strategy-and-lifecycle-guide.md +47 -0
- package/docs/runbooks/architect-daily-operations.md +63 -0
- package/docs/runbooks/architect-design-conversation-example.md +83 -0
- package/docs/runbooks/artifact-attestation-gates.md +75 -0
- package/docs/runbooks/artifact-persistence.md +257 -0
- package/docs/runbooks/backend-engineer-daily-operations.md +63 -0
- package/docs/runbooks/batch-optimization-completion-checklist.md +104 -0
- package/docs/runbooks/biz-service-designer-end-to-end-conversation-example.md +5 -0
- package/docs/runbooks/biz-service-designer-toolkit.md +5 -0
- package/docs/runbooks/bug-fix-complete-walkthrough.md +60 -0
- package/docs/runbooks/build-failure-recovery-walkthrough.md +40 -0
- package/docs/runbooks/canary-decision-matrix.md +41 -0
- package/docs/runbooks/canary-staging-release-walkthrough.md +46 -0
- package/docs/runbooks/checkov-iac-gates.md +104 -0
- package/docs/runbooks/claude-code-review-workflow.md +72 -0
- package/docs/runbooks/claude-conversation-prompt-recipes.md +132 -0
- package/docs/runbooks/claude-end-to-end-conversation-example.md +198 -0
- package/docs/runbooks/claude-feature-development-guide.md +112 -0
- package/docs/runbooks/claude-quick-start.md +227 -0
- package/docs/runbooks/claude-usage-scenarios.md +176 -0
- package/docs/runbooks/code-review-collaboration-walkthrough.md +65 -0
- package/docs/runbooks/codeql-pr-security-gates.md +64 -0
- package/docs/runbooks/codex-end-to-end-conversation-example.md +166 -0
- package/docs/runbooks/codex-multi-agent-orchestration.md +65 -0
- package/docs/runbooks/codex-parallel-prompt-recipes.md +131 -0
- package/docs/runbooks/codex-quick-start.md +223 -0
- package/docs/runbooks/codex-usage-scenarios.md +168 -0
- package/docs/runbooks/codex-workflow-essentials.md +88 -0
- package/docs/runbooks/command-and-capability-matrix.md +162 -0
- package/docs/runbooks/conftest-policy-gates.md +84 -0
- package/docs/runbooks/consumer-driven-contract-testing-with-mock-alignment.md +45 -0
- package/docs/runbooks/contract-testing-playbook.md +78 -0
- package/docs/runbooks/cosign-signing-gates.md +71 -0
- package/docs/runbooks/cross-role-issue-triage-walkthrough.md +47 -0
- package/docs/runbooks/cursor-quick-start.md +123 -0
- package/docs/runbooks/custom-overlay.md +115 -0
- package/docs/runbooks/data-ml-pipeline-demo-execution-log.md +141 -0
- package/docs/runbooks/data-ml-pipeline-demo-script.md +102 -0
- package/docs/runbooks/data-ml-pipeline-walkthrough.md +119 -0
- package/docs/runbooks/data-observability-quality-demo-execution-log.md +36 -0
- package/docs/runbooks/data-observability-quality-demo-script.md +42 -0
- package/docs/runbooks/data-observability-quality-walkthrough.md +86 -0
- package/docs/runbooks/demo-deliverables-overview.md +278 -0
- package/docs/runbooks/demo-execution-log.md +530 -0
- package/docs/runbooks/demo-scenario.md +129 -0
- package/docs/runbooks/dependency-review-gates.md +63 -0
- package/docs/runbooks/dependency-update-automation.md +83 -0
- package/docs/runbooks/design-md-workflow.md +185 -0
- package/docs/runbooks/devops-engineer-daily-operations.md +60 -0
- package/docs/runbooks/devops-release-conversation-example.md +88 -0
- package/docs/runbooks/doc-architecture-integration.md +59 -0
- package/docs/runbooks/doc-architecture-quick-start.md +122 -0
- package/docs/runbooks/document-execution-audit.md +32 -0
- package/docs/runbooks/documentation-update-walkthrough.md +37 -0
- package/docs/runbooks/ecc-harness-usage.md +93 -0
- package/docs/runbooks/error-experience-usage.md +116 -0
- package/docs/runbooks/evolution-usage.md +162 -0
- package/docs/runbooks/executive-value-one-page.md +55 -0
- package/docs/runbooks/external-capability-approval-and-enablement-workflow.md +39 -0
- package/docs/runbooks/external-capability-intake.md +160 -0
- package/docs/runbooks/first-team-command-60-seconds.md +96 -0
- package/docs/runbooks/first-team-workflow-walkthrough.md +245 -0
- package/docs/runbooks/frontend-backend-integration-acceptance-checklist.md +46 -0
- package/docs/runbooks/frontend-backend-parallel-integration-walkthrough.md +48 -0
- package/docs/runbooks/frontend-bugfix-one-page.md +82 -0
- package/docs/runbooks/frontend-engineer-daily-operations.md +60 -0
- package/docs/runbooks/frontend-enterprise-style-profile.md +5 -0
- package/docs/runbooks/frontend-governance.md +47 -0
- package/docs/runbooks/frontend-refactor-walkthrough.md +42 -0
- package/docs/runbooks/git-pr-workflow.md +63 -0
- package/docs/runbooks/github-actions-supply-chain-demo-execution-log.md +158 -0
- package/docs/runbooks/github-actions-supply-chain-demo-script.md +150 -0
- package/docs/runbooks/github-actions-supply-chain-walkthrough.md +117 -0
- package/docs/runbooks/github-token-permissions-baseline.md +92 -0
- package/docs/runbooks/gitlab-manual-pipeline-release.md +5 -0
- package/docs/runbooks/gitlab-release-integration-playbook.md +5 -0
- package/docs/runbooks/gitnexus-code-intelligence-usage.md +133 -0
- package/docs/runbooks/graphify-knowledge-graph-usage.md +88 -0
- package/docs/runbooks/handoff-filling-guide-with-examples.md +70 -0
- package/docs/runbooks/handoff-governance.md +250 -0
- package/docs/runbooks/helm-unittest-playbook.md +101 -0
- package/docs/runbooks/hotfix-emergency-release-walkthrough.md +60 -0
- package/docs/runbooks/iac-kubernetes-platform-demo-execution-log.md +144 -0
- package/docs/runbooks/iac-kubernetes-platform-demo-script.md +130 -0
- package/docs/runbooks/iac-kubernetes-platform-walkthrough.md +120 -0
- package/docs/runbooks/implementation-onboarding-reading-path.md +67 -0
- package/docs/runbooks/in-toto-attestation-framework.md +94 -0
- package/docs/runbooks/incident-severity-triage-tree.md +43 -0
- package/docs/runbooks/incident-triage-one-page.md +65 -0
- package/docs/runbooks/internal-developer-platform-demo-execution-log.md +36 -0
