npm - @luanpdd/kit-mcp - Versions diffs - 1.21.0 → 1.26.0 - Mend

@luanpdd/kit-mcp 1.21.0 → 1.26.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (275) hide show

package/LICENSE +21 -21
package/README.md +914 -648
package/kit/COMANDOS.md +138 -138
package/kit/README.md +76 -52
package/kit/agents/advisor-researcher.md +106 -106
package/kit/agents/assumptions-analyzer.md +107 -107
package/kit/agents/audit-log-implementer.md +138 -0
package/kit/agents/auditor-consistencia-isolamento.md +413 -0
package/kit/agents/codebase-mapper.md +768 -768
package/kit/agents/crm-pipeline-implementer.md +106 -0
package/kit/agents/debugger.md +813 -772
package/kit/agents/detector-tenant-quente.md +337 -0
package/kit/agents/evolution-go-integrator.md +21 -0
package/kit/agents/example-reviewer.md +21 -21
package/kit/agents/executor.md +564 -523
package/kit/agents/integration-checker.md +200 -200
package/kit/agents/invite-flow-implementer.md +52 -0
package/kit/agents/lgpd-compliance-auditor.md +89 -0
package/kit/agents/multi-tenant-isolation-auditor.md +10 -0
package/kit/agents/multi-tenant-rls-writer.md +78 -0
package/kit/agents/nyquist-auditor.md +178 -178
package/kit/agents/org-onboarding-implementer.md +21 -0
package/kit/agents/phase-researcher.md +696 -696
package/kit/agents/plan-checker.md +272 -272
package/kit/agents/planner.md +922 -891
package/kit/agents/project-researcher.md +652 -652
package/kit/agents/research-synthesizer.md +245 -245
package/kit/agents/roadmapper.md +677 -677
package/kit/agents/supabase-architect.md +27 -0
package/kit/agents/supabase-auth-bootstrapper.md +80 -0
package/kit/agents/supabase-column-privileges-writer.md +399 -0
package/kit/agents/supabase-migration-writer.md +141 -14
package/kit/agents/supabase-rbac-implementer.md +392 -0
package/kit/agents/supabase-rls-hardener.md +521 -0
package/kit/agents/supabase-rls-writer.md +105 -9
package/kit/agents/supabase-roles-implementer.md +355 -0
package/kit/agents/super-admin-implementer.md +99 -0
package/kit/agents/ui-auditor.md +437 -437
package/kit/agents/ui-checker.md +302 -302
package/kit/agents/ui-researcher.md +355 -355
package/kit/agents/user-profiler.md +175 -175
package/kit/agents/validador-evolucao-schema.md +335 -0
package/kit/agents/verifier.md +728 -728
package/kit/commands/adicionar-backlog.md +75 -75
package/kit/commands/adicionar-fase.md +42 -42
package/kit/commands/adicionar-tarefa.md +45 -45
package/kit/commands/adicionar-testes.md +41 -41
package/kit/commands/ajuda.md +21 -21
package/kit/commands/atualizar.md +37 -37
package/kit/commands/auditar-marco.md +179 -179
package/kit/commands/auditar-uat.md +23 -23
package/kit/commands/autonomo.md +40 -40
package/kit/commands/branch-pr.md +24 -24
package/kit/commands/concluir-marco.md +247 -247
package/kit/commands/configuracoes.md +36 -36
package/kit/commands/dados-distribuidos.md +188 -0
package/kit/commands/definir-perfil.md +10 -10
package/kit/commands/depurar.md +190 -190
package/kit/commands/discutir-fase.md +131 -131
package/kit/commands/entrar-discord.md +17 -17
package/kit/commands/estatisticas.md +18 -18
package/kit/commands/example-greeting.md +33 -33
package/kit/commands/executar-fase.md +58 -58
package/kit/commands/expresso.md +56 -56
package/kit/commands/fase-ui.md +34 -34
package/kit/commands/fazer.md +57 -57
package/kit/commands/fio.md +125 -125
package/kit/commands/fluxos-trabalho.md +64 -64
package/kit/commands/forense.md +176 -176
package/kit/commands/gerenciador.md +38 -38
package/kit/commands/inserir-fase.md +31 -31
package/kit/commands/limpeza.md +17 -17
package/kit/commands/listar-hipoteses-fase.md +45 -45
package/kit/commands/listar-workspaces.md +18 -18
package/kit/commands/mapear-codebase.md +70 -70
package/kit/commands/nota.md +33 -33
package/kit/commands/novo-marco.md +43 -43
package/kit/commands/novo-projeto.md +41 -41
