@jigyasudham/veto 0.8.0

package/dist/agents/development/devops.js

@@ -0,0 +1,84 @@
+function detectTarget(task, context) {
+    const combined = (task + ' ' + (context ?? '')).toLowerCase();
+    if (combined.includes('kubernetes') || combined.includes('k8s') || combined.includes('helm') || combined.includes('pod'))
+        return 'kubernetes';
+    if (combined.includes('lambda') || combined.includes('serverless') || combined.includes('cloud function') || combined.includes('faas'))
+        return 'serverless';
+    if (combined.includes('heroku') || combined.includes('render') || combined.includes('railway') || combined.includes('fly.io') || combined.includes('paas'))
+        return 'paas';
+    if (combined.includes('docker') || combined.includes('container') || combined.includes('compose'))
+        return 'docker';
+    return 'general';
+}
+const targetApproach = {
+    docker: 'Multi-stage Dockerfile to minimise image size, docker-compose for local development with dependent services, GitHub Actions for build-push-deploy pipeline.',
+    kubernetes: 'Helm chart per service, resource requests/limits, liveness/readiness probes, HorizontalPodAutoscaler, ConfigMap and Secret management, Ingress with TLS.',
+    serverless: 'Serverless Framework or AWS SAM for IaC, per-function IAM roles with least privilege, environment-specific stages, DLQ for failed invocations.',
+    paas: 'Environment variables in the platform console (never committed), Procfile or start command, health check route, deployment hooks for migrations.',
+    general: 'Containerise with Docker for environment parity. Use a CI/CD pipeline for automated testing and deployment. Manage secrets with a vault, not environment files.',
+};
+export function plan(task, context) {
+    const target = detectTarget(task, context);
+    return {
+        agent: 'devops',
+        task,
+        tier: 3,
+        approach: targetApproach[target],
+        steps: [
+            'Write a multi-stage Dockerfile: stage 1 (builder) installs deps and compiles, stage 2 (runtime) copies only the built artefact',
+            'Set a non-root USER in the Dockerfile runtime stage',
+            'Pin the base image to a specific digest, not :latest',
+            'Add .dockerignore to exclude node_modules, .git, and secrets',
+            'Write docker-compose.yml for local development with all dependent services (DB, Redis, etc.)',
+            'Add health checks to compose services so the app only starts when dependencies are ready',
+            'Write the CI pipeline: lint → test → build image → push to registry → deploy',
+            'Use separate environment stages: development, staging, production',
+            'Store secrets in a vault (AWS Secrets Manager, HashiCorp Vault, GitHub Actions secrets) — never in the repo',
+            'Configure rolling deployment or blue/green to achieve zero-downtime deploys',
+            'Add liveness probe (is the process alive?) and readiness probe (can it serve traffic?) to the container',
+            'Set CPU and memory resource requests and limits',
+            'Configure structured logging to stdout — let the orchestrator collect it',
+            'Add a /health endpoint that checks DB connectivity and returns 200 or 503',
+            'Set up alerting on error rate, latency p95, and pod restart count',
+        ],
+        checklist: [
+            '[ ] Dockerfile is multi-stage — runtime image contains no build tools or source code',
+            '[ ] Base image pinned to a specific SHA or version tag, not :latest',
+            '[ ] Container runs as a non-root user',
+            '[ ] .dockerignore excludes node_modules, .git, .env, and secrets',
+            '[ ] All secrets loaded from environment variables or a vault — never baked into the image',
+            '[ ] CI pipeline runs lint and tests before building the image',
+            '[ ] CI pipeline fails the deploy if tests fail',
+            '[ ] Docker image scanned for vulnerabilities (trivy or snyk) in CI',
+            '[ ] Deployment uses rolling update or blue/green — no downtime on deploy',
+            '[ ] Liveness and readiness probes configured',
+            '[ ] Resource requests and limits set on all containers',
+            '[ ] Structured JSON logging to stdout',
+            '[ ] Log retention policy set (no unlimited growth)',
+            '[ ] Health check endpoint returns 503 when dependencies are unhealthy',
+            '[ ] Alerts configured for error rate > 1% and p95 latency > SLO',
+            '[ ] Runbook written for on-call responders',
+        ],
+        pitfalls: [
+            'Using :latest as the base image tag — breaks reproducibility when the upstream image changes',
+            'Running the container as root — a container escape becomes a root host compromise',
+            'Baking secrets into the image via ENV or COPY — secrets are visible in docker history',
