@jigyasudham/veto 0.8.0

package/src/agents/development/database.ts

@@ -0,0 +1,83 @@
+import { AgentPlan, WorkerAgentType } from '../types.js';
+
+type DbType = 'rdbms' | 'nosql' | 'timeseries' | 'graph' | 'general';
+
+function detectDbType(task: string, context?: string): DbType {
+  const combined = (task + ' ' + (context ?? '')).toLowerCase();
+  if (combined.includes('mongo') || combined.includes('document') || combined.includes('dynamodb') || combined.includes('firestore') || combined.includes('nosql')) return 'nosql';
+  if (combined.includes('timeseries') || combined.includes('influx') || combined.includes('prometheus') || combined.includes('clickhouse') || combined.includes('time series')) return 'timeseries';
+  if (combined.includes('graph') || combined.includes('neo4j') || combined.includes('relationship')) return 'graph';
+  if (combined.includes('postgres') || combined.includes('mysql') || combined.includes('sqlite') || combined.includes('sql') || combined.includes('relational')) return 'rdbms';
+  return 'general';
+}
+
+const dbApproach: Record<DbType, string> = {
+  rdbms: 'Design a normalised schema first (3NF), add indexes for every foreign key and frequent filter column, use transactions for multi-table mutations, plan migration scripts with backward compatibility.',
+  nosql: 'Design around access patterns — denormalise to serve queries in one round trip. Choose partition keys that distribute load evenly. Model for reads, use references sparingly for writes.',
+  timeseries: 'Optimise for append-heavy write patterns. Use time-bucketed partitioning. Compress old data with downsampling. Design queries around time ranges, not individual rows.',
+  graph: 'Model entities as nodes and relationships as edges with properties. Index node labels and edge types. Design traversal patterns and bound depth of recursive queries.',
+  general: 'Evaluate RDBMS vs NoSQL based on data structure, access patterns, and consistency requirements. Design schema to serve the most frequent query without joins if possible.',
+};
+
+export function plan(task: string, context?: string): AgentPlan {
+  const dbType = detectDbType(task, context);
+
+  return {
+    agent: 'database' as WorkerAgentType,
+    task,
+    tier: 3,
+    approach: dbApproach[dbType],
+    steps: [
+      'List all entities and their relationships — draw an ER diagram',
+      'Identify the top 5 most frequent query patterns (what will be read most?)',
+      'Design the schema to serve those queries with minimal joins/lookups',
+      'Add primary keys and unique constraints first',
+      'Add foreign key constraints for relational integrity',
+      'Identify every column used in WHERE, ORDER BY, or JOIN — add indexes',
+      'Choose composite index column order by selectivity (most selective first)',
+      'Design the migration script: additive changes first (new tables, new nullable columns)',
+      'Write seed / fixture data for the development environment',
+      'Write query tests that assert on execution plan (EXPLAIN ANALYZE)',
+      'Set up connection pooling with appropriate pool size for the workload',
+      'Configure statement_timeout and lock_timeout to prevent runaway queries',
+      'Plan archival strategy for old data — partitioning or archival table',
+      'Document the schema with comments on each table and non-obvious column',
+    ],
+    checklist: [
+      '[ ] Every table has a primary key',
+      '[ ] Foreign keys are declared and indexed',
+      '[ ] Every JOIN column on the many-side has an index',
+      '[ ] Every column used in frequent WHERE clauses has an index',
+      '[ ] No SELECT * in production queries — enumerate columns',
+      '[ ] Multi-table mutations wrapped in transactions',
+      '[ ] Migrations are reversible (down migration written)',
+      '[ ] Migration tested on a copy of production data volume',
+      '[ ] Connection pool size calculated: connections = (core_count * 2) + effective_spindle_count',
+      '[ ] statement_timeout configured to prevent runaway queries',
+      '[ ] EXPLAIN ANALYZE run on all slow query candidates',
+      '[ ] Sensitive columns (PII, passwords) identified and encrypted at rest',
+      '[ ] Backup and point-in-time recovery tested',
+      '[ ] Schema documented with table and column comments',
+    ],
+    pitfalls: [
+      'Using SELECT * in application queries — sends unnecessary data over the wire and breaks when columns are added/removed',
+      'Forgetting to index foreign keys — causes full table scans on every JOIN',
+      'Storing JSON blobs in relational databases to avoid schema work — kills query performance and integrity',
+      'Not wrapping multi-step mutations in a transaction — leaves the database in a partially updated state on failure',
+      'Using ORM-generated schemas without reviewing the SQL — ORMs frequently generate non-optimal index choices',
+      'Choosing UUID as a clustered primary key in PostgreSQL without understanding write amplification from random page splits',
+      'Ignoring VACUUM in PostgreSQL — table bloat degrades read performance over time',
+      'Testing migrations only on an empty database — schema changes that work on empty DBs may lock production tables for minutes',