- package/docs/runbooks/internal-developer-platform-demo-script.md +42 -0
- package/docs/runbooks/internal-developer-platform-walkthrough.md +91 -0
- package/docs/runbooks/karpathy-guidelines-usage.md +27 -0
- package/docs/runbooks/kubeconform-schema-gates.md +100 -0
- package/docs/runbooks/kubectl-server-dry-run-gates.md +103 -0
- package/docs/runbooks/kyverno-policy-gates.md +90 -0
- package/docs/runbooks/langfuse-and-observability-integration-guide.md +43 -0
- package/docs/runbooks/langfuse-coding-trace.md +44 -0
- package/docs/runbooks/mobile-miniapp-delivery-walkthrough.md +112 -0
- package/docs/runbooks/mobile-miniapp-demo-execution-log.md +139 -0
- package/docs/runbooks/mobile-miniapp-demo-script.md +129 -0
- package/docs/runbooks/multi-service-backend-integration-walkthrough.md +61 -0
- package/docs/runbooks/open-design-integration.md +163 -0
- package/docs/runbooks/open-source-release-checklist.md +90 -0
- package/docs/runbooks/opencode-quick-start.md +128 -0
- package/docs/runbooks/parallel-development-coordination-walkthrough.md +47 -0
- package/docs/runbooks/parallel-execution-usage.md +179 -0
- package/docs/runbooks/platform-capability-demo-execution-log.md +184 -0
- package/docs/runbooks/platform-capability-demo-script.md +192 -0
- package/docs/runbooks/plugin-extension-platform-demo-execution-log.md +136 -0
- package/docs/runbooks/plugin-extension-platform-demo-script.md +102 -0
- package/docs/runbooks/plugin-extension-platform-walkthrough.md +111 -0
- package/docs/runbooks/policy-controller-gates.md +75 -0
- package/docs/runbooks/post-rollback-verification-checklist.md +37 -0
- package/docs/runbooks/pre-release-checklist.md +50 -0
- package/docs/runbooks/product-manager-clarification-conversation-example.md +90 -0
- package/docs/runbooks/product-manager-daily-operations.md +60 -0
- package/docs/runbooks/production-incident-response-walkthrough.md +50 -0
- package/docs/runbooks/project-claude-design-rationale.md +188 -0
- package/docs/runbooks/project-manager-daily-operations.md +61 -0
- package/docs/runbooks/project-manager-planning-conversation-example.md +82 -0
- package/docs/runbooks/project-onboarding.md +452 -0
- package/docs/runbooks/qa-engineer-daily-operations.md +63 -0
- package/docs/runbooks/qa-review-conversation-example.md +87 -0
- package/docs/runbooks/release-closure-one-page.md +65 -0
- package/docs/runbooks/release-governance-reading-path.md +56 -0
- package/docs/runbooks/release-notes-automation.md +48 -0
- package/docs/runbooks/release-rollback-recovery-walkthrough.md +47 -0
- package/docs/runbooks/requirement-clarity-and-scope-walkthrough.md +46 -0
- package/docs/runbooks/reviewdog-pr-gates.md +49 -0
- package/docs/runbooks/role-prompt-recipes.md +130 -0
- package/docs/runbooks/rtk-integration-intake.md +45 -0
- package/docs/runbooks/rtk-token-optimization-usage.md +107 -0
- package/docs/runbooks/runner-egress-hardening.md +81 -0
- package/docs/runbooks/runtime-capabilities-overview.md +113 -0
- package/docs/runbooks/sbom-generation-gates.md +71 -0
- package/docs/runbooks/scorecard-supply-chain-gates.md +82 -0
- package/docs/runbooks/secret-scanning-gates.md +85 -0
- package/docs/runbooks/security-compliance-platform-demo-execution-log.md +36 -0
- package/docs/runbooks/security-compliance-platform-demo-script.md +49 -0
- package/docs/runbooks/security-compliance-platform-walkthrough.md +98 -0
- package/docs/runbooks/slsa-generator-patterns.md +73 -0
- package/docs/runbooks/slsa-verification-gates.md +75 -0
- package/docs/runbooks/solo-delivery-mode.md +142 -0
- package/docs/runbooks/solo-delivery-one-page.md +111 -0
- package/docs/runbooks/specialist-commands-playbook.md +85 -0
- package/docs/runbooks/sub-agent-invocation-map.md +144 -0
- package/docs/runbooks/system-architecture-design-walkthrough.md +49 -0
- package/docs/runbooks/team-closeout-example.md +73 -0
- package/docs/runbooks/team-command-output-contracts.md +358 -0
- package/docs/runbooks/team-commands-quick-prompts.md +125 -0
- package/docs/runbooks/team-execute-example.md +63 -0
- package/docs/runbooks/team-handoff-example.md +49 -0
- package/docs/runbooks/team-intake-example.md +70 -0
- package/docs/runbooks/team-plan-example.md +62 -0
- package/docs/runbooks/team-release-example.md +63 -0
- package/docs/runbooks/team-review-example.md +61 -0
- package/docs/runbooks/team-skills-test-run.md +184 -0
- package/docs/runbooks/team-skills-usage.md +336 -0
- package/docs/runbooks/team-training-reading-path.md +64 -0
- package/docs/runbooks/tech-lead-closure-conversation-example.md +78 -0
- package/docs/runbooks/tech-lead-daily-operations.md +67 -0
- package/docs/runbooks/trivy-security-gates.md +79 -0
- package/docs/runbooks/troubleshooting.md +234 -0
- package/docs/runbooks/vertical-scenario-capability-matrix.md +107 -0
- package/docs/runbooks/witness-policy-gates.md +78 -0
- package/docs/runbooks/zizmor-workflow-audits.md +81 -0
- package/manifests/install-components.json +8 -0
- package/manifests/install-modules.json +34 -0
- package/manifests/install-profiles.json +2 -0
- package/package.json +2 -1
- package/scripts/install-apply.js +9 -0
- package/scripts/install-open-design.js +206 -0
- package/scripts/install-plan.js +17 -0
- package/scripts/lib/install/apply.js +31 -0
- package/scripts/lib/install-executor.js +56 -0
- package/skills/open-design/SKILL.md +87 -0
- package/skills/open-design/agents/openai.yaml +4 -0
|
@@ -0,0 +1,265 @@
|
|
|
1
|
+
# Python Remnants Audit
|
|
2
|
+
|
|
3
|
+
**Date:** 2026-04-03
|
|
4
|
+
**Scope:** `/scripts` remaining `.py` files after the JS-first migration waves
|
|
5
|
+
**Goal:** classify every remaining Python file into one of three buckets:
|
|
6
|
+
|
|
7
|
+
- keep as compatibility shim
|
|
8
|
+
- migrate next to JS
|
|
9
|
+
- retire/delete
|
|
10
|
+
|
|
11
|
+
> Historical snapshot: this audit captures Python remnants at that date.