+            'Not adding health checks to compose — the app starts before the database is ready, crashes on first query',
+            'Building the full Docker image in CI without layer caching — 10-minute builds for a one-line change',
+            'Deploying directly to production without a staging environment test — no safety net',
+            'Not setting resource limits — a memory leak can starve all other pods on the node',
+            'Using docker-compose in production — lacks self-healing, scheduling, and scaling capabilities',
+        ],
+        patterns: [
+            'Multi-stage Docker build (minimise image size)',
+            'Blue/Green deployment (zero-downtime swap)',
+            'Canary release (route small percentage to new version)',
+            'GitOps (declarative infra state tracked in git, applied by Flux/ArgoCD)',
+            'Infrastructure as Code (Terraform, Pulumi, CDK)',
+            'Immutable infrastructure (replace, never patch in place)',
+            'Twelve-Factor App methodology',
+        ],
+        duration_estimate: '1-2 days',
+    };
+}
+//# sourceMappingURL=devops.js.map

package/dist/agents/development/frontend.js

@@ -0,0 +1,83 @@
+function detectFrontendType(task, context) {
+    const combined = (task + ' ' + (context ?? '')).toLowerCase();
+    if (combined.includes('form') || combined.includes('input') || combined.includes('submit') || combined.includes('validation'))
+        return 'form';
+    if (combined.includes('table') || combined.includes('list') || combined.includes('chart') || combined.includes('dashboard') || combined.includes('grid'))
+        return 'data-display';
+    if (combined.includes('page') || combined.includes('route') || combined.includes('view') || combined.includes('screen'))
+        return 'page';
+    if (combined.includes('component') || combined.includes('button') || combined.includes('modal') || combined.includes('dialog') || combined.includes('dropdown'))
+        return 'component';
+    return 'general';
+}
+const typeApproach = {
+    component: 'Define the Props interface first. Implement the static presentational render before adding state. Extract sub-components when the render method exceeds 50 JSX lines. Test each state independently.',
+    page: 'Design the page data requirements (what APIs to call), implement data fetching with loading/error/empty states, compose from smaller components. Handle navigation state and deep linking.',
+    form: 'Use a form library (react-hook-form or Formik). Define the schema with Zod or Yup. Show inline validation errors. Handle submission loading state and server errors. Ensure keyboard-accessible.',
+    'data-display': 'Fetch data with pagination or virtual scrolling for large datasets. Show skeleton loaders. Handle empty state with a clear call-to-action. Make columns resizable and sortable if applicable.',
+    general: 'Design the component tree top-down. Define props interfaces before writing JSX. Add loading, error, and empty states to every data-dependent component.',
+};
+export function plan(task, context) {
+    const frontendType = detectFrontendType(task, context);
+    return {
+        agent: 'frontend',
+        task,
+        tier: 2,
+        approach: typeApproach[frontendType],
+        steps: [
+            'Define the Props interface with JSDoc on every prop, including optional vs required',
+            'Identify and define any local state the component manages',
+            'Sketch the component tree — identify which parts should be extracted as sub-components',
+            'Implement the static happy-path render with hardcoded sample data',
+            'Replace sample data with props and verify TypeScript types',
+            'Add loading state — use a skeleton loader, not a spinner for layout-heavy content',
+            'Add error state — show a user-friendly message with a retry action',
+            'Add empty state — show a meaningful prompt when there is no data',
+            'Add useEffect for data fetching or subscriptions, with proper dependency array',
+            'Implement event handlers and form submission logic',
+            'Add ARIA roles, labels, and keyboard navigation for interactive elements',
+            'Test with keyboard only — tab order must be logical',
+            'Apply responsive CSS: mobile-first, then tablet (768px), then desktop (1280px) breakpoints',
+            'Write render tests covering loading, error, empty, and data states',
+            'Profile with React DevTools and memo/useMemo only where profiling shows a real regression',
+        ],
+        checklist: [
+            '[ ] Props interface fully typed and exported',
+            '[ ] Default props specified for optional props with sensible defaults',
+            '[ ] Loading state uses skeleton loader matching the content layout',
