@geraldmaron/construct 1.0.5 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (209) hide show
  1. package/README.md +8 -4
  2. package/agents/prompts/cx-accessibility.md +3 -3
  3. package/agents/prompts/cx-ai-engineer.md +7 -7
  4. package/agents/prompts/cx-architect.md +6 -6
  5. package/agents/prompts/cx-business-strategist.md +6 -6
  6. package/agents/prompts/cx-data-analyst.md +7 -7
  7. package/agents/prompts/cx-data-engineer.md +3 -3
  8. package/agents/prompts/cx-debugger.md +6 -6
  9. package/agents/prompts/cx-designer.md +5 -5
  10. package/agents/prompts/cx-devil-advocate.md +4 -4
  11. package/agents/prompts/cx-docs-keeper.md +5 -5
  12. package/agents/prompts/cx-engineer.md +5 -5
  13. package/agents/prompts/cx-evaluator.md +2 -2
  14. package/agents/prompts/cx-explorer.md +8 -8
  15. package/agents/prompts/cx-legal-compliance.md +2 -2
  16. package/agents/prompts/cx-operations.md +5 -5
  17. package/agents/prompts/cx-orchestrator.md +10 -10
  18. package/agents/prompts/cx-platform-engineer.md +5 -5
  19. package/agents/prompts/cx-product-manager.md +4 -4
  20. package/agents/prompts/cx-qa.md +8 -8
  21. package/agents/prompts/cx-rd-lead.md +9 -9
  22. package/agents/prompts/cx-release-manager.md +5 -5
  23. package/agents/prompts/cx-researcher.md +22 -22
  24. package/agents/prompts/cx-reviewer.md +7 -7
  25. package/agents/prompts/cx-security.md +10 -10
  26. package/agents/prompts/cx-sre.md +7 -7
  27. package/agents/prompts/cx-test-automation.md +3 -3
  28. package/agents/prompts/cx-trace-reviewer.md +8 -8
  29. package/agents/prompts/cx-ux-researcher.md +3 -3
  30. package/bin/construct +235 -21
  31. package/commands/build/feature.md +4 -4
  32. package/commands/build/fix.md +8 -8
  33. package/commands/design/access.md +3 -3
  34. package/commands/design/flow.md +3 -3
  35. package/commands/design/ui.md +4 -4
  36. package/commands/measure/experiment.md +5 -5
  37. package/commands/measure/metrics.md +3 -3
  38. package/commands/measure/results.md +4 -4
  39. package/commands/plan/api.md +3 -3
  40. package/commands/plan/challenge.md +3 -3
  41. package/commands/plan/decide.md +3 -3
  42. package/commands/plan/feature.md +7 -7
  43. package/commands/plan/requirements.md +3 -3
  44. package/commands/remember/context.md +5 -5
  45. package/commands/remember/handoff.md +3 -3
  46. package/commands/remember/runbook.md +3 -3
  47. package/commands/review/code.md +8 -8
  48. package/commands/review/quality.md +4 -4
  49. package/commands/review/security.md +3 -3
  50. package/commands/ship/ready.md +3 -3
  51. package/commands/ship/release.md +3 -3
  52. package/commands/ship/status.md +4 -4
  53. package/commands/understand/docs.md +3 -3
  54. package/commands/understand/this.md +4 -4
  55. package/commands/understand/why.md +8 -8
  56. package/commands/work/clean.md +14 -14
  57. package/commands/work/drive.md +10 -10
  58. package/commands/work/optimize-prompts.md +9 -9
  59. package/commands/work/parallel-review.md +8 -8
  60. package/db/schema/006_graph.sql +24 -0
  61. package/examples/provider-plugin/README.md +7 -7
  62. package/examples/seed-observations/README.md +6 -6
  63. package/examples/seed-observations/anti-patterns.md +14 -14
  64. package/examples/seed-observations/decisions.md +4 -4
  65. package/examples/seed-observations/patterns.md +14 -14
  66. package/lib/auto-docs.mjs +8 -3
  67. package/lib/cli-commands.mjs +2 -2
  68. package/lib/flavors/loader.mjs +1 -1
  69. package/lib/knowledge/graph.mjs +213 -0
  70. package/lib/mcp/server.mjs +187 -1
  71. package/lib/mcp/tools/profile.mjs +270 -0
  72. package/package.json +1 -1
  73. package/platforms/claude/CLAUDE.md +6 -6
  74. package/rules/common/agents.md +2 -2
  75. package/rules/common/beads-hygiene.md +11 -11
  76. package/rules/common/code-review.md +1 -1
  77. package/rules/common/coding-style.md +1 -1
  78. package/rules/common/comments.md +8 -8
  79. package/rules/common/commit-approval.md +4 -4
  80. package/rules/common/cx-agent-routing.md +2 -2
  81. package/rules/common/cx-skill-routing.md +2 -2
  82. package/rules/common/development-workflow.md +1 -1
  83. package/rules/common/doc-ownership.md +2 -2
  84. package/rules/common/efficiency.md +3 -3
  85. package/rules/common/framing.md +1 -1
  86. package/rules/common/git-workflow.md +1 -1
  87. package/rules/common/patterns.md +1 -1
  88. package/rules/common/performance.md +1 -1
  89. package/rules/common/release-gates.md +7 -7
  90. package/rules/common/research.md +4 -4
  91. package/rules/common/security.md +1 -1
  92. package/rules/common/skill-composition.md +8 -8
  93. package/rules/common/testing.md +1 -1
  94. package/rules/golang/coding-style.md +2 -2
  95. package/rules/golang/hooks.md +1 -1
  96. package/rules/golang/patterns.md +1 -1
  97. package/rules/golang/security.md +1 -1
  98. package/rules/golang/testing.md +1 -1
  99. package/rules/python/coding-style.md +1 -1
  100. package/rules/python/hooks.md +1 -1
  101. package/rules/python/patterns.md +1 -1
  102. package/rules/python/security.md +1 -1
  103. package/rules/python/testing.md +1 -1
  104. package/rules/swift/coding-style.md +3 -3
  105. package/rules/swift/hooks.md +2 -2
  106. package/rules/swift/patterns.md +2 -2
  107. package/rules/swift/security.md +4 -4
  108. package/rules/swift/testing.md +2 -2
  109. package/rules/typescript/coding-style.md +1 -1
  110. package/rules/typescript/hooks.md +1 -1