|
|
12
|
+
> Current command equivalents for referenced core scripts:
|
|
13
|
+
> `scripts/build_platform_artifacts.py` -> `scripts/build-platform-artifacts.js`
|
|
14
|
+
> `scripts/validate_library.py` -> `scripts/validate-library.js`
|
|
15
|
+
|
|
16
|
+
## Executive Summary
|
|
17
|
+
|
|
18
|
+
The repository is **not yet Python-free**.
|
|
19
|
+
|
|
20
|
+
The current state is:
|
|
21
|
+
|
|
22
|
+
- the main operational path is already JS-first
|
|
23
|
+
- several Python files remain intentionally as compatibility shims for tests and legacy entrypoints
|
|
24
|
+
- a smaller set of Python files are still real implementations and should be considered the next migration targets
|
|
25
|
+
- a final set are one-off maintenance/debug utilities and should be retired rather than migrated unless there is a live owner for them
|
|
26
|
+
|
|
27
|
+
## Classification Rules
|
|
28
|
+
|
|
29
|
+
### A. Keep as Compatibility Shim
|
|
30
|
+
|
|
31
|
+
Use this bucket only when all of the following are true:
|
|
32
|
+
|
|
33
|
+
1. there is already a JS primary implementation
|
|
34
|
+
2. Python is still imported by tests, hooks, or legacy operators
|
|
35
|
+
3. removing the Python file now would create unnecessary churn
|
|
36
|
+
|
|
37
|
+
### B. Migrate Next to JS
|
|
38
|
+
|
|
39
|
+
Use this bucket when:
|
|
40
|
+
|
|
41
|
+
1. the Python file is still a real implementation
|
|
42
|
+
2. it belongs to an actively used path
|
|
43
|
+
3. the repository would be simpler if it moved into the Node toolchain
|
|
44
|
+
|
|
45
|
+
### C. Retire/Delete
|
|
46
|
+
|
|
47
|
+
Use this bucket when:
|
|
48
|
+
|
|
49
|
+
1. the file is a one-off migration/debug utility
|
|
50
|
+
2. it is not on the supported operational path
|
|
51
|
+
3. it has no active owner or runbook dependency
|
|
52
|
+
|
|
53
|
+
## Current Inventory
|
|
54
|
+
|
|
55
|
+
Remaining Python files under `/scripts`:
|
|
56
|
+
|
|
57
|
+
- `scripts/__init__.py`
|
|
58
|
+
- `scripts/_inspect_project_session.py`
|
|
59
|
+
- `scripts/_migrate_agent_governance.py`
|
|
60
|
+
- `scripts/_register_audit_hooks.py`
|
|
61
|
+
- `scripts/_ruoyi_audit_live.py`
|
|
62
|
+
- `scripts/_ruoyi_detail.py`
|
|
63
|
+
- `scripts/build_platform_artifacts.py`
|
|
64
|
+
- `scripts/hooks/__init__.py`
|
|
65
|
+
- `scripts/hooks/insaits-security-monitor.py`
|
|
66
|
+
- `scripts/hooks/mcp_health_check.py`
|
|
67
|
+
- `scripts/hooks/observe.py`
|
|
68
|
+
- `scripts/hooks/session_end.py`
|
|
69
|
+
- `scripts/hooks/session_start.py`
|
|
70
|
+
- `scripts/install_platform.py`
|
|
71
|
+
- `scripts/langfuse_trace.py`
|
|
72
|
+
- `scripts/lib/audit_logger.py`
|
|
73
|
+
- `scripts/lib/audit_query.py`
|
|
74
|
+
- `scripts/lib/hook_contract.py`
|
|
75
|
+
- `scripts/lib/memory_store.py`
|
|
76
|
+
- `scripts/lib/utils.py`
|
|
77
|
+
- `scripts/query_audit_logs.py`
|
|
78
|
+
- `scripts/run_e2e_test.py`
|
|
79
|
+
- `scripts/scan_leaked_keys.py`
|
|
80
|
+
- `scripts/team_skills_platform.py`
|
|
81
|
+
- `scripts/trigger_gitlab_pipeline.py`
|
|
82
|
+
- `scripts/validate_library.py`
|
|
83
|
+
- `scripts/validate_workflow_state.py`
|
|
84
|
+
|
|
85
|
+
## Bucket 1: Keep as Compatibility Shim
|
|
86
|
+
|
|
87
|
+
These files already have a JS-first runtime path and should remain temporarily as thin Python compatibility surfaces:
|
|
88
|
+
|
|
89
|
+
- `scripts/build_platform_artifacts.py`
|
|
90
|
+
- `scripts/install_platform.py`
|
|
91
|
+
- `scripts/langfuse_trace.py`
|
|
92
|
+
- `scripts/query_audit_logs.py`
|
|
93
|
+
- `scripts/scan_leaked_keys.py`
|
|
94
|
+
- `scripts/validate_library.py`
|
|
95
|
+
- `scripts/validate_workflow_state.py`
|
|
96
|
+
|
|
97
|
+
### Why
|
|
98
|
+
|
|
99
|
+
- they preserve old commands such as `python3 scripts/<name>.py`
|
|
100
|
+