+    ],
+    patterns: [
+      'Repository pattern (abstract DB access behind an interface)',
+      'Unit of Work pattern (group related DB operations into a transaction)',
+      'CQRS (separate read and write models for high-throughput systems)',
+      'Event Sourcing (store events, derive state — for audit-heavy domains)',
+      'Optimistic locking (version column for concurrent update detection)',
+      'Soft delete pattern (deleted_at timestamp instead of hard DELETE)',
+      'Temporal tables (track history of row changes)',
+    ],
+    duration_estimate: '1-2 days',
+  };
+}

package/src/agents/development/debugger.ts

@@ -0,0 +1,238 @@
+import { AgentPlan, WorkerAgentType } from '../types.js';
+
+type ErrorCategory = 'runtime' | 'type' | 'async' | 'performance' | 'network' | 'memory' | 'logic';
+
+function detectErrorCategory(task: string, context?: string): ErrorCategory {
+  const combined = (task + ' ' + (context ?? '')).toLowerCase();
+  if (combined.includes('memory') || combined.includes('leak') || combined.includes('heap') || combined.includes('oom')) return 'memory';
+  if (combined.includes('slow') || combined.includes('latency') || combined.includes('timeout') || combined.includes('performance')) return 'performance';
+  if (combined.includes('network') || combined.includes('fetch') || combined.includes('http') || combined.includes('cors') || combined.includes('socket')) return 'network';
+  if (combined.includes('promise') || combined.includes('async') || combined.includes('await') || combined.includes('callback') || combined.includes('race')) return 'async';
+  if (combined.includes('type') || combined.includes('undefined') || combined.includes('null') || combined.includes('cannot read')) return 'type';
+  if (combined.includes('wrong') || combined.includes('incorrect') || combined.includes('unexpected') || combined.includes('logic')) return 'logic';
+  return 'runtime';
+}
+
+const categoryApproach: Record<ErrorCategory, string> = {
+  runtime: 'Reproduce reliably → isolate to smallest failing case → read the full stack trace → form one hypothesis → add targeted logging → verify fix does not break other paths.',
+  type: 'Trace the data flow from origin to crash site — find where the wrong type enters. Use TypeScript strict mode findings as a guide. Fix the source, not the symptom.',
+  async: 'Map the Promise chain or async call graph. Look for missing awaits, race conditions, unhandled rejections, and event-loop blocking. Add sequential logging to trace execution order.',
+  performance: 'Measure first — use profiling tools to identify the actual bottleneck before touching code. Focus on the 80/20 hotspot. Validate improvement with benchmarks before and after.',
+  network: 'Inspect actual requests in browser DevTools or a proxy (Wireshark/mitmproxy). Verify headers, CORS policy, TLS, DNS, and connection reuse. Distinguish client bugs from server bugs.',
+  memory: 'Take heap snapshots before and after suspected operations. Compare retained objects. Look for closures holding large references, event listener accumulation, and growing caches without eviction.',
+  logic: 'Write a minimal reproducing test. Step through with a debugger or add assertion-style logging at each decision point. State the expected vs actual output explicitly before investigating.',
+};
+
+const categorySteps: Record<ErrorCategory, string[]> = {
+  runtime: [
+    'Read the full stack trace — note the exact file, line number, and error message',
+    'Reproduce the error in isolation — create the smallest possible reproduction',
+    'Check if the error is deterministic or intermittent',
+    'Identify the last working state using git bisect or recent commits',
+    'Form a single specific hypothesis about the root cause',
+    'Add targeted logging around the hypothesis — do NOT log everything',
+    'Verify the hypothesis by temporarily modifying the suspected code',
+    'Fix at the root cause, not at the point where the error surfaces',
+    'Write a regression test that would have caught this bug',
+    'Review related code paths that could have the same defect',
+    'Document the root cause in the fix commit message',
+  ],
+  type: [
+    'Find the exact line where the TypeError / undefined access occurs',
+    'Trace the variable backwards to where it is assigned',
+    'Check if the data source (API, DB, config) can return null/undefined',
+    'Enable TypeScript strict mode and check for new red squiggles',
+    'Fix the type at the origin — add correct types or validation at the boundary',
+    'Add runtime validation (zod, guard function) at the data entry point',
+    'Remove any type assertions (as Type, as any) that hide the real type',
+    'Test with null, undefined, empty string, and unexpected types',
+    'Add null checks or optional chaining where appropriate',
+    'Write a unit test that exercises the null/undefined path',
+  ],
+  async: [
+    'Map the full async call graph for the failing operation',
+    'Check every await — ensure no async function is called without await',
+    'Look for missing error propagation — catch blocks that do not rethrow',
+    'Check for race conditions — operations that depend on execution order',