  111. package/rules/typescript/patterns.md +1 -1
  112. package/rules/typescript/security.md +1 -1
  113. package/rules/typescript/testing.md +1 -1
  114. package/rules/web/coding-style.md +1 -1
  115. package/rules/web/design-quality.md +1 -1
  116. package/rules/web/hooks.md +1 -1
  117. package/rules/web/patterns.md +1 -1
  118. package/rules/web/performance.md +1 -1
  119. package/rules/web/security.md +1 -1
  120. package/rules/web/testing.md +1 -1
  121. package/skills/ai/agent-dev.md +1 -1
  122. package/skills/ai/llm-security.md +1 -1
  123. package/skills/ai/ml-ops.md +6 -6
  124. package/skills/ai/orchestration-workflow.md +1 -1
  125. package/skills/ai/prompt-and-eval.md +1 -1
  126. package/skills/ai/prompt-optimizer.md +13 -13
  127. package/skills/ai/rag-system.md +1 -1
  128. package/skills/architecture/api-design.md +1 -1
  129. package/skills/architecture/caching.md +1 -1
  130. package/skills/architecture/cloud-native.md +1 -1
  131. package/skills/architecture/message-queue.md +1 -1
  132. package/skills/architecture/security-arch.md +1 -1
  133. package/skills/compliance/ai-disclosure.md +1 -1
  134. package/skills/compliance/data-privacy.md +1 -1
  135. package/skills/compliance/license-audit.md +2 -2
  136. package/skills/compliance/regulatory-review.md +1 -1
  137. package/skills/development/cpp.md +1 -1
  138. package/skills/development/go.md +1 -1
  139. package/skills/development/java.md +1 -1
  140. package/skills/development/kotlin.md +9 -9
  141. package/skills/development/mobile-crossplatform.md +13 -13
  142. package/skills/development/python.md +1 -1
  143. package/skills/development/rust.md +1 -1
  144. package/skills/development/shell.md +1 -1
  145. package/skills/development/swift.md +6 -6
  146. package/skills/development/typescript.md +1 -1
  147. package/skills/devops/ci-cd.md +5 -5
  148. package/skills/devops/containerization.md +9 -9
  149. package/skills/devops/cost-optimization.md +1 -1
  150. package/skills/devops/data-engineering.md +2 -2
  151. package/skills/devops/database.md +1 -1
  152. package/skills/devops/dependency-management.md +3 -3
  153. package/skills/devops/devsecops.md +1 -1
  154. package/skills/devops/git-workflow.md +1 -1
  155. package/skills/devops/incident-response.md +18 -18
  156. package/skills/devops/monorepo.md +5 -5
  157. package/skills/devops/observability.md +1 -1
  158. package/skills/devops/performance.md +1 -1
  159. package/skills/devops/testing.md +1 -1
  160. package/skills/docs/adr-workflow.md +2 -2
  161. package/skills/docs/backlog-proposal-workflow.md +1 -1
  162. package/skills/docs/customer-profile-workflow.md +1 -1
  163. package/skills/docs/document-ingest-workflow.md +1 -1
  164. package/skills/docs/evidence-ingest-workflow.md +1 -1
  165. package/skills/docs/init-docs.md +15 -15
  166. package/skills/docs/init-project.md +1 -1
  167. package/skills/docs/prd-workflow.md +3 -3
  168. package/skills/docs/prfaq-workflow.md +1 -1
  169. package/skills/docs/product-intelligence-review.md +1 -1
  170. package/skills/docs/product-intelligence-workflow.md +1 -1
  171. package/skills/docs/product-signal-workflow.md +9 -9
  172. package/skills/docs/research-workflow.md +10 -10
  173. package/skills/docs/runbook-workflow.md +2 -2
  174. package/skills/docs/strategy-workflow.md +3 -3
  175. package/skills/exploration/repo-map.md +11 -11
  176. package/skills/frameworks/django.md +15 -15
  177. package/skills/frameworks/nextjs.md +16 -16
  178. package/skills/frameworks/react.md +12 -12
  179. package/skills/frameworks/spring-boot.md +12 -12
  180. package/skills/frontend-design/accessibility.md +6 -6
  181. package/skills/frontend-design/component-patterns.md +1 -1
  182. package/skills/frontend-design/engineering.md +1 -1
  183. package/skills/frontend-design/state-management.md +1 -1
  184. package/skills/frontend-design/ui-aesthetics.md +1 -1
  185. package/skills/frontend-design/ux-principles.md +1 -1
  186. package/skills/operating/orchestration-reference.md +27 -27
  187. package/skills/quality-gates/review-work.md +3 -3
  188. package/skills/quality-gates/verify-change.md +1 -1
  189. package/skills/quality-gates/verify-module.md +1 -1
  190. package/skills/quality-gates/verify-quality.md +1 -1
  191. package/skills/quality-gates/verify-security.md +1 -1
  192. package/skills/routing.md +14 -14
  193. package/skills/security/blue-team.md +1 -1
  194. package/skills/security/code-audit.md +1 -1
  195. package/skills/security/pentest.md +1 -1
  196. package/skills/security/red-team.md +1 -1
  197. package/skills/security/threat-intel.md +1 -1
  198. package/skills/security/vuln-research.md +1 -1
  199. package/skills/utility/clean-code.md +2 -2
  200. package/templates/docs/changelog-entry.md +1 -1
  201. package/templates/docs/construct_guide.md +13 -13
  202. package/templates/docs/meta-prd.md +16 -16
  203. package/templates/docs/one-pager.md +1 -1
  204. package/templates/docs/prd-business.md +1 -1
  205. package/templates/docs/prd-platform.md +1 -1
  206. package/templates/docs/prd.md +17 -17
  207. package/templates/docs/research-brief.md +8 -8
  208. package/templates/docs/rfc.md +1 -1
  209. package/templates/docs/strategy.md +1 -1
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/kotlin.md Kotlin / Android Development | Scope | Use when |
2
+ skills/development/kotlin.md (Kotlin / Android Development) | Scope | Use when |
3
3
 