- they protect existing imports in tests and legacy operator habits
|
|
101
|
+
- the real implementation now lives in JS
|
|
102
|
+
|
|
103
|
+
### Exit Criteria For Deletion
|
|
104
|
+
|
|
105
|
+
These shims can be removed only after:
|
|
106
|
+
|
|
107
|
+
1. docs no longer point to the Python entrypoints
|
|
108
|
+
2. tests no longer import these Python modules directly
|
|
109
|
+
3. shell and PowerShell wrappers are fully JS-native
|
|
110
|
+
4. at least one cleanup cycle confirms no active operators still rely on Python invocation
|
|
111
|
+
|
|
112
|
+
## Bucket 2: Keep as Python Compatibility Support For Now
|
|
113
|
+
|
|
114
|
+
These files are not the canonical runtime anymore, but they still provide compatibility for current tests and hook behavior:
|
|
115
|
+
|
|
116
|
+
- `scripts/hooks/mcp_health_check.py`
|
|
117
|
+
- `scripts/hooks/observe.py`
|
|
118
|
+
- `scripts/hooks/session_end.py`
|
|
119
|
+
- `scripts/hooks/session_start.py`
|
|
120
|
+
- `scripts/lib/audit_logger.py`
|
|
121
|
+
- `scripts/lib/audit_query.py`
|
|
122
|
+
- `scripts/lib/hook_contract.py`
|
|
123
|
+
- `scripts/lib/memory_store.py`
|
|
124
|
+
- `scripts/lib/utils.py`
|
|
125
|
+
|
|
126
|
+
### Why
|
|
127
|
+
|
|
128
|
+
- the current test suite imports these Python modules directly
|
|
129
|
+
- they provide a stable bridge while the repository transitions from Python hook semantics to JS hook semantics
|
|
130
|
+
- deleting them now would force a wider hook/test refactor than the main migration required
|
|
131
|
+
|
|
132
|
+
### Recommendation
|
|
133
|
+
|
|
134
|
+
Do **not** migrate these in the next wave by default.
|
|
135
|
+
|
|
136
|
+
Instead choose one of two intentional end states:
|
|
137
|
+
|
|
138
|
+
1. keep them as a supported Python compatibility layer for legacy hook/tests
|
|
139
|
+
2. run a dedicated “hook/test runtime unification” project, then delete them together
|
|
140
|
+
|
|
141
|
+
### Warning
|
|
142
|
+
|
|
143
|
+
Migrating these one-by-one is the wrong shape of work. They are tightly coupled and should be handled as a single compatibility-surface decision.
|
|
144
|
+
|
|
145
|
+
## Bucket 3: Migrate Next to JS
|
|
146
|
+
|
|
147
|
+
These are the remaining Python files that still represent real implementation value and should be the next migration candidates.
|
|
148
|
+
|
|
149
|
+
### High Priority
|
|
150
|
+
|
|
151
|
+
- `scripts/team_skills_platform.py`
|
|
152
|
+
- `scripts/trigger_gitlab_pipeline.py`
|
|
153
|
+
|
|
154
|
+
### Medium Priority
|
|
155
|
+
|
|
156
|
+
- `scripts/run_e2e_test.py` only if we decide to keep a standalone script surface
|
|
157
|
+
|
|
158
|
+
### Why
|
|
159
|
+
|
|
160
|
+
#### `scripts/team_skills_platform.py`
|
|
161
|
+
|
|
162
|
+
- still contains the legacy Python source of truth for platform constants and generation logic
|
|
163
|
+
- even though JS generation now exists, leaving this as a large Python implementation keeps conceptual duplication alive
|
|
164
|
+
- this is the biggest remaining architectural inconsistency
|
|
165
|
+
|
|
166
|
+
#### `scripts/trigger_gitlab_pipeline.py`
|
|
167
|
+
|
|
168
|
+
- still performs real external automation work
|
|
169
|
+
- belongs on the same Node operational surface as the rest of the script toolchain
|
|
170
|
+
|
|
171
|
+
#### `scripts/run_e2e_test.py`
|
|
172
|
+
|
|
173
|
+
- duplicates what the repository now handles through standard test entrypoints
|
|
174
|
+
- is not part of the normal build / validate / install path
|
|
175
|
+
- should be retired unless a real operator still depends on it
|
|
176
|
+
|
|
177
|
+
## Bucket 4: Retire/Delete Instead of Migrating
|
|
178
|
+
|
|
179
|
+
These look like one-off maintenance, audit, or local debugging tools and should not be migrated unless a current owner explicitly claims them.