+    'Look for event-loop blocking (synchronous heavy computation in an async context)',
+    'Verify Promise.all vs Promise.allSettled — unhandled rejection vs partial failure',
+    'Add sequential timestamps to log statements to trace actual execution order',
+    'Use AsyncLocalStorage or correlation IDs to trace concurrent requests',
+    'Check for multiple competing setInterval/setTimeout that interfere',
+    'Write a test that exercises the async failure path explicitly',
+  ],
+  performance: [
+    'Establish a baseline measurement — latency p50/p95/p99, throughput, CPU, memory',
+    'Use a profiler (clinic.js, Chrome DevTools, py-spy) — identify the top hotspot',
+    'Check for N+1 query patterns — count DB queries per request',
+    'Check for synchronous blocking operations in async code',
+    'Review algorithm complexity — O(n²) loops over large datasets',
+    'Check caching — are expensive results being recomputed unnecessarily?',
+    'Profile memory — look for unnecessary object allocation in hot paths',
+    'Fix the single biggest bottleneck and measure again before moving on',
+    'Add performance regression tests (benchmarks) to CI',
+    'Document the performance improvement with before/after numbers',
+  ],
+  network: [
+    'Capture the raw request and response with browser DevTools or curl',
+    'Check CORS headers — Access-Control-Allow-Origin must match the origin',
+    'Verify the TLS certificate is valid and not expired',
+    'Check DNS resolution — nslookup or dig the hostname',
+    'Verify the correct HTTP method and Content-Type are being sent',
+    'Look for redirect loops (301/302 cycles)',
+    'Check keep-alive and connection pool settings on the client',
+    'Test from multiple networks to distinguish ISP / firewall issues',
+    'Inspect retry logic — are retries causing duplicate side effects?',
+    'Add request/response logging middleware to trace the full exchange',
+  ],
+  memory: [
+    'Take a heap snapshot before the suspected operation',
+    'Perform the operation that causes the leak',
+    'Take a second heap snapshot and compare with the first',
+    'Identify the object type and retention path in the diff',
+    'Look for event listeners added without removeEventListener',
+    'Check for closures that hold references to large objects',
+    'Review caches and collections that grow without eviction',
+    'Look for circular references that prevent garbage collection',
+    'Fix the retention path and verify with a third heap snapshot',
+    'Add a memory usage metric to monitoring to detect future regressions',
+  ],
+  logic: [
+    'Write down the exact expected output and the actual output',
+    'Identify the decision points (conditionals, loops, function calls) on the code path',
+    'Write a minimal unit test that reproduces the wrong output',
+    'Step through the code with a debugger, verifying state at each step',
+    'Check boundary conditions: off-by-one errors, inclusive vs exclusive ranges',
+    'Check date/time logic: timezone assumptions, DST transitions, epoch offsets',
+    'Verify sort/comparison functions return correct negative/zero/positive values',
+    'Trace the state mutation — check for accidental shared mutable state',
+    'Fix the logic and run all related tests',
+    'Add an assertion comment explaining the invariant being enforced',
+  ],
+};
+
+const categoryChecklist: Record<ErrorCategory, string[]> = {
+  runtime: [
+    '[ ] Full stack trace captured and read carefully',
+    '[ ] Minimal reproduction created',
+    '[ ] Root cause identified (not just symptom fixed)',
+    '[ ] Fix applied at root cause location',
+    '[ ] Regression test written',
+    '[ ] Related code paths reviewed for same defect',
+    '[ ] Fix verified in the same environment where the bug occurred',
+  ],
+  type: [
+    '[ ] TypeScript strict mode enabled',
+    '[ ] No type assertions (as Type) hiding the bug',
+    '[ ] Runtime validation added at data boundary',
+    '[ ] Null/undefined paths tested explicitly',
+    '[ ] No any types introduced to silence the compiler',
+  ],
+  async: [
+    '[ ] Every async call is properly awaited',
+    '[ ] Unhandled rejection handler in place',
+    '[ ] Race conditions analysed and eliminated',
+    '[ ] Error propagation tested in failure paths',
+    '[ ] Async test uses proper done/async-await, not callbacks',
+  ],
+  performance: [
+    '[ ] Baseline benchmark recorded before fix',
+    '[ ] Fix targets the profiled hotspot, not guesswork',
+    '[ ] No N+1 query patterns remain',
+    '[ ] Improvement verified with post-fix benchmark',
+    '[ ] Performance regression test added to CI',
+  ],
+  network: [
+    '[ ] Raw request/response captured and inspected',
+    '[ ] CORS headers correct',
+    '[ ] TLS certificate valid',
+    '[ ] Retry logic does not cause duplicate side effects',
+    '[ ] Error handling for network timeouts in place',
+  ],
+  memory: [
+    '[ ] Heap snapshots taken before and after fix',
+    '[ ] All event listeners have corresponding removeEventListener',
+    '[ ] Caches have maximum size and eviction policy',
+    '[ ] No circular references between large objects',
+    '[ ] Memory metric added to monitoring dashboard',
+  ],
