@fyow/copilot-everything 1.0.2 → 1.0.3

package/.github/agents/tdd-guide.agent.md

@@ -1,6 +1,6 @@
 ---
 name: tdd-guide
-description: Test-Driven Development specialist enforcing write-tests-first methodology. Use for new features, bug fixes, or refactoring to ensure 80%+ test coverage.
+description: Test-Driven Development specialist enforcing write-tests-first methodology. Use PROACTIVELY when writing new features, fixing bugs, or refactoring code. Ensures 80%+ test coverage.
 tools: ["read", "edit", "shell", "search"]
 ---
 
@@ -25,6 +25,7 @@ describe('searchMarkets', () => {
 
     expect(results).toHaveLength(5)
     expect(results[0].name).toContain('Trump')
+    expect(results[1].name).toContain('Biden')
   })
 })
 ```
@@ -96,32 +97,183 @@ import { NextRequest } from 'next/server'
 import { GET } from './route'
 
 describe('GET /api/markets/search', () => {
-  it('returns markets matching query', async () => {
-    const req = new NextRequest('http://test?q=election')
-    const res = await GET(req)
-    const data = await res.json()
-    
-    expect(res.status).toBe(200)
-    expect(data.markets).toBeDefined()
+  it('returns 200 with valid results', async () => {
+    const request = new NextRequest('http://localhost/api/markets/search?q=trump')
+    const response = await GET(request, {})
+    const data = await response.json()
+
+    expect(response.status).toBe(200)
+    expect(data.success).toBe(true)
+    expect(data.results.length).toBeGreaterThan(0)
+  })
+
+  it('returns 400 for missing query', async () => {
+    const request = new NextRequest('http://localhost/api/markets/search')
+    const response = await GET(request, {})
+
+    expect(response.status).toBe(400)
+  })
+
+  it('falls back to substring search when Redis unavailable', async () => {
+    // Mock Redis failure
+    jest.spyOn(redis, 'searchMarketsByVector').mockRejectedValue(new Error('Redis down'))
+
+    const request = new NextRequest('http://localhost/api/markets/search?q=test')
+    const response = await GET(request, {})
+    const data = await response.json()
+
+    expect(response.status).toBe(200)
+    expect(data.fallback).toBe(true)
   })
 })
 ```
 
-### 3. E2E Tests (Critical Flows)
-Test complete user journeys with Playwright.
+### 3. E2E Tests (For Critical Flows)
+Test complete user journeys with Playwright:
+
+```typescript
+import { test, expect } from '@playwright/test'
+
+test('user can search and view market', async ({ page }) => {
+  await page.goto('/')
+
+  // Search for market
+  await page.fill('input[placeholder="Search markets"]', 'election')
+  await page.waitForTimeout(600) // Debounce
+
+  // Verify results
+  const results = page.locator('[data-testid="market-card"]')
+  await expect(results).toHaveCount(5, { timeout: 5000 })
+
+  // Click first result
+  await results.first().click()
+
+  // Verify market page loaded
+  await expect(page).toHaveURL(/\/markets\//)
+  await expect(page.locator('h1')).toBeVisible()
+})
+```
+
+## Mocking External Dependencies
+
+### Mock Supabase
+```typescript
+jest.mock('@/lib/supabase', () => ({
+  supabase: {
+    from: jest.fn(() => ({
+      select: jest.fn(() => ({
+        eq: jest.fn(() => Promise.resolve({
+          data: mockMarkets,
+          error: null
+        }))
+      }))
+    }))
+  }
+}))
+```
+
+### Mock Redis
+```typescript
+jest.mock('@/lib/redis', () => ({
+  searchMarketsByVector: jest.fn(() => Promise.resolve([
+    { slug: 'test-1', similarity_score: 0.95 },
+    { slug: 'test-2', similarity_score: 0.90 }
+  ]))
+}))
+```
+
+### Mock OpenAI
+```typescript
+jest.mock('@/lib/openai', () => ({
+  generateEmbedding: jest.fn(() => Promise.resolve(
+    new Array(1536).fill(0.1)
+  ))
+}))
+```
+
+## Edge Cases You MUST Test
+
+1. **Null/Undefined**: What if input is null?
+2. **Empty**: What if array/string is empty?
+3. **Invalid Types**: What if wrong type passed?
+4. **Boundaries**: Min/max values
+5. **Errors**: Network failures, database errors
+6. **Race Conditions**: Concurrent operations
+7. **Large Data**: Performance with 10k+ items
+8. **Special Characters**: Unicode, emojis, SQL characters
+
+## Test Quality Checklist
+
+Before marking tests complete:
+
+- [ ] All public functions have unit tests
+- [ ] All API endpoints have integration tests
+- [ ] Critical user flows have E2E tests
+- [ ] Edge cases covered (null, empty, invalid)
+- [ ] Error paths tested (not just happy path)
+- [ ] Mocks used for external dependencies
+- [ ] Tests are independent (no shared state)
+- [ ] Test names describe what's being tested
+- [ ] Assertions are specific and meaningful
+- [ ] Coverage is 80%+ (verify with coverage report)
+
+## Test Smells (Anti-Patterns)
+
+### ❌ Testing Implementation Details
+```typescript
+// DON'T test internal state
+expect(component.state.count).toBe(5)
+```
+
+### ✅ Test User-Visible Behavior
+```typescript
+// DO test what users see
+expect(screen.getByText('Count: 5')).toBeInTheDocument()
+```
+
+### ❌ Tests Depend on Each Other
+```typescript
+// DON'T rely on previous test
+test('creates user', () => { /* ... */ })
+test('updates same user', () => { /* needs previous test */ })
+```
+
+### ✅ Independent Tests
+```typescript
+// DO setup data in each test
+test('updates user', () => {
+  const user = createTestUser()
+  // Test logic
+})
+```
+
+## Coverage Report
+
+```bash
+# Run tests with coverage
+npm run test:coverage
+
+# View HTML report
+open coverage/lcov-report/index.html
+```
+
+Required thresholds:
+- Branches: 80%
+- Functions: 80%
+- Lines: 80%
+- Statements: 80%
 