4
4
  ## Coroutines & Flows ### Coroutine scope discipline
5
5
  -->
@@ -14,7 +14,7 @@ skills/development/kotlin.md — Kotlin / Android Development — | Scope | Use
14
14
  | `viewModelScope` | ViewModel-bound work; auto-cancelled on clear |
15
15
  | `lifecycleScope` | Fragment/Activity-bound; cancelled on destroy |
16
16
  | `rememberCoroutineScope()` | Compose-scoped; cancelled on composition exit |
17
- | `GlobalScope` | Never uncontrolled lifetime |
17
+ | `GlobalScope` | Never: uncontrolled lifetime |
18
18
 
19
19
  ```kotlin
20
20
  class ItemViewModel(private val repo: ItemRepository) : ViewModel() {
@@ -31,7 +31,7 @@ class ItemViewModel(private val repo: ItemRepository) : ViewModel() {
31
31
 
32
32
  ### Flow operators
33
33
 
34
- - `stateIn(scope, SharingStarted.WhileSubscribed(5_000), initial)` converts cold flow to hot StateFlow for UI consumption
34
+ - `stateIn(scope, SharingStarted.WhileSubscribed(5_000), initial)`: converts cold flow to hot StateFlow for UI consumption
35
35
  - `map`, `filter`, `distinctUntilChanged`, `debounce` for transform chains
36
36
  - `combine` for merging multiple flows
37
37
  - Use `flowOn(Dispatchers.IO)` for upstream CPU/IO work; do not switch dispatchers in the collector
@@ -43,7 +43,7 @@ class ItemViewModel(private val repo: ItemRepository) : ViewModel() {
43
43
  | `Dispatchers.Main` | UI updates |
44
44
  | `Dispatchers.IO` | Network, disk, database |
45
45
  | `Dispatchers.Default` | CPU-intensive work |
46
- | `Dispatchers.Unconfined` | Rarely only in tests |
46
+ | `Dispatchers.Unconfined` | Rarely: only in tests |
47
47
 
48
48
  ## Jetpack Compose
49
49
 
@@ -69,7 +69,7 @@ fun ItemList(items: List<Item>, onDelete: (Item) -> Unit) { ... }
69
69
 
70
70
  - `remember` expensive computations with stable keys
71
71
  - `key(id) { ... }` in lazy lists to preserve item identity
72
- - Avoid unstable lambdas use `remember { { ... } }` or stable function references
72
+ - Avoid unstable lambdas: use `remember { { ... } }` or stable function references
73
73
  - Enable Compose compiler metrics to detect recomposition hot spots
74
74
  - Prefer `LazyColumn` over `Column` for variable-length lists
75
75
 
@@ -134,7 +134,7 @@ Scoping: `@Singleton` for app-scoped, `@ActivityRetainedScoped` for ViewModel-li
134
134
 
135
135
  ## Common Pitfalls
136
136
 
137
- - `collect` in `Fragment.onViewCreated` without `repeatOnLifecycle(STARTED)` causes collection after view destruction
138
- - `StateFlow.value` reads in tests without collecting use `turbine` or `runTest { first() }`
139
- - Leaking `Activity` context into long-lived objects use `applicationContext`
140
- - `LazyColumn` with `items(list)` where `list` is `State<List<...>>` causing full recomposition use `key` param
137
+ - `collect` in `Fragment.onViewCreated` without `repeatOnLifecycle(STARTED)`: causes collection after view destruction
138
+ - `StateFlow.value` reads in tests without collecting: use `turbine` or `runTest { first() }`
139
+ - Leaking `Activity` context into long-lived objects: use `applicationContext`
140
+ - `LazyColumn` with `items(list)` where `list` is `State<List<...>>` causing full recomposition: use `key` param
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/mobile-crossplatform.md Mobile Cross-Platform Development Before choosing a framework, answer:
2
+ skills/development/mobile-crossplatform.md (Mobile Cross-Platform Development) Before choosing a framework, answer:
3
3
 
4
4
  ## Decision Framework: Native vs Cross-Platform Before choosing a framework, answer:
5
5
  -->
@@ -13,11 +13,11 @@ Before choosing a framework, answer:
13
13
  |---|---|---|
14
14
  | Platform-specific APIs needed (ARKit, Health, NFC)? | Yes | No |
15
15
  | Animation fidelity is a differentiator? | Yes | Partial |
16
- | Single team, both platforms? | | Yes |
16
+ | Single team, both platforms? |: | Yes |
17
17
  | Heavy use of platform OS widgets? | Yes | No |
18
- | App is primarily data-display / CRUD? | | Yes |
19
- | Existing web team? | | React Native |
20
- | Existing Kotlin/Swift team? | Native | |
18
+ | App is primarily data-display / CRUD? |: | Yes |
19
+ | Existing web team? |: | React Native |
20
+ | Existing Kotlin/Swift team? | Native |: |
21
21
 
22
22
  ---
23
23
 
@@ -42,7 +42,7 @@ Future<List<Item>> items(ItemsRef ref) async {
42
42
 
43
43
  ### Performance
44
44
 
45
- - `const` constructors everywhere possible eliminates widget rebuilds
45
+ - `const` constructors everywhere possible: eliminates widget rebuilds
46
46
  - `RepaintBoundary` around independently-animated subtrees
47
47
  - Profile with Flutter DevTools → CPU flame chart + widget rebuild tracker
48
48
  - `ListView.builder` for lazy lists; never `ListView(children: [...])` for long lists
