@ibotor/smart-trellis 0.5.23 → 0.5.24

package/dist/templates/common/bundled-skills/trellis-quality-review/references/verification-selection.md

@@ -0,0 +1,81 @@
+# Verification Selection
+
+Use this reference before reporting completion or correctness. The goal is to choose the smallest verification set that gives confidence for the current frontend diff without expanding into unrelated legacy cleanup.
+
+## Core Rule
+
+Verification should match the risk introduced by the current diff:
+
+- Tiny localized UI/copy/style/config changes can use the small-change fast path and diff inspection only.
+- Type, data, state, validation, routing, API, component-boundary, or framework-boundary changes need targeted commands.
+- Full build is reserved for changes that affect bundling, routes/pages, framework config, server/client boundaries, or when lighter checks cannot cover the risk.
+
+Always inspect project scripts and nearby docs/config before inventing commands.
+
+## Command Discovery Order
+
+Prefer project-defined scripts over raw tool invocations:
+
+1. Read `package.json` scripts.
+2. Check project docs or local agent instructions if already relevant to the task.
+3. Check framework config only when needed: `vite.config.*`, `next.config.*`, `tsconfig*.json`, `eslint.config.*`, `.eslintrc*`, `vitest.config.*`, `jest.config.*`, `playwright.config.*`.
+4. Prefer the package manager already used by the project: lockfiles and scripts reveal `pnpm`, `npm`, `yarn`, or `bun`.
+
+Do not add dependencies or modify configs just to run verification.
+
+## Selection Matrix
+
+| Diff signal | Verification default |
+| --- | --- |
+| Small-change fast path | Diff inspection only; no broad lint/typecheck/test/build by default |
+| `.vue` template/script/style changes | Project lint plus Vue/typecheck script when available, such as `vue-tsc` or `typecheck` |
+| Vue props/emits/composable/store changes | Typecheck plus targeted tests if present |
+| React/TSX component changes | Project lint plus TypeScript check when available |
+| Next.js route/page/server-client boundary changes | Lint/typecheck plus build when boundary or route behavior risk is meaningful |
+| Type definitions or shared contracts changed | Typecheck; targeted tests for consumers when present |
+| Form validation, data mapping, formatter, parser, permission logic | Targeted unit tests; typecheck if TypeScript is involved |
+| API call shape or request/response mapping changed | Typecheck plus targeted integration/unit tests if available |
+| Styling-only but not fast-path | Scoped lint/style check if project has one; otherwise diff inspection plus optional visual/manual note |
+| Suspicious added debug/type-suppression lines fixed | Re-run the scan or scoped lint that would catch the issue |
+| Formatter conflict | Prefer scoped lint with formatting rules disabled when preserving scope; report the conflict |
+
+## Running Strategy
+
+1. Start with the narrowest command that covers the changed files or feature.
+2. Prefer targeted tests over full test suites when a clear target exists.
+3. Run full lint/typecheck/build only when the diff risk justifies it or project scripts are fast and standard.
+4. If a command is unavailable, do not invent a replacement blindly; report that no matching script was found.
+5. If the user explicitly asked to skip verification, skip it and report that instruction.
+
+## Failure Handling
+
+When a command fails:
+
+1. Read the output and identify the failing file or test.
+2. Decide whether the failure is related to the current diff.
+3. If related, fix within scope and rerun the relevant command.
+4. If unrelated or historical, do not expand scope; report it under Notes with evidence.
+5. Do not claim verification passed if any required command failed.
+6. If partial verification passed, say exactly which commands passed and which failed.
+
+## Final Report Evidence
+
+In the `Verified` section, include:
+
+- exact command
+- exit status
+- short result summary
+- if skipped, the explicit reason
+
+Examples:
+
+```text
+Verified:
+- `pnpm lint -- src/pages/Settings.vue` exited 0.
+- `pnpm vue-tsc --noEmit` exited 1 due to pre-existing errors in src/legacy/*; no errors referenced the touched files.
+```
+
+```text
+Verified:
+- Used small-change fast path: skipped lint/typecheck/test/build because only one table column width changed and diff inspection confirmed scope.
+```

package/dist/templates/common/bundled-skills/trellis-quality-review/scripts/diff_scans.sh