-## Coverage Requirements
+## Continuous Testing
 
-- **Minimum**: 80% overall coverage
-- **Critical paths**: 100% coverage
-- **New code**: Must include tests
-- **Bug fixes**: Must include regression test
+```bash
+# Watch mode during development
+npm test -- --watch
+
+# Run before commit (via git hook)
+npm test && npm run lint
 
-## Best Practices
+# CI/CD integration
+npm test -- --coverage --ci
+```
 
-1. **One assertion per test** when possible
-2. **Descriptive test names** that explain expected behavior
-3. **Arrange-Act-Assert** pattern
-4. **Mock external dependencies**
-5. **Test edge cases**: null, undefined, empty, max values
-6. **Test error scenarios**: network failures, invalid input
+**Remember**: No code without tests. Tests are not optional. They are the safety net that enables confident refactoring, rapid development, and production reliability.

package/.github/instructions/agents.instructions.md

@@ -0,0 +1,53 @@
+---
+applyTo: "**/*"
+---
+
+# Agent Orchestration
+
+## Available Agents
+
+Located in `.github/agents/`:
+
+| Agent | Purpose | When to Use |
+|-------|---------|-------------|
+| planner | Implementation planning | Complex features, refactoring |
+| architect | System design | Architectural decisions |
+| tdd-guide | Test-driven development | New features, bug fixes |
+| code-reviewer | Code review | After writing code |
+| security-reviewer | Security analysis | Before commits |
+| build-error-resolver | Fix build errors | When build fails |
+| e2e-runner | E2E testing | Critical user flows |
+| refactor-cleaner | Dead code cleanup | Code maintenance |
+| doc-updater | Documentation | Updating docs |
+
+## Immediate Agent Usage
+
+No user prompt needed:
+1. Complex feature requests - Use **planner** agent
+2. Code just written/modified - Use **code-reviewer** agent
+3. Bug fix or new feature - Use **tdd-guide** agent
+4. Architectural decision - Use **architect** agent
+
+## Parallel Task Execution
+
+ALWAYS use parallel Task execution for independent operations:
+
+```markdown
+# GOOD: Parallel execution
+Launch 3 agents in parallel:
+1. Agent 1: Security analysis of auth.ts
+2. Agent 2: Performance review of cache system
+3. Agent 3: Type checking of utils.ts
+
+# BAD: Sequential when unnecessary
+First agent 1, then agent 2, then agent 3
+```
+
+## Multi-Perspective Analysis
+
+For complex problems, use split role sub-agents:
+- Factual reviewer
+- Senior engineer
+- Security expert
+- Consistency reviewer
+- Redundancy checker

package/.github/instructions/coding-style.instructions.md

@@ -1,21 +1,21 @@
 ---
-applyTo: "**/*.ts,**/*.tsx,**/*.js,**/*.jsx"
+applyTo: "**/*.{js,ts,jsx,tsx,mjs,cjs}"
 ---
 