+  logic: [
+    '[ ] Expected vs actual output documented',
+    '[ ] Minimal reproducing test written before fix',
+    '[ ] All boundary conditions tested',
+    '[ ] Off-by-one conditions verified',
+    '[ ] Shared mutable state eliminated from the bug path',
+  ],
+};
+
+const categoryPitfalls: Record<ErrorCategory, string[]> = {
+  runtime: [
+    'Fixing the symptom (adding a null check at the crash site) without fixing the root cause (why null got there)',
+    'Changing multiple things at once — makes it impossible to know which change fixed the bug',
+    'Not writing a regression test — the bug will return',
+    'Ignoring the stack trace and guessing at the cause',
+  ],
+  type: [
+    'Using "as any" or "as Type" to silence TypeScript — masks the real bug',
+    'Checking for null in the wrong place — check where the data enters, not where it crashes',
+    'Conflating undefined (not set) with null (intentionally empty)',
+  ],
+  async: [
+    'Adding await to a non-Promise — causes subtle bugs when the value becomes a resolved Promise accidentally',
+    'Using Promise.all when one rejection should not cancel the others — use Promise.allSettled',
+    'Catching errors in middleware and not rethrowing — downstream code sees undefined instead of an error',
+  ],
+  performance: [
+    'Optimising without measuring first — wastes time on non-bottlenecks',
+    'Caching without an eviction strategy — trades performance for a memory leak',
+    'Parallelising I/O without limiting concurrency — causes resource exhaustion',
+  ],
+  network: [
+    'Debugging CORS on the client — CORS is a server-side configuration problem',
+    'Trusting browser error messages for network issues — use curl/mitmproxy for ground truth',
+    'Ignoring timeout configuration — 30-second default timeouts hide slow endpoint bugs',
+  ],
+  memory: [
+    'Using WeakMap/WeakRef without understanding the GC implications — not a guaranteed fix',
+    'Adding .off() listeners in cleanup without matching the exact listener reference — listener remains attached',
+    'Assuming garbage collection will clean up large arrays that are still reachable via closure',
+  ],
+  logic: [
+    'Fixing the wrong layer — UI shows wrong data because the API returns wrong data, not because the UI is broken',
+    'Not isolating the bug with a test before fixing — leads to over-engineering the fix',
+    'Trusting console.log output order in async code — use timestamps',
+  ],
+};
+
+const categoryRootCauses: Record<ErrorCategory, string[]> = {
+  runtime: ['Null/undefined dereference', 'Index out of bounds', 'Missing module export', 'Incorrect function signature', 'Environment variable not set'],
+  type: ['API returning different shape than expected', 'Optional field treated as required', 'Union type not narrowed before use', 'JSON.parse result not validated'],
+  async: ['Missing await on async function', 'Unhandled Promise rejection', 'Race condition between concurrent operations', 'Event listener attached multiple times'],
+  performance: ['N+1 database query', 'Unbounded loop over large dataset', 'Synchronous blocking in event loop', 'Missing index on queried column', 'Large objects allocated in hot path'],
+  network: ['CORS misconfiguration', 'Expired TLS certificate', 'DNS resolution failure', 'Firewall blocking the port', 'Incorrect Content-Type header'],
+  memory: ['Event listeners not removed on component unmount', 'Closure retaining large object', 'Unbounded cache', 'Circular reference in object graph'],
+  logic: ['Off-by-one error in loop bounds', 'Timezone-naive date comparison', 'Wrong operator precedence', 'Mutating shared state across requests', 'Short-circuit evaluation misunderstood'],
+};
+
+export function plan(task: string, context?: string): AgentPlan {
+  const category = detectErrorCategory(task, context);
+  const rootCauses = categoryRootCauses[category];
+
+  return {
+    agent: 'debugger' as WorkerAgentType,
+    task,
+    tier: 2,
+    approach: categoryApproach[category],
+    steps: categorySteps[category],
+    checklist: categoryChecklist[category],
+    pitfalls: categoryPitfalls[category],
+    patterns: [
+      'Reproduce-Isolate-Fix loop',
+      'Scientific method (hypothesis → test → conclusion)',
+      'Rubber duck debugging',
+      'Binary search debugging (git bisect)',
+      ...rootCauses.map(c => `Root cause: ${c}`),
+    ],
+    duration_estimate: category === 'performance' || category === 'memory' ? '2-6 hours' : '30 minutes - 3 hours',
+  };
+}

package/src/agents/development/devops.ts

@@ -0,0 +1,86 @@
+import { AgentPlan, WorkerAgentType } from '../types.js';
+
+type DeployTarget = 'docker' | 'kubernetes' | 'serverless' | 'paas' | 'general';
+
+function detectTarget(task: string, context?: string): DeployTarget {
+  const combined = (task + ' ' + (context ?? '')).toLowerCase();
+  if (combined.includes('kubernetes') || combined.includes('k8s') || combined.includes('helm') || combined.includes('pod')) return 'kubernetes';
+  if (combined.includes('lambda') || combined.includes('serverless') || combined.includes('cloud function') || combined.includes('faas')) return 'serverless';