|
|
180
|
+
|
|
181
|
+
- `scripts/_inspect_project_session.py`
|
|
182
|
+
- `scripts/_migrate_agent_governance.py`
|
|
183
|
+
- `scripts/_register_audit_hooks.py`
|
|
184
|
+
- `scripts/_ruoyi_audit_live.py`
|
|
185
|
+
- `scripts/_ruoyi_detail.py`
|
|
186
|
+
- `scripts/run_e2e_test.py`
|
|
187
|
+
|
|
188
|
+
### Why
|
|
189
|
+
|
|
190
|
+
- they are prefixed like internal maintenance tools
|
|
191
|
+
- they are not part of the supported installation/build/validate path
|
|
192
|
+
- migrating them to JS would create more surface area, not less
|
|
193
|
+
|
|
194
|
+
### Default Action
|
|
195
|
+
|
|
196
|
+
1. confirm no runbook depends on them
|
|
197
|
+
2. move them to an archive or delete them
|
|
198
|
+
3. if retained, label them clearly as internal legacy utilities
|
|
199
|
+
|
|
200
|
+
## Bucket 5: Structural Python Files That Are Fine To Keep
|
|
201
|
+
|
|
202
|
+
These are packaging markers, not meaningful migration targets:
|
|
203
|
+
|
|
204
|
+
- `scripts/__init__.py`
|
|
205
|
+
- `scripts/hooks/__init__.py`
|
|
206
|
+
|
|
207
|
+
## Explicit Python Exception
|
|
208
|
+
|
|
209
|
+
`scripts/hooks/insaits-security-monitor.py` is now treated as an **explicit supported Python exception**.
|
|
210
|
+
|
|
211
|
+
### Why
|
|
212
|
+
|
|
213
|
+
- it is a third-party SDK-facing hook, not core platform generation logic
|
|
214
|
+
- the active integration surface is already JS-first through `scripts/hooks/insaits-security-wrapper.js`
|
|
215
|
+
- forcing an immediate port would couple this migration to the external InsAIts Python SDK behavior
|
|
216
|
+
|
|
217
|
+
### Required Guardrails
|
|
218
|
+
|
|
219
|
+
1. keep the JS wrapper as the canonical entrypoint
|
|
220
|
+
2. document clearly that the monitor is a Python implementation behind a JS wrapper
|
|
221
|
+
3. do not expand Python usage from this hook into the rest of the platform
|
|
222
|
+
|
|
223
|
+
### Recommendation
|
|
224
|
+
|
|
225
|
+
Ignore them until the Python compatibility layer is fully retired. At that point they can disappear with the rest of the Python package surface.
|
|
226
|
+
|
|
227
|
+
## Recommended Next Wave
|
|
228
|
+
|
|
229
|
+
If the goal is to reduce Python without destabilizing the repository, the next wave should be:
|
|
230
|
+
|
|
231
|
+
1. migrate `scripts/team_skills_platform.py`
|
|
232
|
+
2. migrate `scripts/trigger_gitlab_pipeline.py`
|
|
233
|
+
3. retire `scripts/run_e2e_test.py` unless an owner claims it
|
|
234
|
+
4. keep `scripts/hooks/insaits-security-monitor.py` as a documented Python exception behind the JS wrapper
|
|
235
|
+
5. explicitly defer the Python hook/lib compatibility layer until a dedicated cleanup pass
|
|
236
|
+
|
|
237
|
+
## Non-Goals For The Next Wave
|
|
238
|
+
|
|
239
|
+
The next wave should **not** try to:
|
|
240
|
+
|
|
241
|
+
- delete all Python immediately
|
|
242
|
+
- rewrite test imports and hook compatibility at the same time as generator migration
|
|
243
|
+
- migrate one-off `_*.py` utilities without confirming they are still needed
|
|
244
|
+
|
|
245
|
+
## Decision Table
|
|
246
|
+
|
|
247
|
+
| File Group | Status | Recommended Action |
|
|
248
|
+
|---|---|---|
|
|
249
|
+
| JS-backed entrypoint shims | acceptable temporary state | keep until callers are cleaned up |
|
|
250
|
+
| Python hook/lib compatibility layer | intentional technical debt | defer to dedicated hook/test cleanup |
|
|
251
|
+
| `team_skills_platform.py` | unresolved core duplication | migrate next |
|
|
252
|
+
| `trigger_gitlab_pipeline.py` | unresolved operational Python | migrate next |
|
|
253
|
+
| `run_e2e_test.py` | no longer justified on main path | retire unless reclaimed |
|
|
254
|
+
| `hooks/insaits-security-monitor.py` | explicit third-party exception | keep behind JS wrapper |
|
|
255
|
+
| `_*.py` maintenance scripts | likely dead weight | retire/delete unless owned |
|
|
256
|
+
|
|
257
|
+
## Suggested Acceptance Criteria For “Python Mostly Cleared”
|
|
258
|
+
|
|
259
|
+
We should only claim the repository is effectively JS-first when:
|
|
260
|
+
|
|
261
|
+
1. all active operational scripts use JS as the primary implementation
|
|
262
|
+
2. the only remaining Python files are either:
|
|
263
|
+
- compatibility shims, or
|
|
264
|
+
- explicitly documented exceptions
|
|
265
|
+
3. every remaining Python file has an owner and a stated reason to exist
|
|
@@ -0,0 +1,372 @@
|
|
|
1
|
+
# Scripts Python-to-JS Migration Plan
|
|
2
|
+
|
|
3
|
+
> **For Claude:** REQUIRED SUB-SKILL: Use superpowers:executing-plans to implement this plan task-by-task.
|
|
4
|
+
|
|
5
|
+
**Goal:** Migrate the Team Skills Platform's core `scripts/` execution path from Python to JavaScript so that build, generation, and validation workflows run natively in the repository's existing Node.js toolchain.
|
|
6
|
+
|
|
7
|
+
**Architecture:** Replace the current Python-centered platform pipeline with a JS-first pipeline in layers. First migrate shared runtime utilities, then the artifact generator, then the validation chain, while keeping generated output and workflow-gate behavior equivalent to the current implementation.
|
|
8
|
+
|
|
9
|
+
**Tech Stack:** Node.js 18+, existing `package.json` scripts, repository markdown/templates/roles/commands, filesystem-based code generation, audit logging, validation fixtures.