@@ -78,8 +78,8 @@ testWidgets('shows items on load', (tester) async {
78
78
  ### New Architecture (React Native 0.74+)
79
79
 
80
80
  Enable the New Architecture by default on new projects. Key changes:
81
- - JSI replaces the async bridge sync native calls
82
- - Fabric replaces the native renderer concurrent React features work correctly
81
+ - JSI replaces the async bridge: sync native calls
82
+ - Fabric replaces the native renderer: concurrent React features work correctly
83
83
  - TurboModules replace native modules
84
84
 
85
85
  ### State & logic sharing with web
@@ -130,11 +130,11 @@ export default function ItemScreen() { ... }
130
130
 
131
131
  ## Common Pitfalls (both frameworks)
132
132
 
133
- - **Deep linking not tested until late** set up universal links / app links in week 1
134
- - **Push notifications complexity** Expo Notifications or Firebase Cloud Messaging; plan for permission states
135
- - **Over-the-air update strategy** define what can be OTA vs what requires App Store review
136
- - **Platform capability divergence** features available on iOS 17+ may be absent on Android 12; maintain a capability matrix
137
- - **Code signing automation** `fastlane match` (iOS) and keystore management (Android) require upfront investment; do it early
133
+ - **Deep linking not tested until late**: set up universal links / app links in week 1
134
+ - **Push notifications complexity**: Expo Notifications or Firebase Cloud Messaging; plan for permission states
135
+ - **Over-the-air update strategy**: define what can be OTA vs what requires App Store review
136
+ - **Platform capability divergence**: features available on iOS 17+ may be absent on Android 12; maintain a capability matrix
137
+ - **Code signing automation**: `fastlane match` (iOS) and keystore management (Android) require upfront investment; do it early
138
138
 
139
139
  ## When to go native anyway
140
140
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/python.md Python Best Practices Use this skill when writing, reviewing, or debugging Python code.
2
+ skills/development/python.md (Python Best Practices) Use this skill when writing, reviewing, or debugging Python code.
3
3
 
4
4
  Use this skill when writing, reviewing, or debugging Python code. ## Project Structure
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/rust.md Rust Best Practices Use this skill when writing, reviewing, or debugging Rust code.
2
+ skills/development/rust.md (Rust Best Practices) Use this skill when writing, reviewing, or debugging Rust code.
3
3
 
4
4
  Use this skill when writing, reviewing, or debugging Rust code. ## Project Structure
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/shell.md Shell Scripting Best Practices Use this skill when writing, reviewing, or debugging Bash, Zsh, or POSIX shell s
2
+ skills/development/shell.md (Shell Scripting Best Practices) Use this skill when writing, reviewing, or debugging Bash, Zsh, or POSIX shell s
3
3
 
4
4
  Use this skill when writing, reviewing, or debugging Bash, Zsh, or POSIX shell scripts. ## Script Header
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/swift.md Swift / iOS Development Swift 6 enforces data-race safety at compile time. Annotate isolation boundary e
2
+ skills/development/swift.md (Swift / iOS Development) Swift 6 enforces data-race safety at compile time. Annotate isolation boundary e
3
3
 
4
4
  ## Concurrency (Swift 6 Strict Concurrency) Swift 6 enforces data-race safety at compile time. Annotate isolation boundary explicitly:
5
5
  -->
@@ -26,7 +26,7 @@ Key rules:
26
26
  - `Sendable` conformance on types crossing isolation boundaries
27
27
  - Prefer `async/await` over completion handlers; avoid mixing the two
28
28
 
29
- Common pitfall: `Task { }` inherits the actor context of its caller do not assume it runs on a background thread.
29
+ Common pitfall: `Task { }` inherits the actor context of its caller: do not assume it runs on a background thread.
30
30
 
31
31
  ## SwiftUI Patterns
32
32
 
@@ -80,7 +80,7 @@ func testFetchReturnsItems() async throws {
80
80
 
81
81
  ### UI tests
82
82
 
83
- Prefer `XCUITest` for critical flows only it is slow and flaky. Supplement with snapshot tests (`swift-snapshot-testing`) for visual regression.
83
+ Prefer `XCUITest` for critical flows only: it is slow and flaky. Supplement with snapshot tests (`swift-snapshot-testing`) for visual regression.
84
84
 
85
85
  ### Test doubles
86
86
 
@@ -119,11 +119,11 @@ View → ViewModel (@MainActor) → Repository (actor) → Network/DB
119
119
 
120
120
  ### The Composable Architecture (TCA)
121
121
 
122
- Use TCA when state fan-out is complex or testability of reducers is a priority. Adds boilerplate evaluate against team familiarity.