@@ -0,0 +1,145 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+mode="base"
+base_ref="HEAD"
+json=0
+files_only=0
+
+usage() {
+  cat <<'EOF'
+Usage: diff_scans.sh [--base REF] [--cached] [--files] [--json]
+
+Modes:
+  --base REF   Scan git diff against REF. Defaults to HEAD.
+  --cached     Scan staged changes.
+  --files      Only print changed frontend files.
+  --json       Print a JSON summary instead of sectioned text.
+  -h, --help   Show this help.
+EOF
+}
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --base)
+      mode="base"
+      base_ref="${2:?--base requires a ref}"
+      shift 2
+      ;;
+    --cached|--staged)
+      mode="cached"
+      shift
+      ;;
+    --files)
+      files_only=1
+      shift
+      ;;
+    --json)
+      json=1
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      mode="base"
+      base_ref="$1"
+      shift
+      ;;
+  esac
+done
+
+frontend_globs=(-- '*.vue' '*.ts' '*.tsx' '*.jsx' '*.js' '*.css' '*.scss')
+code_globs=(-- '*.vue' '*.ts' '*.tsx' '*.jsx' '*.js')
+
+git_diff() {
+  if [[ "$mode" == "cached" ]]; then
+    git diff --cached "$@"
+  else
+    git diff "$base_ref" "$@"
+  fi
+}
+
+diff_label() {
+  if [[ "$mode" == "cached" ]]; then
+    echo "--cached"
+  else
+    echo "$base_ref"
+  fi
+}
+
+json_array() {
+  python3 -c 'import json,sys; print(json.dumps(sys.stdin.read().splitlines()))'
+}
+
+json_string() {
+  python3 -c 'import json,sys; print(json.dumps(sys.stdin.read()))'
+}
+
+changed_files() {
+  git_diff --name-only --diff-filter=ACMRTUXB "${frontend_globs[@]}" || true
+}
+
+scan() {
+  local title="$1"
+  local pattern="$2"
+  shift 2
+  echo
+  echo "== $title =="
+  git_diff -U0 "$@" | rg "$pattern" || true
+}
+
+if [[ "$files_only" -eq 1 && "$json" -eq 0 ]]; then
+  changed_files
+  exit 0
+fi
+
+if [[ "$json" -eq 1 ]]; then
+  files="$(changed_files)"
+  suspicious="$(git_diff -U0 "${code_globs[@]}" | rg '^\+[^+].*(eslint-disable|@ts-ignore|@ts-expect-error|console\.log|debugger|TODO|FIXME)' || true)"
+  ts_risks="$(git_diff -U0 "${code_globs[@]}" | rg '^\+[^+].*(:\s*any\b|as\s+any\b|as\s+unknown\s+as|!\.|\w!\b)' || true)"
+  vue_risks="$(git_diff -U0 -- '*.vue' | rg '^\+[^+].*(v-model:|watch\s*\([^\n]*deep\s*:\s*true|defineProps\([^\n]*\)\.[A-Za-z_$][\w$]*\s*=)' || true)"
+  react_next_risks="$(git_diff -U0 "${code_globs[@]}" | rg '^\+[^+].*(use client|dangerouslySetInnerHTML|window\.|document\.|localStorage\.|sessionStorage\.)' || true)"
+  copy_changes="$(git_diff -U0 "${code_globs[@]}" | rg '^[+-][^+-].*(label|title|placeholder|help|message|Radio|Checkbox|Button|Tooltip|content|confirmText|cancelText|text-|aria-label|alt=|请选择|请输入|验证|账户|服务商|域名|说明|提示)' || true)"
+
+  printf '{\n'
+  printf '  "mode": %s,\n' "$(printf '%s' "$(diff_label)" | json_string)"
+  printf '  "changed_files": %s,\n' "$(printf '%s' "$files" | json_array)"
+  printf '  "suspicious_patterns": %s,\n' "$(printf '%s' "$suspicious" | json_array)"
+  printf '  "typescript_risks": %s,\n' "$(printf '%s' "$ts_risks" | json_array)"
+  printf '  "vue_risks": %s,\n' "$(printf '%s' "$vue_risks" | json_array)"
+  printf '  "react_next_risks": %s,\n' "$(printf '%s' "$react_next_risks" | json_array)"
+  printf '  "potential_copy_changes": %s\n' "$(printf '%s' "$copy_changes" | json_array)"
+  printf '}\n'
+  exit 0
+fi
+
+label="$(diff_label)"
+
+echo "== Diff scan mode =="
+echo "$label"
+
+echo
+echo "== Changed frontend files =="
+changed_files
+
+scan "Added-line suspicious patterns" '^\+[^+].*(eslint-disable|@ts-ignore|@ts-expect-error|console\.log|debugger|TODO|FIXME)' "${code_globs[@]}"
+
+scan "TypeScript risk patterns on added lines" '^\+[^+].*(:\s*any\b|as\s+any\b|as\s+unknown\s+as|!\.|\w!\b)' "${code_globs[@]}"
+
+scan "Vue risk patterns on added lines" '^\+[^+].*(v-model:|watch\s*\([^\n]*deep\s*:\s*true|defineProps\([^\n]*\)\.[A-Za-z_$][\w$]*\s*=)' -- '*.vue'
+
+scan "React/Next/browser-boundary risk patterns on added lines" '^\+[^+].*(use client|dangerouslySetInnerHTML|window\.|document\.|localStorage\.|sessionStorage\.)' "${code_globs[@]}"
+
+scan "Potential copy/accessibility text changes" '^[+-][^+-].*(label|title|placeholder|help|message|Radio|Checkbox|Button|Tooltip|content|confirmText|cancelText|text-|aria-label|alt=|请选择|请输入|验证|账户|服务商|域名|说明|提示)' "${code_globs[@]}"
+
+echo
+echo "== Formatting check hint =="
+echo "For each modified existing file, compare:"
+echo "  git diff $label -- path/to/file"
+if [[ "$mode" == "cached" ]]; then
+  echo "  git diff --cached -w -- path/to/file"
+else
+  echo "  git diff -w $base_ref -- path/to/file"
+fi