+            '[ ] Error state shows user-friendly message with retry button',
+            '[ ] Empty state shows message and call-to-action',
+            '[ ] No useEffect with stale closure (dependency array complete)',
+            '[ ] No state for derived data — compute it from props/state on render',
+            '[ ] Interactive elements are keyboard operable',
+            '[ ] All images have alt text',
+            '[ ] Form inputs have associated <label> elements',
+            '[ ] Color is not the only means of conveying information',
+            '[ ] Focus is managed correctly when modals open/close',
+            '[ ] Component works at 320px mobile width',
+            '[ ] Component works at 1440px desktop width',
+            '[ ] No inline styles — use CSS modules or styled-components',
+            '[ ] Render tests written for all significant states',
+        ],
+        pitfalls: [
+            'Calling setState inside useEffect with the setState function in the dependency array — infinite re-render loop',
+            'Forgetting the key prop on list items — React silently mismatches DOM elements during reconciliation',
+            'Storing derived data (e.g., filtered list) in state instead of computing it on each render',
+            'Using array index as key when the list can be reordered — causes incorrect component reuse',
+            'Making components too generic too early — premature abstraction adds props nobody uses',
+            'Not handling the loading state — a blank flash before data arrives breaks perceived performance',
+            'useCallback / useMemo without profiling first — adds overhead for no measurable gain',
+            'Forgetting to clean up event listeners, timers, and subscriptions in useEffect return function',
+        ],
+        patterns: [
+            'Compound component pattern (parent shares state with slotted children)',
+            'Controlled component pattern (props drive state, events propagate up)',
+            'Render props pattern (for cross-cutting component logic)',
+            'Custom hook extraction (move complex effect logic out of the component)',
+            'Container / Presenter split (data fetching vs rendering separation)',
+            'Skeleton loader pattern (avoid layout shift on load)',
+        ],
+        duration_estimate: frontendType === 'page' ? '4-8 hours' : '2-4 hours',
+    };
+}
+//# sourceMappingURL=frontend.js.map

package/dist/agents/development/migration.js

@@ -0,0 +1,141 @@
+function detectMigrationType(task, context) {
+    const combined = (task + ' ' + (context ?? '')).toLowerCase();
+    if (combined.includes('zero downtime') || combined.includes('blue-green') || combined.includes('rolling') || combined.includes('live migration'))
+        return 'zero-downtime';
+    if (combined.includes('data migration') || combined.includes('backfill') || combined.includes('etl') || combined.includes('transform data'))
+        return 'data';
+    if (combined.includes('platform') || combined.includes('cloud') || combined.includes('aws') || combined.includes('gcp') || combined.includes('azure') || combined.includes('move'))
+        return 'platform';
+    if (combined.includes('schema') || combined.includes('column') || combined.includes('table') || combined.includes('database') || combined.includes('alter'))
+        return 'schema';
+    return 'general';
+}
+const typeApproach = {
+    schema: 'Expand-Migrate-Contract pattern: first add new columns as nullable (backward compatible), then backfill, then add constraints, then remove old columns. Each phase is a separate deployment.',
+    data: 'Write idempotent backfill scripts that can be re-run safely. Process in batches of 1000-10000 rows to avoid locking. Verify row counts before and after. Keep the original data until verified.',
+    platform: 'Run old and new platforms in parallel. Migrate traffic gradually (10% → 50% → 100%). Maintain rollback capability at each step. Verify data consistency between platforms before cutover.',
+    'zero-downtime': 'Decouple schema changes from code changes. Make schema additive first. Deploy code that supports both old and new schema. Then migrate schema. Then deploy code that requires new schema only.',
+    general: 'Always take a backup before migrating. Test the migration on a staging environment with production-volume data. Plan and rehearse the rollback procedure before starting.',
+};
+const typeSteps = {
+    schema: [
+        'Take a full database backup and verify it is restorable',
+        'Analyse the table size — migrations on large tables require extra care',
+        'Write the expansion migration: add new nullable columns or tables (no data changes)',
+        'Deploy the expansion migration to staging and verify with EXPLAIN on common queries',
+        'Deploy the expansion migration to production — additive changes are safe and fast',