+  if (combined.includes('heroku') || combined.includes('render') || combined.includes('railway') || combined.includes('fly.io') || combined.includes('paas')) return 'paas';
+  if (combined.includes('docker') || combined.includes('container') || combined.includes('compose')) return 'docker';
+  return 'general';
+}
+
+const targetApproach: Record<DeployTarget, string> = {
+  docker: 'Multi-stage Dockerfile to minimise image size, docker-compose for local development with dependent services, GitHub Actions for build-push-deploy pipeline.',
+  kubernetes: 'Helm chart per service, resource requests/limits, liveness/readiness probes, HorizontalPodAutoscaler, ConfigMap and Secret management, Ingress with TLS.',
+  serverless: 'Serverless Framework or AWS SAM for IaC, per-function IAM roles with least privilege, environment-specific stages, DLQ for failed invocations.',
+  paas: 'Environment variables in the platform console (never committed), Procfile or start command, health check route, deployment hooks for migrations.',
+  general: 'Containerise with Docker for environment parity. Use a CI/CD pipeline for automated testing and deployment. Manage secrets with a vault, not environment files.',
+};
+
+export function plan(task: string, context?: string): AgentPlan {
+  const target = detectTarget(task, context);
+
+  return {
+    agent: 'devops' as WorkerAgentType,
+    task,
+    tier: 3,
+    approach: targetApproach[target],
+    steps: [
+      'Write a multi-stage Dockerfile: stage 1 (builder) installs deps and compiles, stage 2 (runtime) copies only the built artefact',
+      'Set a non-root USER in the Dockerfile runtime stage',
+      'Pin the base image to a specific digest, not :latest',
+      'Add .dockerignore to exclude node_modules, .git, and secrets',
+      'Write docker-compose.yml for local development with all dependent services (DB, Redis, etc.)',
+      'Add health checks to compose services so the app only starts when dependencies are ready',
+      'Write the CI pipeline: lint → test → build image → push to registry → deploy',
+      'Use separate environment stages: development, staging, production',
+      'Store secrets in a vault (AWS Secrets Manager, HashiCorp Vault, GitHub Actions secrets) — never in the repo',
+      'Configure rolling deployment or blue/green to achieve zero-downtime deploys',
+      'Add liveness probe (is the process alive?) and readiness probe (can it serve traffic?) to the container',
+      'Set CPU and memory resource requests and limits',
+      'Configure structured logging to stdout — let the orchestrator collect it',
+      'Add a /health endpoint that checks DB connectivity and returns 200 or 503',
+      'Set up alerting on error rate, latency p95, and pod restart count',
+    ],
+    checklist: [
+      '[ ] Dockerfile is multi-stage — runtime image contains no build tools or source code',
+      '[ ] Base image pinned to a specific SHA or version tag, not :latest',
+      '[ ] Container runs as a non-root user',
+      '[ ] .dockerignore excludes node_modules, .git, .env, and secrets',
+      '[ ] All secrets loaded from environment variables or a vault — never baked into the image',
+      '[ ] CI pipeline runs lint and tests before building the image',
+      '[ ] CI pipeline fails the deploy if tests fail',
+      '[ ] Docker image scanned for vulnerabilities (trivy or snyk) in CI',
+      '[ ] Deployment uses rolling update or blue/green — no downtime on deploy',
+      '[ ] Liveness and readiness probes configured',
+      '[ ] Resource requests and limits set on all containers',
+      '[ ] Structured JSON logging to stdout',
+      '[ ] Log retention policy set (no unlimited growth)',
+      '[ ] Health check endpoint returns 503 when dependencies are unhealthy',
+      '[ ] Alerts configured for error rate > 1% and p95 latency > SLO',
+      '[ ] Runbook written for on-call responders',
+    ],
+    pitfalls: [
+      'Using :latest as the base image tag — breaks reproducibility when the upstream image changes',
+      'Running the container as root — a container escape becomes a root host compromise',
+      'Baking secrets into the image via ENV or COPY — secrets are visible in docker history',
+      'Not adding health checks to compose — the app starts before the database is ready, crashes on first query',
+      'Building the full Docker image in CI without layer caching — 10-minute builds for a one-line change',
+      'Deploying directly to production without a staging environment test — no safety net',
+      'Not setting resource limits — a memory leak can starve all other pods on the node',
+      'Using docker-compose in production — lacks self-healing, scheduling, and scaling capabilities',
+    ],
+    patterns: [
+      'Multi-stage Docker build (minimise image size)',
+      'Blue/Green deployment (zero-downtime swap)',
+      'Canary release (route small percentage to new version)',
+      'GitOps (declarative infra state tracked in git, applied by Flux/ArgoCD)',
+      'Infrastructure as Code (Terraform, Pulumi, CDK)',
+      'Immutable infrastructure (replace, never patch in place)',
+      'Twelve-Factor App methodology',
+    ],
+    duration_estimate: '1-2 days',
+  };
+}

package/src/agents/development/frontend.ts

@@ -0,0 +1,85 @@
+import { AgentPlan, WorkerAgentType } from '../types.js';