package/dist/templates/common/bundled-skills/verification-before-completion/SKILL.md

@@ -0,0 +1,139 @@
+---
+name: verification-before-completion
+description: Use when about to claim work is complete, fixed, or passing, before committing or creating PRs - requires running verification commands and confirming output before making any success claims; evidence before assertions always
+---
+
+# Verification Before Completion
+
+## Overview
+
+Claiming work is complete without verification is dishonesty, not efficiency.
+
+**Core principle:** Evidence before claims, always.
+
+**Violating the letter of this rule is violating the spirit of this rule.**
+
+## The Iron Law
+
+```
+NO COMPLETION CLAIMS WITHOUT FRESH VERIFICATION EVIDENCE
+```
+
+If you haven't run the verification command in this message, you cannot claim it passes.
+
+## The Gate Function
+
+```
+BEFORE claiming any status or expressing satisfaction:
+
+1. IDENTIFY: What command proves this claim?
+2. RUN: Execute the FULL command (fresh, complete)
+3. READ: Full output, check exit code, count failures
+4. VERIFY: Does output confirm the claim?
+   - If NO: State actual status with evidence
+   - If YES: State claim WITH evidence
+5. ONLY THEN: Make the claim
+
+Skip any step = lying, not verifying
+```
+
+## Common Failures
+
+| Claim | Requires | Not Sufficient |
+|-------|----------|----------------|
+| Tests pass | Test command output: 0 failures | Previous run, "should pass" |
+| Linter clean | Linter output: 0 errors | Partial check, extrapolation |
+| Build succeeds | Build command: exit 0 | Linter passing, logs look good |
+| Bug fixed | Test original symptom: passes | Code changed, assumed fixed |
+| Regression test works | Red-green cycle verified | Test passes once |
+| Agent completed | VCS diff shows changes | Agent reports "success" |
+| Requirements met | Line-by-line checklist | Tests passing |
+
+## Red Flags - STOP
+
+- Using "should", "probably", "seems to"
+- Expressing satisfaction before verification ("Great!", "Perfect!", "Done!", etc.)
+- About to commit/push/PR without verification
+- Trusting agent success reports
+- Relying on partial verification
+- Thinking "just this once"
+- Tired and wanting work over
+- **ANY wording implying success without having run verification**
+
+## Rationalization Prevention
+
+| Excuse | Reality |
+|--------|---------|
+| "Should work now" | RUN the verification |
+| "I'm confident" | Confidence ≠ evidence |
+| "Just this once" | No exceptions |
+| "Linter passed" | Linter ≠ compiler |
+| "Agent said success" | Verify independently |
+| "I'm tired" | Exhaustion ≠ excuse |
+| "Partial check is enough" | Partial proves nothing |
+| "Different words so rule doesn't apply" | Spirit over letter |
+
+## Key Patterns
+
+**Tests:**
+```
+✅ [Run test command] [See: 34/34 pass] "All tests pass"
+❌ "Should pass now" / "Looks correct"
+```
+
+**Regression tests (TDD Red-Green):**
+```
+✅ Write → Run (pass) → Revert fix → Run (MUST FAIL) → Restore → Run (pass)
+❌ "I've written a regression test" (without red-green verification)
+```
+
+**Build:**
+```
+✅ [Run build] [See: exit 0] "Build passes"
+❌ "Linter passed" (linter doesn't check compilation)
+```
+
+**Requirements:**
+```
+✅ Re-read plan → Create checklist → Verify each → Report gaps or completion
+❌ "Tests pass, phase complete"
+```
+
+**Agent delegation:**
+```
+✅ Agent reports success → Check VCS diff → Verify changes → Report actual state
+❌ Trust agent report
+```
+
+## Why This Matters
+
+From 24 failure memories:
+- your human partner said "I don't believe you" - trust broken
+- Undefined functions shipped - would crash
+- Missing requirements shipped - incomplete features
+- Time wasted on false completion → redirect → rework
+- Violates: "Honesty is a core value. If you lie, you'll be replaced."
+
+## When To Apply
+
+**ALWAYS before:**
+- ANY variation of success/completion claims
+- ANY expression of satisfaction
+- ANY positive statement about work state
+- Committing, PR creation, task completion
+- Moving to next task
+- Delegating to agents
+
+**Rule applies to:**
+- Exact phrases
+- Paraphrases and synonyms
+- Implications of success
+- ANY communication suggesting completion/correctness
+
+## The Bottom Line
+
+**No shortcuts for verification.**
+
+Run the command. Read the output. THEN claim the result.
+
+This is non-negotiable.