+        'Write the application code that writes to both old and new columns simultaneously',
+        'Deploy the dual-write code to production',
+        'Write the backfill script: UPDATE new_column = derive(old_column) WHERE new_column IS NULL LIMIT 10000',
+        'Run the backfill in batches during low-traffic hours, monitoring DB load',
+        'Verify: SELECT COUNT(*) WHERE new_column IS NULL — should return 0',
+        'Deploy code that reads from new columns only',
+        'Write the contract migration: add NOT NULL constraint, create indexes, drop old columns',
+        'Deploy the contract migration to production during a maintenance window',
+        'Verify application health and run smoke tests',
+    ],
+    data: [
+        'Define the transformation logic and document the expected output for a sample of rows',
+        'Write the backfill script as an idempotent operation (re-running it produces the same result)',
+        'Test the script on 100 rows in staging and manually verify the output',
+        'Measure the script execution time on staging at full data volume',
+        'Schedule the production backfill during the lowest-traffic window',
+        'Process in batches: use LIMIT + WHERE id > last_processed_id to paginate',
+        'Add a progress counter — log every N rows processed',
+        'Monitor DB CPU, lock waits, and replication lag during the backfill',
+        'Pause the script automatically if replication lag exceeds a threshold',
+        'Verify row counts: SELECT COUNT(*) before and after should balance',
+        'Spot-check 10-20 randomly selected rows — manual verification of the transformation',
+        'Keep the original data in the source columns or a backup table until fully verified',
+        'Archive or drop the source data only after a defined hold period (e.g., 30 days)',
+    ],
+    platform: [
+        'Document all dependencies of the current platform (databases, queues, external services)',
+        'Set up the new platform environment with identical configuration',
+        'Migrate all secrets and configuration to the new platform\'s secrets manager',
+        'Deploy the application to the new platform and run full integration tests',
+        'Set up a data sync from old to new platform (replication or CDC with Debezium)',
+        'Route 5% of production traffic to the new platform and monitor error rates',
+        'Compare metrics between old and new platform over 24 hours',
+        'Increase traffic to 25%, 50%, 75%, 100% with monitoring gates at each step',
+        'When at 100%, stop new writes to the old platform and verify replication caught up',
+        'Run a final data consistency check between old and new platform',
+        'Update DNS/load balancer to point exclusively to new platform',
+        'Keep the old platform running for 7 days as a rollback option',
+        'Decommission the old platform after the hold period',
+    ],
+    'zero-downtime': [
+        'Identify all schema changes needed and classify each as additive (safe) or destructive (requires care)',
+        'Phase 1 — Expansion: add new tables and nullable columns without removing anything',
+        'Deploy Phase 1 migration — no code change needed, old code still works',
+        'Phase 2 — Compatibility code: deploy app code that writes to old and new columns, reads from new if available',
+        'Verify Phase 2 is working correctly in staging for 24+ hours',
+        'Phase 3 — Backfill: run idempotent backfill to populate new columns from old data',
+        'Verify backfill completeness: zero rows with NULL in new columns',
+        'Phase 4 — New code: deploy app code that reads exclusively from new columns',
+        'Monitor for 24 hours — check error rates and data correctness',
+        'Phase 5 — Contract: add NOT NULL constraints, create indexes, drop old columns',
+        'Verify final state with integration tests and manual spot-checks',
+        'Document the completed migration and update the schema documentation',
+    ],
+    general: [
+        'Take a full backup of all data involved in the migration',
+        'Verify the backup is restorable by doing a test restore on a separate instance',
+        'Write the migration script and test it thoroughly on staging',
+        'Test the rollback procedure on staging — confirm you can undo the migration',
+        'Calculate the expected execution time at production data volume',
+        'Plan the maintenance window if downtime is required',
+        'Communicate the migration plan and timeline to stakeholders',
+        'Execute the migration and monitor closely',
+        'Run smoke tests immediately after migration',
+        'Monitor for 24-48 hours before declaring success',
+        'Document lessons learned',
+    ],
+};
+export function plan(task, context) {