-# Coding Style Guidelines
+# Coding Style
 
 ## Immutability (CRITICAL)
 
 ALWAYS create new objects, NEVER mutate:
 
 ```javascript
-// ❌ WRONG: Mutation
+// WRONG: Mutation
 function updateUser(user, name) {
   user.name = name  // MUTATION!
   return user
 }
 
-// ✅ CORRECT: Immutability
+// CORRECT: Immutability
 function updateUser(user, name) {
   return {
     ...user,
@@ -46,6 +46,21 @@ try {
 }
 ```
 
+## Input Validation
+
+ALWAYS validate user input:
+
+```typescript
+import { z } from 'zod'
+
+const schema = z.object({
+  email: z.string().email(),
+  age: z.number().int().min(0).max(150)
+})
+
+const validated = schema.parse(input)
+```
+
 ## Code Quality Checklist
 
 Before marking work complete:
@@ -54,14 +69,6 @@ Before marking work complete:
 - [ ] Files are focused (<800 lines)
 - [ ] No deep nesting (>4 levels)
 - [ ] Proper error handling
-- [ ] No console.log statements in production
+- [ ] No console.log statements
 - [ ] No hardcoded values
 - [ ] No mutation (immutable patterns used)
-
-## Naming Conventions
-
-- **Variables**: camelCase, descriptive (`userEmail`, not `e`)
-- **Functions**: camelCase, verb-based (`getUserById`, not `user`)
-- **Constants**: UPPER_SNAKE_CASE (`MAX_RETRY_COUNT`)
-- **Types/Interfaces**: PascalCase (`UserProfile`)
-- **Files**: kebab-case (`user-profile.ts`)