122
+ Use TCA when state fan-out is complex or testability of reducers is a priority. Adds boilerplate: evaluate against team familiarity.
123
123
 
124
124
  ## Common Pitfalls
125
125
 
126
- - Do not call `@MainActor` methods from synchronous non-main contexts use `Task { @MainActor in ... }`
126
+ - Do not call `@MainActor` methods from synchronous non-main contexts: use `Task { @MainActor in ... }`
127
127
  - Avoid `DispatchQueue.main.async` in new code; use `await MainActor.run { }` instead
128
- - `@StateObject` vs `@ObservedObject` confusion causes double-initialization bugs `@StateObject` only at the owner
128
+ - `@StateObject` vs `@ObservedObject` confusion causes double-initialization bugs: `@StateObject` only at the owner
129
129
  - `List` with large datasets: use `lazy` loading or pagination; do not load everything into `@State`
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/development/typescript.md TypeScript Best Practices Use this skill when writing, reviewing, or debugging TypeScript or JavaScript co
2
+ skills/development/typescript.md (TypeScript Best Practices) Use this skill when writing, reviewing, or debugging TypeScript or JavaScript co
3
3
 
4
4
  Use this skill when writing, reviewing, or debugging TypeScript or JavaScript code. ## Project Structure
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/ci-cd.md CI/CD Use this skill when designing, debugging, or optimizing CI/CD pipelines.
2
+ skills/devops/ci-cd.md (CI/CD) Use this skill when designing, debugging, or optimizing CI/CD pipelines.
3
3
 
4
4
  Use this skill when designing, debugging, or optimizing CI/CD pipelines. ## Pipeline Stages
5
5
  -->
@@ -11,12 +11,12 @@ Use this skill when designing, debugging, or optimizing CI/CD pipelines.
11
11
 
12
12
  | Stage | Purpose | Tools | Failure Policy |
13
13
  |---|---|---|---|
14
- | Build | Compile, lint, typecheck | tsc, eslint, cargo check, go vet | Fail fast block all downstream stages |
14
+ | Build | Compile, lint, typecheck | tsc, eslint, cargo check, go vet | Fail fast: block all downstream stages |
15
15
  | Test | Unit → integration → e2e | Jest, Pytest, go test, Playwright | Fail on any; parallelize within stage |
16
16
  | Security Scan | SAST, dep audit, secrets detection | Semgrep, CodeQL, Trivy, gitleaks | Block on CRITICAL/HIGH; warn on MEDIUM |
17
17
  | Deploy | Promote artifact through environments | GitHub Actions, ArgoCD, Helm | Gate on all prior stages passing |
18
18
 
19
- Always run lint and typecheck before tests they are faster and catch more errors per second of CI time.
19
+ Always run lint and typecheck before tests: they are faster and catch more errors per second of CI time.
20
20
 
21
21
  ## GitHub Actions
22
22
 
@@ -94,14 +94,14 @@ Never auto-deploy to production without a passing security scan and at least one
94
94
 
95
95
  - Store secrets in the platform's encrypted secret store (GitHub Actions Secrets, GitLab CI Variables).
96
96
  - Never hardcode secrets in workflow files or Dockerfiles.
97
- - Mask secrets in logs CI platforms do this automatically for registered secrets; verify it works before relying on it.
97
+ - Mask secrets in logs: CI platforms do this automatically for registered secrets; verify it works before relying on it.
98
98
  - Rotate any secret immediately after a potential exposure; treat "may have leaked" the same as "did leak".
99
99
  - Use OIDC-based short-lived tokens (GitHub OIDC → AWS/GCP/Azure) over long-lived service account keys wherever the cloud provider supports it.
100
100
 
101
101
  ## Speed Optimization
102
102
 
103
103
  - Cache dependency layers keyed to lock file hash; a clean install on every run is a CI antipattern.
104
- - Run lint and typecheck first they fail fast and cost less than a full test suite.
104
+ - Run lint and typecheck first: they fail fast and cost less than a full test suite.
105
105
  - Split slow test suites across workers using matrix or `--shard` flags (Vitest, Jest, Playwright all support sharding).
106
106
  - Parallelize independent test files; do not serialize unit tests.
107
107
  - In monorepos, run only affected packages: `turbo run test --filter=[HEAD^1]` or `nx affected --target=test`.
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/containerization.md Containerization Use this skill when writing Dockerfiles, optimizing image size, or securing cont
2
+ skills/devops/containerization.md (Containerization) Use this skill when writing Dockerfiles, optimizing image size, or securing cont
3
3
 
4
4
  Use this skill when writing Dockerfiles, optimizing image size, or securing container builds. ## Multi-Stage Builds
5
5
  -->
@@ -26,14 +26,14 @@ COPY --from=builder /app/node_modules ./node_modules
26
26
  ```
27
27
 