+    const migrationType = detectMigrationType(task, context);
+    return {
+        agent: 'migration',
+        task,
+        tier: 3,
+        approach: typeApproach[migrationType],
+        steps: typeSteps[migrationType],
+        checklist: [
+            '[ ] Full backup taken and restore tested before starting',
+            '[ ] Migration tested on staging with production data volume',
+            '[ ] Rollback procedure written, tested, and rehearsed',
+            '[ ] Execution time estimated at production scale',
+            '[ ] Stakeholders notified of migration plan and timeline',
+            '[ ] Backfill script is idempotent — safe to re-run on failure',
+            '[ ] Backfill processes in batches — no single query that locks the whole table',
+            '[ ] Replication lag monitored during migration',
+            '[ ] Row counts verified before and after migration',
+            '[ ] Smoke tests pass immediately after migration',
+            '[ ] Application metrics (error rate, latency) normal after migration',
+            '[ ] Old data retained for a defined hold period before deletion',
+            '[ ] Schema documentation updated',
+            '[ ] Post-migration review scheduled for 48 hours after cutover',
+        ],
+        pitfalls: [
+            'Running ALTER TABLE on a large table without ALGORITHM=INPLACE or pg_rewrite — locks the table for minutes and causes downtime',
+            'Not testing the rollback — every migration plan needs a verified rollback procedure',
+            'Backfilling without batching — a single UPDATE affecting millions of rows holds a table lock for minutes',
+            'Migrating production without staging validation — staging exists for this purpose',
+            'Not monitoring replication lag during the migration — a lagging replica causes stale reads',
+            'Removing the old columns before the application is fully migrated to the new columns',
+            'Skipping the data verification step — corrupted data may not surface for days',
+            'Under-estimating the time at production data volume — test with realistic row counts',
+        ],
+        patterns: [
+            'Expand-Migrate-Contract pattern (safe schema evolution)',
+            'Dual-write pattern (write to old and new during transition)',
+            'Strangler Fig pattern (gradually replace old system with new)',
+            'Blue/Green deployment (parallel environments for zero-downtime cutover)',
+            'Change Data Capture (CDC) for live platform migrations',
+            'Idempotent migration scripts (safe to re-run)',
+            'Feature flag gating (roll out new schema reading gradually)',
+        ],
+        duration_estimate: '2-5 days',
+    };
+}
+//# sourceMappingURL=migration.js.map

package/dist/agents/development/performance.js

@@ -0,0 +1,142 @@
+function detectDomain(task, context) {
+    const combined = (task + ' ' + (context ?? '')).toLowerCase();
+    if (combined.includes('database') || combined.includes('query') || combined.includes('sql') || combined.includes('slow query') || combined.includes('n+1'))
+        return 'database';
+    if (combined.includes('network') || combined.includes('latency') || combined.includes('bandwidth') || combined.includes('api') || combined.includes('http'))
+        return 'network';
+    if (combined.includes('cpu') || combined.includes('algorithm') || combined.includes('computation') || combined.includes('big-o') || combined.includes('loop'))
+        return 'cpu';
+    if (combined.includes('memory') || combined.includes('ram') || combined.includes('heap') || combined.includes('leak') || combined.includes('gc'))
+        return 'memory';
+    if (combined.includes('frontend') || combined.includes('render') || combined.includes('fcp') || combined.includes('lcp') || combined.includes('cls') || combined.includes('bundle'))
+        return 'frontend';
+    return 'general';
+}
+const domainApproach = {
+    database: 'Profile slow queries with EXPLAIN ANALYZE. Eliminate N+1 patterns. Add missing indexes. Implement query result caching. Consider read replicas for read-heavy workloads.',
+    network: 'Measure with real network traces (HAR file, curl --trace). Enable HTTP/2. Add connection pooling. Implement response compression. Use CDN for static assets. Cache at the edge.',
+    cpu: 'Profile with clinic.js or perf_hooks to find the hotspot. Check algorithm complexity — O(n²) over thousands of items is always the first target. Move heavy computation off the event loop (worker threads).',
+    memory: 'Take heap snapshots to identify retained objects. Implement LRU eviction on all caches. Remove event listeners on cleanup. Bound queue and buffer sizes. Configure GC flags for the workload.',