|
|
10
|
+
|
|
11
|
+
---
|
|
12
|
+
|
|
13
|
+
## 1. Background
|
|
14
|
+
|
|
15
|
+
The repository already uses Node.js as its primary package/tooling surface, but the platform core still depends on Python for:
|
|
16
|
+
|
|
17
|
+
- artifact generation
|
|
18
|
+
- library validation
|
|
19
|
+
- workflow-gate validation
|
|
20
|
+
- local audit logging
|
|
21
|
+
|
|
22
|
+
This creates three problems:
|
|
23
|
+
|
|
24
|
+
1. The build and validation path is split across two runtimes.
|
|
25
|
+
2. The platform's most critical governance logic now lives in Python, while the surrounding repo tooling is JS-first.
|
|
26
|
+
3. Every future platform change risks duplicating utility logic across Python and JS.
|
|
27
|
+
|
|
28
|
+
This migration formalizes a JS-first platform core.
|
|
29
|
+
|
|
30
|
+
## 2. Migration Scope
|
|
31
|
+
|
|
32
|
+
### 2.1 In Scope
|
|
33
|
+
|
|
34
|
+
This migration covers the core platform path only:
|
|
35
|
+
|
|
36
|
+
- [scripts/lib/team-skills-platform.js](../../scripts/lib/team-skills-platform.js)
|
|
37
|
+
- [scripts/build-platform-artifacts.js](../../scripts/build-platform-artifacts.js)
|
|
38
|
+
- [scripts/validate-library.js](../../scripts/validate-library.js)
|
|
39
|
+
- [scripts/validate-workflow-state.js](../../scripts/validate-workflow-state.js)
|
|
40
|
+
- [scripts/lib/audit-logger.js](../../scripts/lib/audit-logger.js)
|
|
41
|
+
|
|
42
|
+
### 2.2 Out of Scope
|
|
43
|
+
|
|
44
|
+
These Python scripts are not part of the first migration wave:
|
|
45
|
+
|
|
46
|
+
- [scripts/install-platform.js](../../scripts/install-platform.js)
|
|
47
|
+
- [scripts/query-audit-logs.js](../../scripts/query-audit-logs.js)
|
|
48
|
+
- [scripts/scan-leaked-keys.js](../../scripts/scan-leaked-keys.js)
|
|
49
|
+
- [scripts/langfuse-trace.js](../../scripts/langfuse-trace.js)
|
|
50
|
+
- [scripts/trigger-gitlab-pipeline.js](../../scripts/trigger-gitlab-pipeline.js)
|
|
51
|
+
- `scripts/run-e2e-test.js` (已废弃,无 JS 等价物)
|
|
52
|
+
|
|
53
|
+
These can be migrated later after the platform core is stable.
|
|
54
|
+
|
|
55
|
+
## 3. Target End State
|
|
56
|
+
|
|
57
|
+
After this migration:
|
|
58
|
+
|
|
59
|
+
- `npm run build` uses JS only
|
|
60
|
+
- `npm run validate` uses JS only
|
|
61
|
+
- core platform generation no longer depends on Python
|
|
62
|
+
- workflow-gate validation no longer depends on Python
|
|
63
|
+
- generated artifacts remain equivalent to the current implementation
|
|
64
|
+
- Python entrypoints for the migrated path can be removed or retained only as thin compatibility shims during transition
|
|
65
|
+
|
|
66
|
+
## 4. Success Criteria
|
|
67
|
+
|
|
68
|
+
The migration is complete only when all of the following are true:
|
|
69
|
+
|
|
70
|
+
1. A JS artifact generator can compute and write all expected generated files.
|
|
71
|
+
2. A JS validation entrypoint can replace the current Python validation path.
|
|
72
|
+
3. Workflow-state validation behaves the same as the current fixture-based Python validator.
|
|
73
|
+
4. `package.json` no longer routes core build/validate through Python.
|
|
74
|
+
5. Repository docs no longer instruct users to run Python for the migrated scripts.
|
|
75
|
+
6. Generated output diff is either identical or intentionally reviewed and accepted.
|
|
76
|
+
|
|
77
|
+
## 5. Proposed File Layout
|
|
78
|
+
|
|
79
|
+
Recommended JS replacements:
|
|
80
|
+
|
|
81
|
+
- `scripts/lib/audit-logger.js`
|
|
82
|
+
- `scripts/lib/team-skills-platform.js`
|
|
83
|
+
- `scripts/build-platform-artifacts.js`
|
|
84
|
+
- `scripts/validate-library.js`
|
|
85
|
+
- `scripts/validate-workflow-state.js`
|
|
86
|
+
|
|
87
|
+
Optional compatibility wrappers during transition:
|
|
88
|
+
|
|
89
|
+
- keep Python files temporarily, but reduce them to delegating wrappers
|
|
90
|
+
- or update shell/PowerShell wrappers directly to JS and retire Python immediately
|
|
91
|
+
|
|
92
|
+
## 6. Execution Strategy
|
|
93
|
+
|
|
94
|
+
Use an incremental migration instead of a big-bang rewrite.
|
|
95
|
+
|
|
96
|
+
### Phase 1: Shared Utility Layer
|
|
97
|
+
|
|
98
|
+
Build the common JS foundation first.
|
|
99
|
+
|
|
100
|
+
Deliverables:
|
|
101
|
+
|
|
102
|
+
- JS audit logger with writable-root fallback behavior
|
|
103
|
+
- reusable file IO helpers
|
|
104
|
+
- reusable frontmatter parsing helpers
|
|
105
|
+
- reusable markdown/link/path validation helpers
|
|
106
|
+
|
|
107
|
+
Primary outputs:
|
|
108
|
+
|
|
109
|
+
- `scripts/lib/audit-logger.js`
|
|
110
|
+
- utility helpers colocated under `scripts/lib/`
|
|
111
|
+
|
|
112
|
+
Acceptance:
|
|
113
|
+
|
|
114
|
+
- audit events can be emitted from JS scripts
|
|
115
|
+
- local fallback behavior matches the current Python behavior
|
|
116
|
+
|
|
117
|
+
### Phase 2: Core Generator Migration
|
|
118
|
+
|
|
119
|
+
Migrate the platform generator logic from Python into JS.