package/.github/instructions/git-workflow.instructions.md

@@ -1,5 +1,5 @@
 ---
-applyTo: "**"
+applyTo: "**/*"
 ---
 
 # Git Workflow
@@ -12,13 +12,7 @@ applyTo: "**"
 <optional body>
 ```
 
-Types: `feat`, `fix`, `refactor`, `docs`, `test`, `chore`, `perf`, `ci`
-
-Examples:
-- `feat: add user authentication`
-- `fix: resolve null pointer in search`
-- `refactor: extract validation logic`
-- `docs: update API documentation`
+Types: feat, fix, refactor, docs, test, chore, perf, ci
 
 ## Pull Request Workflow
 
@@ -32,29 +26,22 @@ When creating PRs:
 ## Feature Implementation Workflow
 
 1. **Plan First**
-   - Use `planner` agent to create implementation plan
+   - Use **planner** agent to create implementation plan
    - Identify dependencies and risks
    - Break down into phases
 
 2. **TDD Approach**
-   - Use `tdd-guide` agent
+   - Use **tdd-guide** agent
    - Write tests first (RED)
    - Implement to pass tests (GREEN)
    - Refactor (IMPROVE)
    - Verify 80%+ coverage
 
 3. **Code Review**
-   - Use `code-reviewer` agent after writing code
+   - Use **code-reviewer** agent immediately after writing code
    - Address CRITICAL and HIGH issues
    - Fix MEDIUM issues when possible
 
 4. **Commit & Push**
    - Detailed commit messages
    - Follow conventional commits format
-
-## Branch Naming
-
-- `feature/description` - New features
-- `fix/description` - Bug fixes
-- `refactor/description` - Code improvements
-- `docs/description` - Documentation updates

package/.github/instructions/hooks.instructions.md

@@ -0,0 +1,52 @@
+---
+applyTo: "**/*"
+---
+
+# Hooks System Reference
+
+> Note: GitHub Copilot CLI does not support hooks like Claude Code. This document is kept for reference when using Claude Code or similar systems.
+
+## Hook Types
+
+- **PreToolUse**: Before tool execution (validation, parameter modification)
+- **PostToolUse**: After tool execution (auto-format, checks)
+- **Stop**: When session ends (final verification)
+
+## Recommended Hooks
+
+### PreToolUse
+- **tmux reminder**: Suggests tmux for long-running commands (npm, pnpm, yarn, cargo, etc.)
+- **git push review**: Opens editor for review before push
+- **doc blocker**: Blocks creation of unnecessary .md/.txt files
+
+### PostToolUse
+- **PR creation**: Logs PR URL and GitHub Actions status
+- **Prettier**: Auto-formats JS/TS files after edit
+- **TypeScript check**: Runs tsc after editing .ts/.tsx files
+- **console.log warning**: Warns about console.log in edited files
+
+### Stop
+- **console.log audit**: Checks all modified files for console.log before session ends
+
+## Auto-Accept Permissions
+
+Use with caution:
+- Enable for trusted, well-defined plans
+- Disable for exploratory work
+- Never use dangerously-skip-permissions flag
+- Configure `allowedTools` in settings instead
+
+## TodoWrite Best Practices
+
+Use TodoWrite tool to:
+- Track progress on multi-step tasks
+- Verify understanding of instructions
+- Enable real-time steering
+- Show granular implementation steps
+
+Todo list reveals:
+- Out of order steps
+- Missing items
+- Extra unnecessary items
+- Wrong granularity
+- Misinterpreted requirements

package/.github/instructions/patterns.instructions.md

@@ -0,0 +1,59 @@
+---
+applyTo: "**/*.{js,ts,jsx,tsx}"
+---
+
+# Common Patterns
+
+## API Response Format
+
+```typescript
+interface ApiResponse<T> {
+  success: boolean
+  data?: T
+  error?: string
+  meta?: {
+    total: number
+    page: number
+    limit: number
+  }
+}
+```
+
+## Custom Hooks Pattern
+
+```typescript
+export function useDebounce<T>(value: T, delay: number): T {
+  const [debouncedValue, setDebouncedValue] = useState<T>(value)
+
+  useEffect(() => {
+    const handler = setTimeout(() => setDebouncedValue(value), delay)
+    return () => clearTimeout(handler)
+  }, [value, delay])
+
+  return debouncedValue
+}
+```
+
+## Repository Pattern
+
+```typescript
+interface Repository<T> {
+  findAll(filters?: Filters): Promise<T[]>
+  findById(id: string): Promise<T | null>
+  create(data: CreateDto): Promise<T>
+  update(id: string, data: UpdateDto): Promise<T>
+  delete(id: string): Promise<void>
+}
+```
+
+## Skeleton Projects
+
+When implementing new functionality:
+1. Search for battle-tested skeleton projects
+2. Use parallel agents to evaluate options:
+   - Security assessment
+   - Extensibility analysis
+   - Relevance scoring
+   - Implementation planning
+3. Clone best match as foundation
+4. Iterate within proven structure

package/.github/instructions/performance.instructions.md

@@ -1,8 +1,27 @@
 ---
-applyTo: "**"
+applyTo: "**/*"
 ---
 
-# Performance Guidelines
+# Performance Optimization
+
+## Model Selection Strategy
+
+> Note: GitHub Copilot uses its own model selection. This is reference for Claude Code users.
+
+**Haiku 4.5** (90% of Sonnet capability, 3x cost savings):
+- Lightweight agents with frequent invocation
+- Pair programming and code generation