+    frontend: 'Measure Core Web Vitals (LCP, FID, CLS) with Lighthouse. Code-split by route. Lazy-load off-screen images. Tree-shake dependencies. Remove render-blocking scripts. Implement service worker caching.',
+    general: 'Establish a baseline measurement before optimising. Use a profiler to identify the actual bottleneck — never optimise by intuition. Fix one thing at a time and re-measure after each change.',
+};
+export function plan(task, context) {
+    const domain = detectDomain(task, context);
+    const domainSteps = {
+        database: [
+            'Enable query logging and collect the 10 slowest queries over a representative time window',
+            'Run EXPLAIN ANALYZE on each slow query — read the execution plan top to bottom',
+            'Identify sequential scans on large tables — these are the highest-priority index candidates',
+            'Add indexes for missing JOIN columns, frequent WHERE filters, and ORDER BY columns',
+            'Detect N+1 queries by counting DB calls per HTTP request (use a query counter middleware)',
+            'Fix N+1 by using JOIN, eager loading (include in ORM), or DataLoader batching',
+            'Implement query result caching for expensive read-only queries (Redis, in-memory LRU)',
+            'Review ORM-generated SQL — ORMs frequently produce inefficient queries',
+            'Set statement_timeout to prevent runaway queries from blocking the connection pool',
+            'Consider read replicas for analytics queries that do not need fresh data',
+            'Benchmark before and after with a realistic data volume (not an empty dev database)',
+        ],
+        network: [
+            'Capture a HAR file from the browser or use curl --trace for API calls',
+            'Measure Time to First Byte (TTFB) — high TTFB means server-side is slow',
+            'Enable HTTP/2 — multiplexes requests over a single connection',
+            'Enable Brotli or gzip compression on all text responses',
+            'Implement cache-control headers for static assets (immutable for hashed files)',
+            'Move static assets to a CDN geographically close to users',
+            'Reduce payload size — paginate, select only needed fields, avoid sending unused data',
+            'Implement connection pooling for HTTP clients making outbound requests',
+            'Add keep-alive headers to reuse TCP connections',
+            'Measure DNS lookup time — use DNS prefetching for known third-party domains',
+            'Benchmark with Apache Benchmark or k6 at realistic concurrency levels',
+        ],
+        cpu: [
+            'Run clinic.js flame or Node.js --prof to identify the CPU hotspot',
+            'Analyse the flame graph — find the widest block (most self-time)',
+            'Check the algorithm complexity of the hotspot — is it O(n²) over a large input?',
+            'Replace O(n²) nested loops with O(n) approaches using hash maps or sorting',
+            'Move CPU-heavy synchronous work to a worker thread pool (piscina)',
+            'Cache the results of deterministic expensive computations (memoisation)',
+            'Avoid creating large temporary arrays in hot paths — reuse buffers',
+            'Use Buffer.allocUnsafe() instead of Buffer.alloc() where the content is immediately overwritten',
+            'Profile again after the fix — confirm the hotspot is gone, not just moved',
+            'Add a performance regression test that benchmarks the fixed function',
+        ],
+        memory: [
+            'Take a heap snapshot with Chrome DevTools or --heapsnapshot-signal before the test',
+            'Run the operation that causes the memory growth',
+            'Take a second heap snapshot and use the Comparison view to find new retained objects',
+            'Identify the shortest GC root path to the retained objects',
+            'Find all unbounded caches and add LRU eviction (lru-cache npm package)',
+            'Audit all EventEmitter.on() calls — ensure off() is called in cleanup',
+            'Find all setInterval and setTimeout and ensure clearInterval/clearTimeout in cleanup',
+            'Check for closures that capture large objects unnecessarily',
+            'Set --max-old-space-size appropriately for the container memory limit',
+            'Monitor heap usage in production with process.memoryUsage() sent to metrics',
+            'Take a third heap snapshot after the fix to verify retention is resolved',
+        ],
+        frontend: [
+            'Run Lighthouse on the production URL and record the Core Web Vitals baseline',
+            'Fix Largest Contentful Paint (LCP) — preload the hero image, avoid render-blocking CSS/JS',
+            'Fix Cumulative Layout Shift (CLS) — reserve space for images and ads with width/height attributes',
+            'Fix First Input Delay / Interaction to Next Paint — break up long tasks (> 50ms) on the main thread',
+            'Implement route-based code splitting with dynamic import()',