+
+type FrontendType = 'component' | 'page' | 'form' | 'data-display' | 'general';
+
+function detectFrontendType(task: string, context?: string): FrontendType {
+  const combined = (task + ' ' + (context ?? '')).toLowerCase();
+  if (combined.includes('form') || combined.includes('input') || combined.includes('submit') || combined.includes('validation')) return 'form';
+  if (combined.includes('table') || combined.includes('list') || combined.includes('chart') || combined.includes('dashboard') || combined.includes('grid')) return 'data-display';
+  if (combined.includes('page') || combined.includes('route') || combined.includes('view') || combined.includes('screen')) return 'page';
+  if (combined.includes('component') || combined.includes('button') || combined.includes('modal') || combined.includes('dialog') || combined.includes('dropdown')) return 'component';
+  return 'general';
+}
+
+const typeApproach: Record<FrontendType, string> = {
+  component: 'Define the Props interface first. Implement the static presentational render before adding state. Extract sub-components when the render method exceeds 50 JSX lines. Test each state independently.',
+  page: 'Design the page data requirements (what APIs to call), implement data fetching with loading/error/empty states, compose from smaller components. Handle navigation state and deep linking.',
+  form: 'Use a form library (react-hook-form or Formik). Define the schema with Zod or Yup. Show inline validation errors. Handle submission loading state and server errors. Ensure keyboard-accessible.',
+  'data-display': 'Fetch data with pagination or virtual scrolling for large datasets. Show skeleton loaders. Handle empty state with a clear call-to-action. Make columns resizable and sortable if applicable.',
+  general: 'Design the component tree top-down. Define props interfaces before writing JSX. Add loading, error, and empty states to every data-dependent component.',
+};
+
+export function plan(task: string, context?: string): AgentPlan {
+  const frontendType = detectFrontendType(task, context);
+
+  return {
+    agent: 'frontend' as WorkerAgentType,
+    task,
+    tier: 2,
+    approach: typeApproach[frontendType],
+    steps: [
+      'Define the Props interface with JSDoc on every prop, including optional vs required',
+      'Identify and define any local state the component manages',
+      'Sketch the component tree — identify which parts should be extracted as sub-components',
+      'Implement the static happy-path render with hardcoded sample data',
+      'Replace sample data with props and verify TypeScript types',
+      'Add loading state — use a skeleton loader, not a spinner for layout-heavy content',
+      'Add error state — show a user-friendly message with a retry action',
+      'Add empty state — show a meaningful prompt when there is no data',
+      'Add useEffect for data fetching or subscriptions, with proper dependency array',
+      'Implement event handlers and form submission logic',
+      'Add ARIA roles, labels, and keyboard navigation for interactive elements',
+      'Test with keyboard only — tab order must be logical',
+      'Apply responsive CSS: mobile-first, then tablet (768px), then desktop (1280px) breakpoints',
+      'Write render tests covering loading, error, empty, and data states',
+      'Profile with React DevTools and memo/useMemo only where profiling shows a real regression',
+    ],
+    checklist: [
+      '[ ] Props interface fully typed and exported',
+      '[ ] Default props specified for optional props with sensible defaults',
+      '[ ] Loading state uses skeleton loader matching the content layout',
+      '[ ] Error state shows user-friendly message with retry button',
+      '[ ] Empty state shows message and call-to-action',
+      '[ ] No useEffect with stale closure (dependency array complete)',
+      '[ ] No state for derived data — compute it from props/state on render',
+      '[ ] Interactive elements are keyboard operable',
+      '[ ] All images have alt text',
+      '[ ] Form inputs have associated <label> elements',
+      '[ ] Color is not the only means of conveying information',
+      '[ ] Focus is managed correctly when modals open/close',
+      '[ ] Component works at 320px mobile width',
+      '[ ] Component works at 1440px desktop width',
+      '[ ] No inline styles — use CSS modules or styled-components',
+      '[ ] Render tests written for all significant states',
+    ],
+    pitfalls: [
+      'Calling setState inside useEffect with the setState function in the dependency array — infinite re-render loop',
+      'Forgetting the key prop on list items — React silently mismatches DOM elements during reconciliation',
+      'Storing derived data (e.g., filtered list) in state instead of computing it on each render',
+      'Using array index as key when the list can be reordered — causes incorrect component reuse',
+      'Making components too generic too early — premature abstraction adds props nobody uses',
+      'Not handling the loading state — a blank flash before data arrives breaks perceived performance',
+      'useCallback / useMemo without profiling first — adds overhead for no measurable gain',