package/dist/templates/common/commands/micro-task.md

@@ -0,0 +1,33 @@
+# 微型快速任务
+
+这是一个小改动快速通道。用户触发 `/trellis Micro Task`、`micro-task`
+或“微型快速任务”时，按本指令执行；不要创建 Trellis task，不进入完整
+Plan → Execute → Finish 流程，也不要默认派发 sub-agent。
+
+## 默认执行顺序
+
+1. 加载 `trellis-dev-preflight`，让它完成范围锁定和验证计划。
+2. 读取与当前需求直接相关的文件上下文。
+3. 必要时加载领域 skill，例如 Vue 任务加载 `vue-best-practices`，React
+   或 Next.js 任务加载 `vercel-react-best-practices`。
+4. 直接定位并实现，保持最小 diff。
+5. 运行最小必要验证；优先 scoped lint、typecheck、相关测试或必要的手动检查。
+6. 加载 `verification-before-completion`，基于新鲜验证证据再做完成声明。
+7. 简短总结：说明改了什么、验证了什么、是否存在历史失败或未验证风险。
+
+## 禁止默认触发
+
+微型任务默认禁止触发重型规划、分支、sub-agent 或 code review 流程，包括：
+
+- Superpowers: `brainstorming`、`writing-plans`、`using-git-worktrees`、
+  `subagent-driven-development`、`requesting-code-review`
+- Trellis: `trellis-brainstorm`、`trellis-before-dev`、`trellis-check`、
+  `trellis-continue`、`trellis-finish-work`、`trellis-quality-review`
+
+只有当用户明确要求，或当前任务已经不再是微型任务时，才切换到对应流程。
+
+## 降级规则
+
+如果实现前发现任务涉及多模块设计、接口契约变更、大范围重构、复杂测试策略、
+多轮需求澄清，或无法在当前范围内安全完成，停止微型通道并建议改用常规 Trellis
+任务流程。

package/dist/templates/trellis/workflow.md

@@ -155,7 +155,7 @@ Phase 3: Finish  → distill lessons + wrap-up
 [workflow-state:no_task]
 No active task. **A Direct answer** — pure Q&A / explanation / lookup / chat; no file writes + one-line answer + repo reads ≤ 2 files → AI judges, no override needed.
 **B Create a task** — any implementation / code change / build / refactor work. Entry sequence: (1) `python3 ./.trellis/scripts/task.py create "<title>"` to create the task (status=planning, breadcrumb switches to [workflow-state:planning] for brainstorm + jsonl phase guidance) → (2) load `trellis-brainstorm` skill to discuss requirements with the user and iterate on prd.md → (3) once prd is done and jsonl is curated, run `task.py start <task-dir>` to enter [workflow-state:in_progress] for the implementation skeleton. **"It looks small" is NOT grounds for downgrading B to A or C**.
-**C Inline change** (per-turn only, escape hatch for B) — the user's CURRENT message MUST contain one of: "skip trellis" / "no task" / "just do it" / "don't create a task" / "跳过 trellis" / "别走流程" / "小修一下" / "直接改" / "先别建任务" → briefly acknowledge ("ok, skipping trellis flow this turn"), then inline. **Without seeing one of these phrases you must NOT inline on your own**; do not invent an override the user never said.
+**C Inline change** (per-turn only, escape hatch for B) — the user's CURRENT message MUST contain one of: "/trellis Micro Task" / "/trellis:micro-task" / "微型快速任务" / "skip trellis" / "no task" / "just do it" / "don't create a task" / "跳过 trellis" / "别走流程" / "小修一下" / "直接改" / "先别建任务" → briefly acknowledge ("ok, skipping trellis flow this turn"), then inline. **Without seeing one of these phrases you must NOT inline on your own**; do not invent an override the user never said.
 [/workflow-state:no_task]
 
 <!-- Per-turn breadcrumb: shown when there is no active task and

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ibotor/smart-trellis",
-  "version": "0.5.23",
+  "version": "0.5.24",
   "description": "Smart Trellis CLI with project-aware initialization defaults",
   "type": "module",
   "main": "./dist/index.js",