|
|
120
|
+
|
|
121
|
+
Deliverables:
|
|
122
|
+
|
|
123
|
+
- JS implementation of role loading
|
|
124
|
+
- JS rendering of generated role prompts
|
|
125
|
+
- JS rendering of generated commands
|
|
126
|
+
- JS expected-artifacts computation
|
|
127
|
+
- JS write/check mode equivalent to the current generator
|
|
128
|
+
|
|
129
|
+
Primary outputs:
|
|
130
|
+
|
|
131
|
+
- `scripts/lib/team-skills-platform.js`
|
|
132
|
+
- `scripts/build-platform-artifacts.js`
|
|
133
|
+
|
|
134
|
+
Acceptance:
|
|
135
|
+
|
|
136
|
+
- generated artifact check passes
|
|
137
|
+
- regenerated output matches current expected output
|
|
138
|
+
|
|
139
|
+
### Phase 3: Workflow Validator Migration
|
|
140
|
+
|
|
141
|
+
Migrate workflow-state validation into JS without changing behavior.
|
|
142
|
+
|
|
143
|
+
Deliverables:
|
|
144
|
+
|
|
145
|
+
- JS validation for:
|
|
146
|
+
- required artifact presence
|
|
147
|
+
- delivery-plan gate markers
|
|
148
|
+
- arch-design presence when applicable
|
|
149
|
+
- handoff readiness fields
|
|
150
|
+
- legal phase transition rules
|
|
151
|
+
|
|
152
|
+
Primary outputs:
|
|
153
|
+
|
|
154
|
+
- `scripts/validate-workflow-state.js`
|
|
155
|
+
|
|
156
|
+
Acceptance:
|
|
157
|
+
|
|
158
|
+
- current valid fixture passes
|
|
159
|
+
- current invalid fixtures fail with clear errors
|
|
160
|
+
|
|
161
|
+
### Phase 4: Library Validator Migration
|
|
162
|
+
|
|
163
|
+
Migrate the repo-wide library validator to JS and wire in the workflow validator.
|
|
164
|
+
|
|
165
|
+
Deliverables:
|
|
166
|
+
|
|
167
|
+
- required file checks
|
|
168
|
+
- generated artifact consistency checks
|
|
169
|
+
- skill catalog checks
|
|
170
|
+
- markdown link checks
|
|
171
|
+
- workflow fixture checks
|
|
172
|
+
|
|
173
|
+
Primary outputs:
|
|
174
|
+
|
|
175
|
+
- `scripts/validate-library.js`
|
|
176
|
+
|
|
177
|
+
Acceptance:
|
|
178
|
+
|
|
179
|
+
- the JS validator covers the same effective validation surface as the Python path for migrated components
|
|
180
|
+
|
|
181
|
+
### Phase 5: Entry Point and Documentation Cutover
|
|
182
|
+
|
|
183
|
+
Switch repository entrypoints and docs to JS.
|
|
184
|
+
|
|
185
|
+
Deliverables:
|
|
186
|
+
|
|
187
|
+
- update [package.json](../../package.json)
|
|
188
|
+
- update:
|
|
189
|
+
- [scripts/build-platform-artifacts.sh](../../scripts/build-platform-artifacts.sh)
|
|
190
|
+
- [scripts/build-platform-artifacts.ps1](../../scripts/build-platform-artifacts.ps1)
|
|
191
|
+
- [scripts/validate-library.sh](../../scripts/validate-library.sh)
|
|
192
|
+
- [scripts/validate-library.ps1](../../scripts/validate-library.ps1)
|
|
193
|
+
- update all operational docs that still instruct Python use for the migrated scripts
|
|
194
|
+
|
|
195
|
+
Acceptance:
|
|
196
|
+
|
|
197
|
+
- build and validate commands shown to users are JS-native
|
|
198
|
+
|
|
199
|
+
### Phase 6: Python Retirement
|
|
200
|
+
|
|
201
|
+
Once the JS path is stable:
|
|
202
|
+
|
|
203
|
+
- remove migrated Python implementations
|
|
204
|
+
- or keep only temporary compatibility stubs with a clear removal deadline
|
|
205
|
+
|
|
206
|
+
Acceptance:
|
|
207
|
+
|
|
208
|
+
- there is a single authoritative implementation for core platform generation/validation
|
|
209
|
+
|
|
210
|
+
## 7. Recommended Task Breakdown
|
|
211
|
+
|
|
212
|
+
### Workstream A: Generator Path
|
|
213
|
+
|
|
214
|
+
Files:
|
|
215
|
+
|
|
216
|
+
- `scripts/lib/team-skills-platform.js`
|
|
217
|
+
- `scripts/build-platform-artifacts.js`
|
|
218
|
+
- `scripts/lib/audit-logger.js`
|
|
219
|
+
|
|
220
|
+
JS targets:
|
|
221
|
+
|
|
222
|
+
- `scripts/lib/team-skills-platform.js`
|
|
223
|
+
- `scripts/build-platform-artifacts.js`
|
|
224
|
+
- `scripts/lib/audit-logger.js`
|
|
225
|
+
|
|
226
|
+
Why first:
|
|
227
|
+
|
|
228
|
+
- highest leverage
|
|
229
|
+
- unblocks JS-native generation
|
|
230
|
+
- reduces future platform change cost the most
|
|
231
|
+
|
|
232
|
+
### Workstream B: Validation Path
|
|
233
|
+
|
|
234
|
+
Files:
|
|
235
|
+
|
|
236
|
+
- `scripts/validate-workflow-state.js`
|
|
237
|
+
- `scripts/validate-library.js`
|
|
238
|
+
|
|
239
|
+
JS targets:
|
|
240
|
+
|
|
241
|
+
- `scripts/validate-workflow-state.js`
|
|
242
|
+
- `scripts/validate-library.js`
|
|
243
|
+
|
|
244
|
+
Why second:
|
|
245
|
+
|
|
246
|
+
- depends on generator outputs
|
|
247
|
+
- easier to validate after generation parity exists
|
|
248
|
+
|
|
249
|
+
### Workstream C: Entry Point Cutover
|
|
250
|
+
|
|
251
|
+
Files:
|
|
252
|
+