+            'Lazy-load images below the fold with loading="lazy" or IntersectionObserver',
+            'Audit the JavaScript bundle with webpack-bundle-analyzer or vite-bundle-visualizer',
+            'Remove unused dependencies — check import cost of each third-party library',
+            'Tree-shake lodash — import { debounce } from \'lodash\' not import _ from \'lodash\'',
+            'Implement service worker caching for repeat visits (Workbox)',
+            'Serve next-gen image formats (WebP, AVIF) with <picture> fallback',
+            'Measure again with Lighthouse after each change — confirm improvement',
+        ],
+        general: [
+            'Establish a baseline — measure latency (p50, p95, p99), throughput (rps), CPU, and memory',
+            'Use a profiler appropriate to the stack — clinic.js, Pyspy, JProfiler, pprof',
+            'Identify the single largest bottleneck — fix that first before anything else',
+            'Check for database query issues (N+1, missing indexes, full table scans)',
+            'Check for algorithmic complexity issues (O(n²) loops)',
+            'Check for I/O blocking the event loop (synchronous file/network reads)',
+            'Check for memory pressure causing GC pauses',
+            'Fix one bottleneck at a time and re-measure after each change',
+            'Add performance regression tests to CI (k6, autocannon, benchmark.js)',
+            'Document the improvement with before/after numbers',
+        ],
+    };
+    return {
+        agent: 'performance',
+        task,
+        tier: 3,
+        approach: domainApproach[domain],
+        steps: domainSteps[domain],
+        checklist: [
+            '[ ] Baseline measurements recorded (p50/p95/p99 latency, throughput, CPU, memory)',
+            '[ ] Profiler run — bottleneck identified, not assumed',
+            '[ ] Highest-impact bottleneck fixed first',
+            '[ ] No N+1 query patterns in the hot path',
+            '[ ] All caches have a maximum size and eviction policy',
+            '[ ] No synchronous blocking I/O in async code paths',
+            '[ ] Algorithm complexity reviewed — no O(n²) over large inputs',
+            '[ ] Post-fix measurement confirms improvement',
+            '[ ] Performance regression test added to CI',
+            '[ ] Improvement documented with before/after numbers',
+        ],
+        pitfalls: [
+            'Optimising before profiling — wastes hours on non-bottlenecks',
+            'Caching without an eviction strategy — trades a performance problem for a memory leak',
+            'Fixing the wrong layer — optimising the API handler when the bottleneck is the database',
+            'Measuring on a development machine with a tiny dataset — results do not reflect production',
+            'Parallelising I/O without a concurrency limit — overwhelms the downstream service and causes cascading failure',
+            'Trusting microbenchmarks for macro performance — benchmark the real workload, not a toy example',
+        ],
+        patterns: [
+            'Memoisation (cache pure function results)',
+            'Lazy evaluation (compute on demand, not upfront)',
+            'Connection pooling (reuse expensive connections)',
+            'Read-through cache (populate cache on miss, serve from cache on hit)',
+            'Worker thread pool (offload CPU work from the event loop)',
+            'Pagination and cursor-based pagination (bound response size)',
+            'Index-only queries (cover all needed columns in the index)',
+        ],
+        duration_estimate: '4-8 hours',
+    };
+}
+//# sourceMappingURL=performance.js.map

package/dist/agents/development/refactor.js

@@ -0,0 +1,85 @@
+function detectFocus(task, context) {
+    const combined = (task + ' ' + (context ?? '')).toLowerCase();
+    if (combined.includes('complex') || combined.includes('nesting') || combined.includes('long function') || combined.includes('spaghetti'))
+        return 'complexity';
+    if (combined.includes('duplicat') || combined.includes('copy') || combined.includes('repeat') || combined.includes('dry'))
+        return 'duplication';
+    if (combined.includes('naming') || combined.includes('rename') || combined.includes('readab'))
+        return 'naming';
+    if (combined.includes('architect') || combined.includes('layer') || combined.includes('module') || combined.includes('structure'))
+        return 'architecture';
+    if (combined.includes('type') || combined.includes('any') || combined.includes('typescript') || combined.includes('interface'))
+        return 'types';
+    return 'general';
+}
+const focusApproach = {
+    complexity: 'Identify the most complex functions first using cyclomatic complexity metrics. Extract sub-functions, apply guard clauses, replace conditionals with polymorphism, reduce nesting step by step.',