28
28
  Runtime base image selection:
29
- - `gcr.io/distroless/nodejs20-debian12` no shell, no package manager, smallest attack surface for Node.
30
- - `node:20-alpine` shell available for debugging; use when distroless breaks scripts.
31
- - `scratch` static binaries only (Go, Rust with `musl`).
29
+ - `gcr.io/distroless/nodejs20-debian12`: no shell, no package manager, smallest attack surface for Node.
30
+ - `node:20-alpine`: shell available for debugging; use when distroless breaks scripts.
31
+ - `scratch`: static binaries only (Go, Rust with `musl`).
32
32
  - Never use `debian`, `ubuntu`, or `node:20` (Debian-based) as a production runtime base; they carry thousands of unnecessary packages.
33
33
 
34
34
  ## Layer Caching
35
35
 
36
- Order layers by change frequency least-changed first:
36
+ Order layers by change frequency: least-changed first:
37
37
 
38
38
  1. Base OS packages (`RUN apk add ...`)
39
39
  2. App dependencies (`COPY package*.json ./` then `RUN npm ci`)
@@ -54,7 +54,7 @@ RUN apk add --no-cache curl git && \
54
54
  rm -rf /var/cache/apk/*
55
55
  ```
56
56
 
57
- Never put cache cleanup in a separate `RUN` it creates a new layer that does not reclaim space from the previous layer.
57
+ Never put cache cleanup in a separate `RUN`: it creates a new layer that does not reclaim space from the previous layer.
58
58
 
59
59
  ## Security
60
60
 
@@ -67,7 +67,7 @@ Never put cache cleanup in a separate `RUN` — it creates a new layer that does
67
67
  | No `apt-get upgrade` | Pin the base image digest instead; `upgrade` produces non-reproducible layers |
68
68
  | Read-only filesystem | Pass `--read-only` at runtime; mount writable tmpfs only for paths that need writes |
69
69
 
70
- Never use `ADD` with a URL it bypasses layer caching in unpredictable ways and cannot be verified. Use `COPY` for local files and `curl` + checksum verification for remote files.
70
+ Never use `ADD` with a URL: it bypasses layer caching in unpredictable ways and cannot be verified. Use `COPY` for local files and `curl` + checksum verification for remote files.
71
71
 
72
72
  ## Image Scanning
73
73
 
@@ -94,7 +94,7 @@ HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
94
94
 
95
95
  Use an HTTP endpoint for web services. Use a process check (`pgrep`) only for non-HTTP workloads.
96
96
 
97
- Kubernetes uses separate liveness, readiness, and startup probes configure those in the deployment manifest, not in the Dockerfile. The Docker `HEALTHCHECK` is relevant for `docker run` and Docker Compose only.
97
+ Kubernetes uses separate liveness, readiness, and startup probes: configure those in the deployment manifest, not in the Dockerfile. The Docker `HEALTHCHECK` is relevant for `docker run` and Docker Compose only.
98
98
 
99
99
  ## Size Optimization
100
100
 
@@ -102,5 +102,5 @@ Kubernetes uses separate liveness, readiness, and startup probes — configure t
102
102
  - `--no-install-recommends` with `apt-get install` eliminates suggested packages.
103
103
  - Always clean package manager caches in the same `RUN` layer as the install command.
104
104
  - Use `COPY --chown=app:app` instead of a separate `RUN chown` to avoid a wasted layer.
105
- - Multi-stage builds remove all build tools, source files, and intermediate artifacts automatically they are the single highest-impact size reduction technique.
105
+ - Multi-stage builds remove all build tools, source files, and intermediate artifacts automatically: they are the single highest-impact size reduction technique.
106
106
  - For Go and Rust, build a statically linked binary (`CGO_ENABLED=0` for Go, `musl` target for Rust) and copy it into `scratch` or distroless for a final image under 20 MB.
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/cost-optimization.md Cloud Cost Optimization Use this skill when reducing cloud spend, right-sizing resources, or implementin
2
+ skills/devops/cost-optimization.md (Cloud Cost Optimization) Use this skill when reducing cloud spend, right-sizing resources, or implementin
3
3
 
4
4
  Use this skill when reducing cloud spend, right-sizing resources, or implementing FinOps practices. ## Cost Visibility
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/data-engineering.md Data Engineering 1. **Idempotency**: pipelines can run multiple times without duplicating data
2
+ skills/devops/data-engineering.md (Data Engineering) 1. **Idempotency**: pipelines can run multiple times without duplicating data
3
3
 
4
4
  ## Core Principles 1. **Idempotency**: pipelines can run multiple times without duplicating data
5
5
  -->
@@ -59,7 +59,7 @@ stream = env \
59
59
  env.execute("Orders Streaming Pipeline")
60
60
  ```
61
61
 
62
- Watermarks define event-time handling for late-arriving events configure based on source latency SLA.
62
+ Watermarks define event-time handling for late-arriving events: configure based on source latency SLA.
63
63
 
64
64
  ## Data Modeling
65
65
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/database.md Database Patterns Use this skill when designing schemas, writing migrations, optimizing queries, o
2
+ skills/devops/database.md (Database Patterns) Use this skill when designing schemas, writing migrations, optimizing queries, o
3
3
 
4
4
  Use this skill when designing schemas, writing migrations, optimizing queries, or selecting databases. ## Schema Design
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/dependency-management.md Dependency Management Use this skill when managing package upgrades, resolving CVEs, or establishing l
2
+ skills/devops/dependency-management.md (Dependency Management) Use this skill when managing package upgrades, resolving CVEs, or establishing l
3
3
 
4
4
  Use this skill when managing package upgrades, resolving CVEs, or establishing lock file and versioning policy. ## Lock File Hygiene
5
5
  -->
@@ -11,7 +11,7 @@ Use this skill when managing package upgrades, resolving CVEs, or establishing l
11
11
 
12
12
  - Always commit lock files: `package-lock.json`, `yarn.lock`, `pnpm-lock.yaml`, `go.sum`, `Cargo.lock`.
13
13
  - Never delete and regenerate a lock file without reviewing the full diff; regeneration silently upgrades all transitive dependencies.
14
- - Review lock file diffs in PRs for unexpected transitive version changes these are where supply chain attacks hide.
14
+ - Review lock file diffs in PRs for unexpected transitive version changes: these are where supply chain attacks hide.
15
15
  - Do not add lock files to `.gitignore`; they are the reproducibility contract for the build.
16
16
  - A PR that changes only the lock file (no `package.json` change) warrants careful scrutiny.
17
17
 
@@ -22,7 +22,7 @@ Use this skill when managing package upgrades, resolving CVEs, or establishing l
22
22
  | Dependabot | Daily/weekly schedule | One PR per package by default; group with `groups:` config | Patch: auto-merge if CI passes. Minor: batch weekly, manual review. Major: manual always. |
23
23
  | Renovate | Configurable schedule | Group by ecosystem, semver range, or custom regex via `packageRules` | Auto-merge patch and minor with passing CI; use `stabilityDays: 3` to avoid merging on day of release |
24
24
 
25
- Prefer Renovate for complex repos its `rangeStrategy`, `grouping`, `stabilityDays`, and `automerge` controls are more expressive than Dependabot's.
25
+ Prefer Renovate for complex repos: its `rangeStrategy`, `grouping`, `stabilityDays`, and `automerge` controls are more expressive than Dependabot's.
26
26
 
27
27
  Always require CI to pass before any auto-merge. Never auto-merge major version bumps.
28
28
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/devsecops.md DevSecOps Use this skill when integrating security into CI/CD pipelines, managing supply c
2
+ skills/devops/devsecops.md (DevSecOps) Use this skill when integrating security into CI/CD pipelines, managing supply c
3
3
 