|
|
253
|
+
- `package.json`
|
|
254
|
+
- shell wrappers
|
|
255
|
+
- PowerShell wrappers
|
|
256
|
+
- docs references
|
|
257
|
+
|
|
258
|
+
Why third:
|
|
259
|
+
|
|
260
|
+
- should happen only after JS scripts are already stable
|
|
261
|
+
|
|
262
|
+
## 8. Risks and Controls
|
|
263
|
+
|
|
264
|
+
### Risk 1: Output drift during generator migration
|
|
265
|
+
|
|
266
|
+
Problem:
|
|
267
|
+
- generated markdown/manifests may change subtly
|
|
268
|
+
|
|
269
|
+
Mitigation:
|
|
270
|
+
- keep snapshot/equivalence checks
|
|
271
|
+
- compare expected outputs before cutover
|
|
272
|
+
- treat any output delta as reviewable, not accidental
|
|
273
|
+
|
|
274
|
+
### Risk 2: Validation parity gaps
|
|
275
|
+
|
|
276
|
+
Problem:
|
|
277
|
+
- JS validator may miss checks the Python version had
|
|
278
|
+
|
|
279
|
+
Mitigation:
|
|
280
|
+
- port by category, not file-by-file intuition
|
|
281
|
+
- keep fixture-based tests
|
|
282
|
+
- verify each validation concern explicitly
|
|
283
|
+
|
|
284
|
+
### Risk 3: Mixed-runtime confusion during transition
|
|
285
|
+
|
|
286
|
+
Problem:
|
|
287
|
+
- contributors may keep using Python commands while JS becomes canonical
|
|
288
|
+
|
|
289
|
+
Mitigation:
|
|
290
|
+
- switch `package.json` early once stable
|
|
291
|
+
- update AGENTS/README/runbooks in the same cutover
|
|
292
|
+
- optionally leave deprecation shims with explicit warnings
|
|
293
|
+
|
|
294
|
+
### Risk 4: Regressions in workflow-gate enforcement
|
|
295
|
+
|
|
296
|
+
Problem:
|
|
297
|
+
- new gate logic was just introduced and must not be weakened
|
|
298
|
+
|
|
299
|
+
Mitigation:
|
|
300
|
+
- treat workflow fixtures as blocking regression tests
|
|
301
|
+
- do not rewrite gate semantics during migration
|
|
302
|
+
- migrate behavior first, refactor second
|
|
303
|
+
|
|
304
|
+
## 9. Testing and Verification Plan
|
|
305
|
+
|
|
306
|
+
The migration must include these checks:
|
|
307
|
+
|
|
308
|
+
1. Generator parity check
|
|
309
|
+
2. Workflow fixture validation
|
|
310
|
+
3. Library validation check
|
|
311
|
+
4. Targeted unit tests for parser/renderer helpers
|
|
312
|
+
5. Manual spot-check of generated:
|
|
313
|
+
- role prompts
|
|
314
|
+
- team commands
|
|
315
|
+
- plugin manifests
|
|
316
|
+
|
|
317
|
+
Suggested verification commands after JS cutover:
|
|
318
|
+
|
|
319
|
+
```bash
|
|
320
|
+
npm run build
|
|
321
|
+
npm run validate
|
|
322
|
+
npm test
|
|
323
|
+
```
|
|
324
|
+
|
|
325
|
+
## 10. Rollout Recommendation
|
|
326
|
+
|
|
327
|
+
Do this as two PRs or two tightly scoped implementation waves.
|
|
328
|
+
|
|
329
|
+
### Recommended Wave 1
|
|
330
|
+
|
|
331
|
+
Migrate:
|
|
332
|
+
|
|
333
|
+
- audit logger
|
|
334
|
+
- team skills generator core
|
|
335
|
+
- build entrypoint
|
|
336
|
+
|
|
337
|
+
Reason:
|
|
338
|
+
- smallest high-value slice
|
|
339
|
+
- immediately removes Python from the generation path
|
|
340
|
+
|
|
341
|
+
### Recommended Wave 2
|
|
342
|
+
|
|
343
|
+
Migrate:
|
|
344
|
+
|
|
345
|
+
- workflow validator
|
|
346
|
+
- library validator
|
|
347
|
+
- package/documentation cutover
|
|
348
|
+
|
|
349
|
+
Reason:
|
|
350
|
+
- depends on wave 1 parity
|
|
351
|
+
- lets validation migration build on the stable JS generator
|
|
352
|
+
|
|
353
|
+
## 11. Final Recommendation
|
|
354
|
+
|
|
355
|
+
The best first implementation slice is:
|
|
356
|
+
|
|
357
|
+
1. migrate [team-skills-platform.js](../../scripts/lib/team-skills-platform.js)
|
|
358
|
+
2. migrate [build-platform-artifacts.js](../../scripts/build-platform-artifacts.js)
|
|
359
|
+
3. migrate [audit-logger.js](../../scripts/lib/audit-logger.js)
|
|
360
|
+
|
|
361
|
+
This gives the repository a JS-native generation core with the least coordination risk. After that, migrate the validators and switch the user-facing commands.
|
|
362
|
+
|
|
363
|
+
## 12. Deliverable Checklist
|
|
364
|
+
|
|
365
|
+
- [ ] JS audit logger exists and is wired into JS entrypoints
|
|
366
|
+
- [ ] JS generator exists and produces equivalent outputs
|
|
367
|
+
- [ ] JS build entrypoint replaces Python build entrypoint
|
|
368
|
+
- [ ] JS workflow validator exists and passes current fixtures
|
|
369
|
+
- [ ] JS library validator exists and replaces Python validate entrypoint
|
|
370
|
+
- [ ] `package.json` scripts are JS-native for build/validate
|
|
371
|
+
- [ ] Docs no longer direct users to Python for migrated scripts
|
|
372
|
+
- [ ] Deprecated Python entrypoints are removed or explicitly marked temporary
|