+    duplication: 'Find all duplicated logic using diff tools or manual inspection. Extract to a shared utility/hook/module. Parameterise differences. Verify all callers still work after consolidation.',
+    naming: 'Rename systematically using IDE refactoring tools, not text-replace. Start with the most confusing names. Add JSDoc where a name alone is insufficient. Update all references atomically.',
+    architecture: 'Diagram the current structure, identify coupling hotspots, define the target architecture, then migrate incrementally with an anti-corruption layer during transition.',
+    types: 'Eliminate all implicit any types by enabling TypeScript strict mode. Define precise interfaces for all data shapes. Replace type assertions with proper narrowing. Add runtime validation at boundaries.',
+    general: 'Apply the Boy Scout Rule: leave the code cleaner than you found it. Identify the highest-impact improvement (complexity, duplication, naming, or architecture) and address it first.',
+};
+export function plan(task, context) {
+    const focus = detectFocus(task, context);
+    return {
+        agent: 'refactor',
+        task,
+        tier: 2,
+        approach: focusApproach[focus],
+        steps: [
+            'Run the full test suite and record the baseline — all tests must pass before and after',
+            'Identify code smells: long functions, deep nesting, duplicated logic, primitive obsession, feature envy',
+            'Prioritise by impact — fix the highest-complexity or most-duplicated code first',
+            'Add missing tests for code that lacks coverage before refactoring it',
+            'Apply extract function refactoring to any function longer than 30 lines',
+            'Apply guard clauses (early returns) to reduce nesting depth',
+            'Extract magic numbers and strings to named constants',
+            'Rename variables and functions to be self-documenting — eliminate abbreviations',
+            'Consolidate duplicated logic into shared utilities or base classes',
+            'Remove dead code — if it is not tested and not called, delete it',
+            'Apply TypeScript strict improvements — eliminate any, add precise types',
+            'Run the linter and formatter after each logical change',
+            'Run the full test suite again — compare with baseline, all tests must pass',
+            'Review the diff — if a single commit is too large, split into atomic changes',
+        ],
+        checklist: [
+            '[ ] All tests pass before starting refactoring',
+            '[ ] All tests still pass after each refactoring step',
+            '[ ] No function exceeds 30 lines of executable code after refactoring',
+            '[ ] Nesting depth reduced to maximum 3 levels',
+            '[ ] All magic numbers replaced with named constants',
+            '[ ] No duplicated code blocks (copy-paste > 5 lines)',
+            '[ ] All variables and functions have descriptive names',
+            '[ ] No implicit any types remain',
+            '[ ] Dead code removed (unused functions, imports, variables)',
+            '[ ] Linter passes with zero warnings',
+            '[ ] Code coverage not reduced by the refactoring',
+            '[ ] Each commit is a single atomic refactoring step',
+            '[ ] Public API is unchanged (or version-bumped if breaking)',
+            '[ ] Complexity metrics improved — measure before and after',
+        ],
+        pitfalls: [
+            'Refactoring without tests — you will not know if you broke something',
+            'Big-bang refactoring in one commit — impossible to review, high merge conflict risk',
+            'Renaming without IDE refactoring tools — misses call sites, creates runtime bugs',
+            'Extracting a function that is only called once without a clear abstraction reason',
+            'Changing behaviour while refactoring — refactoring must be semantics-preserving',
+            'Removing code that looks unused but is called via dynamic reflection or eval',
+            'Over-abstracting — a third function extracted for two call sites adds indirection without clarity',
+        ],
+        patterns: [
+            'Extract Function (Fowler refactoring catalogue)',
+            'Replace Conditional with Polymorphism',
+            'Guard Clause (replace nested conditionals with early returns)',
+            'Introduce Parameter Object (replace long parameter lists)',
+            'Replace Magic Number with Symbolic Constant',
+            'Move Function (reduce feature envy)',
+            'Inline Variable (remove unnecessary variable aliases)',
+            'Decompose Conditional',
+            'Consolidate Duplicate Conditional Fragments',
+        ],
+        duration_estimate: focus === 'architecture' ? '1-3 days' : '2-6 hours',
+    };
+}
+//# sourceMappingURL=refactor.js.map