+      'Forgetting to clean up event listeners, timers, and subscriptions in useEffect return function',
+    ],
+    patterns: [
+      'Compound component pattern (parent shares state with slotted children)',
+      'Controlled component pattern (props drive state, events propagate up)',
+      'Render props pattern (for cross-cutting component logic)',
+      'Custom hook extraction (move complex effect logic out of the component)',
+      'Container / Presenter split (data fetching vs rendering separation)',
+      'Skeleton loader pattern (avoid layout shift on load)',
+    ],
+    duration_estimate: frontendType === 'page' ? '4-8 hours' : '2-4 hours',
+  };
+}

package/src/agents/development/migration.ts

@@ -0,0 +1,144 @@
+import { AgentPlan, WorkerAgentType } from '../types.js';
+
+type MigrationType = 'schema' | 'data' | 'platform' | 'zero-downtime' | 'general';
+
+function detectMigrationType(task: string, context?: string): MigrationType {
+  const combined = (task + ' ' + (context ?? '')).toLowerCase();
+  if (combined.includes('zero downtime') || combined.includes('blue-green') || combined.includes('rolling') || combined.includes('live migration')) return 'zero-downtime';
+  if (combined.includes('data migration') || combined.includes('backfill') || combined.includes('etl') || combined.includes('transform data')) return 'data';
+  if (combined.includes('platform') || combined.includes('cloud') || combined.includes('aws') || combined.includes('gcp') || combined.includes('azure') || combined.includes('move')) return 'platform';
+  if (combined.includes('schema') || combined.includes('column') || combined.includes('table') || combined.includes('database') || combined.includes('alter')) return 'schema';
+  return 'general';
+}
+
+const typeApproach: Record<MigrationType, string> = {
+  schema: 'Expand-Migrate-Contract pattern: first add new columns as nullable (backward compatible), then backfill, then add constraints, then remove old columns. Each phase is a separate deployment.',
+  data: 'Write idempotent backfill scripts that can be re-run safely. Process in batches of 1000-10000 rows to avoid locking. Verify row counts before and after. Keep the original data until verified.',
+  platform: 'Run old and new platforms in parallel. Migrate traffic gradually (10% → 50% → 100%). Maintain rollback capability at each step. Verify data consistency between platforms before cutover.',
+  'zero-downtime': 'Decouple schema changes from code changes. Make schema additive first. Deploy code that supports both old and new schema. Then migrate schema. Then deploy code that requires new schema only.',
+  general: 'Always take a backup before migrating. Test the migration on a staging environment with production-volume data. Plan and rehearse the rollback procedure before starting.',
+};
+
+const typeSteps: Record<MigrationType, string[]> = {
+  schema: [
+    'Take a full database backup and verify it is restorable',
+    'Analyse the table size — migrations on large tables require extra care',
+    'Write the expansion migration: add new nullable columns or tables (no data changes)',
+    'Deploy the expansion migration to staging and verify with EXPLAIN on common queries',
+    'Deploy the expansion migration to production — additive changes are safe and fast',
+    'Write the application code that writes to both old and new columns simultaneously',
+    'Deploy the dual-write code to production',
+    'Write the backfill script: UPDATE new_column = derive(old_column) WHERE new_column IS NULL LIMIT 10000',
+    'Run the backfill in batches during low-traffic hours, monitoring DB load',
+    'Verify: SELECT COUNT(*) WHERE new_column IS NULL — should return 0',
+    'Deploy code that reads from new columns only',
+    'Write the contract migration: add NOT NULL constraint, create indexes, drop old columns',
+    'Deploy the contract migration to production during a maintenance window',
+    'Verify application health and run smoke tests',
+  ],
+  data: [
+    'Define the transformation logic and document the expected output for a sample of rows',
+    'Write the backfill script as an idempotent operation (re-running it produces the same result)',
+    'Test the script on 100 rows in staging and manually verify the output',
+    'Measure the script execution time on staging at full data volume',
+    'Schedule the production backfill during the lowest-traffic window',
+    'Process in batches: use LIMIT + WHERE id > last_processed_id to paginate',
+    'Add a progress counter — log every N rows processed',
+    'Monitor DB CPU, lock waits, and replication lag during the backfill',
+    'Pause the script automatically if replication lag exceeds a threshold',
+    'Verify row counts: SELECT COUNT(*) before and after should balance',
+    'Spot-check 10-20 randomly selected rows — manual verification of the transformation',
+    'Keep the original data in the source columns or a backup table until fully verified',
+    'Archive or drop the source data only after a defined hold period (e.g., 30 days)',
+  ],
+  platform: [
+    'Document all dependencies of the current platform (databases, queues, external services)',
+    'Set up the new platform environment with identical configuration',