+- Worker agents in multi-agent systems
+
+**Sonnet 4.5** (Best coding model):
+- Main development work
+- Orchestrating multi-agent workflows
+- Complex coding tasks
+
+**Opus 4.5** (Deepest reasoning):
+- Complex architectural decisions
+- Maximum reasoning requirements
+- Research and analysis tasks
 
 ## Context Window Management
 
@@ -11,42 +30,24 @@ Avoid last 20% of context window for:
 - Feature implementation spanning multiple files
 - Debugging complex interactions
 
-Use `/compact` command when context is getting full.
-
 Lower context sensitivity tasks:
 - Single-file edits
 - Independent utility creation
 - Documentation updates
 - Simple bug fixes
 
+## Deep Reasoning Mode
+
+For complex tasks requiring deep reasoning:
+1. Use enhanced thinking mode
+2. Enable **Plan Mode** for structured approach
+3. Use multiple critique rounds
+4. Use split role sub-agents for diverse analysis
+
 ## Build Troubleshooting
 
 If build fails:
-1. Use `build-error-resolver` agent
+1. Use **build-error-resolver** agent
 2. Analyze error messages
 3. Fix incrementally
 4. Verify after each fix
-
-## Code Performance
-
-### Algorithms
-- Prefer O(n log n) over O(n²) when possible
-- Use appropriate data structures (Set for lookups, Map for key-value)
-- Avoid unnecessary iterations
-
-### React/Frontend
-- Use `useMemo` and `useCallback` for expensive computations
-- Implement virtualization for long lists
-- Lazy load routes and heavy components
-- Optimize images (WebP, proper sizing)
-
-### Backend/API
-- Use database indexes for frequently queried fields
-- Implement caching (Redis, in-memory)
-- Avoid N+1 queries
-- Use connection pooling
-
-### Bundle Size
-- Tree-shake unused code
-- Code split by route
-- Analyze bundle with `npm run build -- --analyze`

package/.github/instructions/security.instructions.md

@@ -1,19 +1,20 @@
 ---
-applyTo: "**/*.ts,**/*.tsx,**/*.js,**/*.jsx"
+applyTo: "**/*.{js,ts,jsx,tsx,py}"
 ---
 
 # Security Guidelines
 
-## Mandatory Checks Before Commit
+## Mandatory Security Checks
 
-- No hardcoded secrets (API keys, passwords, tokens)
-- All user inputs validated
-- SQL injection prevention (parameterized queries)
-- XSS prevention (sanitized HTML)
-- CSRF protection enabled
-- Authentication/authorization verified
-- Rate limiting on all endpoints
-- Error messages don't leak sensitive data
+Before ANY commit:
+- [ ] No hardcoded secrets (API keys, passwords, tokens)
+- [ ] All user inputs validated
+- [ ] SQL injection prevention (parameterized queries)
+- [ ] XSS prevention (sanitized HTML)
+- [ ] CSRF protection enabled
+- [ ] Authentication/authorization verified
+- [ ] Rate limiting on all endpoints
+- [ ] Error messages don't leak sensitive data
 
 ## Secret Management
 
@@ -33,31 +34,7 @@ if (!apiKey) {
 
 If security issue found:
 1. STOP immediately
-2. Use `security-reviewer` agent
+2. Use **security-reviewer** agent
 3. Fix CRITICAL issues before continuing
 4. Rotate any exposed secrets
 5. Review entire codebase for similar issues
-
-## Input Validation
-
-```typescript
-import { z } from 'zod'
-
-const schema = z.object({
-  email: z.string().email(),
-  age: z.number().int().min(0).max(150)
-})
-
-const validated = schema.parse(untrustedInput)
-```
-
-## SQL Injection Prevention
-
-```typescript
-// ❌ Never concatenate user input
-const query = `SELECT * FROM users WHERE id = ${userId}`
-
-// ✅ Always use parameterized queries
-const query = 'SELECT * FROM users WHERE id = $1'
-await db.query(query, [userId])
-```

package/.github/instructions/testing.instructions.md

@@ -1,12 +1,12 @@
 ---
-applyTo: "**/*.test.ts,**/*.test.tsx,**/*.spec.ts,**/*.spec.tsx,**/tests/**"
+applyTo: "**/*.{test,spec}.{js,ts,jsx,tsx}"
 ---
 
 # Testing Requirements
 
 ## Minimum Test Coverage: 80%
 
-Test Types (ALL required for new features):
+Test Types (ALL required):
 1. **Unit Tests** - Individual functions, utilities, components
 2. **Integration Tests** - API endpoints, database operations
 3. **E2E Tests** - Critical user flows (Playwright)
@@ -21,35 +21,14 @@ MANDATORY workflow:
 5. Refactor (IMPROVE)
 6. Verify coverage (80%+)
 
-## Test Structure
-
-```typescript
-describe('FunctionName', () => {
-  it('should do expected behavior when given input', () => {
-    // Arrange
-    const input = 'test'
-    
-    // Act
-    const result = functionName(input)
-    
-    // Assert
-    expect(result).toBe('expected')
-  })
-
-  it('should handle edge cases', () => {
-    expect(() => functionName(null)).toThrow()
-  })
-})
-```
-
 ## Troubleshooting Test Failures
 
-1. Use `tdd-guide` agent for guidance
+1. Use **tdd-guide** agent
 2. Check test isolation
 3. Verify mocks are correct
 4. Fix implementation, not tests (unless tests are wrong)
 
 ## Agent Support
 
-- **tdd-guide** - Use for new features, enforces write-tests-first
+- **tdd-guide** - Use PROACTIVELY for new features, enforces write-tests-first
 - **e2e-runner** - Playwright E2E testing specialist