4
4
  Use this skill when integrating security into CI/CD pipelines, managing supply chain risk, or automating security scanning. ## Pipeline Security Stages
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/git-workflow.md Git Workflow Use this skill when establishing branching strategies, commit conventions, or co
2
+ skills/devops/git-workflow.md (Git Workflow) Use this skill when establishing branching strategies, commit conventions, or co
3
3
 
4
4
  Use this skill when establishing branching strategies, commit conventions, or code integration practices. ## Branching Strategies
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/incident-response.md Incident Response | Sev | User impact | Response time | Example |
2
+ skills/devops/incident-response.md (Incident Response) | Sev | User impact | Response time | Example |
3
3
 
4
4
  ## Severity Levels | Sev | User impact | Response time | Example |
5
5
  -->
@@ -14,7 +14,7 @@ skills/devops/incident-response.md — Incident Response — | Sev | User impact
14
14
  | **P2** | Significant degradation, partial outage | < 1 hour | Elevated error rate, slow responses |
15
15
  | **P3** | Minor impact, workaround available | Best effort / next business day | Single user affected, cosmetic |
16
16
 
17
- Define severity in your runbook and assign it early it determines escalation and comms cadence.
17
+ Define severity in your runbook and assign it early: it determines escalation and comms cadence.
18
18
 
19
19
  ## The Response Loop
20
20
 
@@ -36,9 +36,9 @@ Healthy detection requires:
36
36
  Declare an incident early, even if uncertain. It is easier to downgrade than to delay comms.
37
37
 
38
38
  1. Create incident channel: `#incident-YYYY-MM-DD-brief-description`
39
- 2. Assign **Incident Commander (IC)** one person owns the call and all decisions
40
- 3. Assign **Scribe** records timeline, decisions, actions in real time
41
- 4. Assign **Comms Lead** status page updates and stakeholder notifications
39
+ 2. Assign **Incident Commander (IC)**: one person owns the call and all decisions
40
+ 3. Assign **Scribe**: records timeline, decisions, actions in real time
41
+ 4. Assign **Comms Lead**: status page updates and stakeholder notifications
42
42
 
43
43
  ### Triage
44
44
 
@@ -53,14 +53,14 @@ IC asks: **"What is the user impact and is it getting better or worse?"**
53
53
 
54
54
  Use `git log --since="2 hours ago"` and deployment logs to find the change vector.
55
55
 
56
- ### Mitigate (not root cause stop the bleeding first)
56
+ ### Mitigate (not root cause: stop the bleeding first)
57
57
 
58
58
  Mitigation options in priority order:
59
- 1. **Rollback** fastest if a recent deploy is the cause
60
- 2. **Feature flag off** disable the failing feature
61
- 3. **Traffic shift** route to a healthy region or canary
62
- 4. **Scale up** if resource exhaustion is the cause
63
- 5. **Restart** for stuck processes (last resort often hides root cause)
59
+ 1. **Rollback**: fastest if a recent deploy is the cause
60
+ 2. **Feature flag off**: disable the failing feature
61
+ 3. **Traffic shift**: route to a healthy region or canary
62
+ 4. **Scale up**: if resource exhaustion is the cause
63
+ 5. **Restart** (for stuck processes (last resort) often hides root cause)
64
64
 
65
65
  Do NOT wait for a perfect fix. Mitigate first, fix properly after users are unblocked.
66
66
 
@@ -107,12 +107,12 @@ Write the post-mortem within 48 hours while memory is fresh.
107
107
 
108
108
  ### Required sections
109
109
 
110
- 1. **Summary** 3-sentence description of what happened, impact, and resolution
111
- 2. **Timeline** chronological log with timestamps
112
- 3. **Root cause(s)** use 5-whys to reach systemic causes, not surface symptoms
113
- 4. **Contributing factors** process/tooling gaps that allowed the issue
114
- 5. **What went well** detection worked, rollback was fast, etc.
115
- 6. **Action items** concrete, assigned, time-bounded; not vague recommendations
110
+ 1. **Summary**: 3-sentence description of what happened, impact, and resolution
111
+ 2. **Timeline**: chronological log with timestamps
112
+ 3. **Root cause(s)**: use 5-whys to reach systemic causes, not surface symptoms
113
+ 4. **Contributing factors**: process/tooling gaps that allowed the issue
114
+ 5. **What went well**: detection worked, rollback was fast, etc.
115
+ 6. **Action items**: concrete, assigned, time-bounded; not vague recommendations
116
116
 
117
117
  ### 5-Whys example
118
118
 
@@ -129,7 +129,7 @@ Action: Add query plan check to PR template + CI gate for slow queries
129
129
 
130
130
  ### Blameless culture
131
131
 
132
- The post-mortem finds systemic failures, not individual errors. A person took an action that made sense given the information and tools available at the time the question is why the system allowed that action to cause an outage.
132
+ The post-mortem finds systemic failures, not individual errors. A person took an action that made sense given the information and tools available at the time: the question is why the system allowed that action to cause an outage.
133
133
 
134
134
  ## Runbook Template
135
135
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/monorepo.md Monorepo Use this skill when selecting monorepo tooling, structuring packages, or optimiz
2
+ skills/devops/monorepo.md (Monorepo) Use this skill when selecting monorepo tooling, structuring packages, or optimiz
3
3
 