+    'Migrate all secrets and configuration to the new platform\'s secrets manager',
+    'Deploy the application to the new platform and run full integration tests',
+    'Set up a data sync from old to new platform (replication or CDC with Debezium)',
+    'Route 5% of production traffic to the new platform and monitor error rates',
+    'Compare metrics between old and new platform over 24 hours',
+    'Increase traffic to 25%, 50%, 75%, 100% with monitoring gates at each step',
+    'When at 100%, stop new writes to the old platform and verify replication caught up',
+    'Run a final data consistency check between old and new platform',
+    'Update DNS/load balancer to point exclusively to new platform',
+    'Keep the old platform running for 7 days as a rollback option',
+    'Decommission the old platform after the hold period',
+  ],
+  'zero-downtime': [
+    'Identify all schema changes needed and classify each as additive (safe) or destructive (requires care)',
+    'Phase 1 — Expansion: add new tables and nullable columns without removing anything',
+    'Deploy Phase 1 migration — no code change needed, old code still works',
+    'Phase 2 — Compatibility code: deploy app code that writes to old and new columns, reads from new if available',
+    'Verify Phase 2 is working correctly in staging for 24+ hours',
+    'Phase 3 — Backfill: run idempotent backfill to populate new columns from old data',
+    'Verify backfill completeness: zero rows with NULL in new columns',
+    'Phase 4 — New code: deploy app code that reads exclusively from new columns',
+    'Monitor for 24 hours — check error rates and data correctness',
+    'Phase 5 — Contract: add NOT NULL constraints, create indexes, drop old columns',
+    'Verify final state with integration tests and manual spot-checks',
+    'Document the completed migration and update the schema documentation',
+  ],
+  general: [
+    'Take a full backup of all data involved in the migration',
+    'Verify the backup is restorable by doing a test restore on a separate instance',
+    'Write the migration script and test it thoroughly on staging',
+    'Test the rollback procedure on staging — confirm you can undo the migration',
+    'Calculate the expected execution time at production data volume',
+    'Plan the maintenance window if downtime is required',
+    'Communicate the migration plan and timeline to stakeholders',
+    'Execute the migration and monitor closely',
+    'Run smoke tests immediately after migration',
+    'Monitor for 24-48 hours before declaring success',
+    'Document lessons learned',
+  ],
+};
+
+export function plan(task: string, context?: string): AgentPlan {
+  const migrationType = detectMigrationType(task, context);
+
+  return {
+    agent: 'migration' as WorkerAgentType,
+    task,
+    tier: 3,
+    approach: typeApproach[migrationType],
+    steps: typeSteps[migrationType],
+    checklist: [
+      '[ ] Full backup taken and restore tested before starting',
+      '[ ] Migration tested on staging with production data volume',
+      '[ ] Rollback procedure written, tested, and rehearsed',
+      '[ ] Execution time estimated at production scale',
+      '[ ] Stakeholders notified of migration plan and timeline',
+      '[ ] Backfill script is idempotent — safe to re-run on failure',
+      '[ ] Backfill processes in batches — no single query that locks the whole table',
+      '[ ] Replication lag monitored during migration',
+      '[ ] Row counts verified before and after migration',
+      '[ ] Smoke tests pass immediately after migration',
+      '[ ] Application metrics (error rate, latency) normal after migration',
+      '[ ] Old data retained for a defined hold period before deletion',
+      '[ ] Schema documentation updated',
+      '[ ] Post-migration review scheduled for 48 hours after cutover',
+    ],
+    pitfalls: [
+      'Running ALTER TABLE on a large table without ALGORITHM=INPLACE or pg_rewrite — locks the table for minutes and causes downtime',
+      'Not testing the rollback — every migration plan needs a verified rollback procedure',
+      'Backfilling without batching — a single UPDATE affecting millions of rows holds a table lock for minutes',
+      'Migrating production without staging validation — staging exists for this purpose',
+      'Not monitoring replication lag during the migration — a lagging replica causes stale reads',
+      'Removing the old columns before the application is fully migrated to the new columns',
+      'Skipping the data verification step — corrupted data may not surface for days',
+      'Under-estimating the time at production data volume — test with realistic row counts',
+    ],
+    patterns: [
+      'Expand-Migrate-Contract pattern (safe schema evolution)',
+      'Dual-write pattern (write to old and new during transition)',
+      'Strangler Fig pattern (gradually replace old system with new)',
+      'Blue/Green deployment (parallel environments for zero-downtime cutover)',
+      'Change Data Capture (CDC) for live platform migrations',
+      'Idempotent migration scripts (safe to re-run)',
+      'Feature flag gating (roll out new schema reading gradually)',
+    ],
+    duration_estimate: '2-5 days',
+  };
+}