4
4
  Use this skill when selecting monorepo tooling, structuring packages, or optimizing affected-only builds. ## Tool Selection
5
5
  -->
@@ -32,12 +32,12 @@ packages/
32
32
  auth/
33
33
  ```
34
34
 
35
- Keep `apps/` for deployable surfaces and `packages/` for everything importable. Never put deployable entrypoints inside `packages/`. Config packages (`packages/config/`) centralise tooling setup each app/package extends rather than duplicates.
35
+ Keep `apps/` for deployable surfaces and `packages/` for everything importable. Never put deployable entrypoints inside `packages/`. Config packages (`packages/config/`) centralise tooling setup: each app/package extends rather than duplicates.
36
36
 
37
37
  ## Package Boundaries
38
38
 
39
39
  - One package per domain or product surface (`packages/billing`, `packages/auth`, `apps/web`, `apps/api`).
40
- - Place shared utilities in `packages/utils` or `packages/shared` never in an app package.
40
+ - Place shared utilities in `packages/utils` or `packages/shared`: never in an app package.
41
41
  - Never import directly from one `apps/` package to another `apps/` package; extract shared code to `packages/`.
42
42
  - Each package exposes its public API through a single `index.ts` barrel file; internal modules are private.
43
43
  - Enforce boundaries with Nx `@nrwl/enforce-module-boundaries` lint rules or ESLint's `import/no-restricted-paths`.
@@ -56,7 +56,7 @@ nx affected --target=build --base=origin/main
56
56
  nx affected --target=test --base=origin/main
57
57
  ```
58
58
 
59
- Both tools build a change graph from the dependency tree. A change to `packages/utils` marks every downstream package as affected. Only affected packages run in CI unaffected packages use cached results.
59
+ Both tools build a change graph from the dependency tree. A change to `packages/utils` marks every downstream package as affected. Only affected packages run in CI: unaffected packages use cached results.
60
60
 
61
61
  CI integration: set `--base` to the merge base of the PR branch (`origin/main` or `$(git merge-base HEAD origin/main)`), not `HEAD^1`, to correctly identify all changed files in the PR.
62
62
 
@@ -82,6 +82,6 @@ Generate changelogs automatically from changeset files; do not write changelogs
82
82
  ## CI Optimization
83
83
 
84
84
  - Cache `.turbo` or Nx's default cache directory (`node_modules/.cache/nx`) between CI runs, keyed to the lock file hash.
85
- - Enable remote caching (Turborepo Remote Cache, Nx Cloud) for team environments local caches do not transfer between CI runners.
85
+ - Enable remote caching (Turborepo Remote Cache, Nx Cloud) for team environments: local caches do not transfer between CI runners.
86
86
  - Run `turbo prune --scope=<app>` to generate a minimal lockfile subset for Docker builds of individual apps.
87
87
  - Gate PR merges on `affected` tests, not the full suite, to keep CI under 10 minutes for large repos.
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/observability.md Observability Use this skill when designing logging, tracing, metrics, or alerting systems.
2
+ skills/devops/observability.md (Observability) Use this skill when designing logging, tracing, metrics, or alerting systems.
3
3
 
4
4
  Use this skill when designing logging, tracing, metrics, or alerting systems. ## Three Pillars
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/performance.md Performance Engineering Use this skill when profiling, load testing, or optimizing application and infra
2
+ skills/devops/performance.md (Performance Engineering) Use this skill when profiling, load testing, or optimizing application and infra
3
3
 
4
4
  Use this skill when profiling, load testing, or optimizing application and infrastructure performance. ## Performance Targets
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/devops/testing.md Testing Strategy Use this skill when planning test coverage, selecting test types, or establishin
2
+ skills/devops/testing.md (Testing Strategy) Use this skill when planning test coverage, selecting test types, or establishin
3
3
 
4
4
  Use this skill when planning test coverage, selecting test types, or establishing testing practices. ## Test Pyramid
5
5
  -->
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/docs/adr-workflow.md Workflow for recording an architectural decision as an ADR.
2
+ skills/docs/adr-workflow.md: Workflow for recording an architectural decision as an ADR.
3
3
 
4
4
  Triggered when cx-architect finalizes a design or a technology choice is made. Writes a
5
5
  full ADR to docs/adr/ using the shipped template (user-overridable via .cx/templates/docs/adr.md)
@@ -18,7 +18,7 @@ Use when: an architectural decision is made that affects the system structure, d
18
18
  ## Steps
19
19
 
20
20
  1. **cx-architect** or **cx-engineer** identifies the decision
21
- 2. **Write to `docs/adr/ADR-{NNN}-{slug}.md`** using the template from `get_template("adr")` resolves `.cx/templates/docs/adr.md` (override) then `templates/docs/adr.md` (shipped)
21
+ 2. **Write to `docs/adr/ADR-{NNN}-{slug}.md`** using the template from `get_template("adr")`: resolves `.cx/templates/docs/adr.md` (override) then `templates/docs/adr.md` (shipped)
22
22
  - NNN = next sequential number (check existing files)
23
23
  3. **Also write a shorter entry to `.cx/decisions/`** for session context
24
24
  4. **cx-docs-keeper** updates `.cx/context.md` Architecture Notes with a one-line summary and link
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/docs/backlog-proposal-workflow.md Approval-gated issue tracker proposals.
2
+ skills/docs/backlog-proposal-workflow.md: Approval-gated issue tracker proposals.
3
3
  -->
4
4
  # Backlog Proposal Workflow
5
5
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/docs/customer-profile-workflow.md Maintain durable customer/account memory for Product Intelligence.
2
+ skills/docs/customer-profile-workflow.md: Maintain durable customer/account memory for Product Intelligence.
3
3
  -->
4
4
  # Customer Profile Workflow
5
5
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/docs/document-ingest-workflow.md Convert source documents into retrieval-ready markdown artifacts.
2
+ skills/docs/document-ingest-workflow.md: Convert source documents into retrieval-ready markdown artifacts.
3
3
  -->
4
4
  # Document Ingest Workflow
5
5
 
@@ -1,5 +1,5 @@
1
1
  <!--
2
- skills/docs/evidence-ingest-workflow.md Normalize raw product evidence into Construct knowledge artifacts.
2
+ skills/docs/evidence-ingest-workflow.md: Normalize raw product evidence into Construct knowledge artifacts.
3
3
  -->
4
4
  # Evidence Ingest Workflow
5
5