package/kit/commands/novo-workspace.md +43 -43
package/kit/commands/pausar-trabalho.md +37 -37
package/kit/commands/perfil-usuario.md +45 -45
package/kit/commands/pesquisar-fase.md +195 -195
package/kit/commands/planejar-fase.md +67 -67
package/kit/commands/planejar-lacunas.md +33 -33
package/kit/commands/plantar-ideia.md +25 -25
package/kit/commands/progresso.md +24 -24
package/kit/commands/proximo.md +30 -30
package/kit/commands/publicar.md +490 -490
package/kit/commands/rapido.md +35 -35
package/kit/commands/reaplicar-patches.md +124 -124
package/kit/commands/relatorio-sessao.md +19 -19
package/kit/commands/remover-fase.md +31 -31
package/kit/commands/remover-workspace.md +26 -26
package/kit/commands/resumo-marco.md +50 -50
package/kit/commands/retomar-trabalho.md +40 -40
package/kit/commands/revisar-backlog.md +60 -60
package/kit/commands/revisar-ui.md +32 -32
package/kit/commands/revisar.md +37 -37
package/kit/commands/saude.md +21 -21
package/kit/commands/setup-notion.md +93 -93
package/kit/commands/supabase.md +55 -8
package/kit/commands/sync-main.md +68 -68
package/kit/commands/validar-fase.md +35 -35
package/kit/commands/verificar-tarefas.md +44 -44
package/kit/commands/verificar-trabalho.md +64 -64
package/kit/file-manifest.json +52 -32
package/kit/framework/bin/lib/commands.cjs +959 -959
package/kit/framework/bin/lib/config.cjs +442 -442
package/kit/framework/bin/lib/core.cjs +1230 -1230
package/kit/framework/bin/lib/frontmatter.cjs +336 -336
package/kit/framework/bin/lib/init.cjs +1442 -1442
package/kit/framework/bin/lib/milestone.cjs +252 -252
package/kit/framework/bin/lib/model-profiles.cjs +68 -68
package/kit/framework/bin/lib/phase.cjs +888 -888
package/kit/framework/bin/lib/profile-output.cjs +952 -952
package/kit/framework/bin/lib/profile-pipeline.cjs +539 -539
package/kit/framework/bin/lib/roadmap.cjs +329 -329
package/kit/framework/bin/lib/security.cjs +382 -382
package/kit/framework/bin/lib/state.cjs +1031 -1031
package/kit/framework/bin/lib/template.cjs +222 -222
package/kit/framework/bin/lib/uat.cjs +282 -282
package/kit/framework/bin/lib/verify.cjs +888 -888
package/kit/framework/bin/lib/workstream.cjs +491 -491
package/kit/framework/bin/tools.cjs +918 -918
package/kit/framework/commands/workstreams.md +63 -63
package/kit/framework/references/checkpoints.md +778 -778
package/kit/framework/references/continuation-format.md +249 -249
package/kit/framework/references/decimal-phase-calculation.md +64 -64
package/kit/framework/references/git-integration.md +295 -295
package/kit/framework/references/git-planning-commit.md +38 -38
package/kit/framework/references/model-profile-resolution.md +36 -36
package/kit/framework/references/model-profiles.md +139 -139
package/kit/framework/references/phase-argument-parsing.md +61 -61
package/kit/framework/references/planning-config.md +202 -202
package/kit/framework/references/questioning.md +162 -162
package/kit/framework/references/tdd.md +263 -263
package/kit/framework/references/ui-brand.md +160 -160
package/kit/framework/references/user-profiling.md +657 -657
package/kit/framework/references/verification-patterns.md +612 -612
package/kit/framework/references/workstream-flag.md +58 -58
package/kit/framework/templates/DEBUG.md +164 -164
package/kit/framework/templates/UAT.md +265 -265
package/kit/framework/templates/UI-SPEC.md +100 -100
package/kit/framework/templates/VALIDATION.md +76 -76
package/kit/framework/templates/claude-md.md +122 -122
package/kit/framework/templates/codebase/architecture.md +185 -185
package/kit/framework/templates/codebase/concerns.md +205 -205
package/kit/framework/templates/codebase/conventions.md +204 -204
package/kit/framework/templates/codebase/integrations.md +192 -192
package/kit/framework/templates/codebase/stack.md +158 -158
package/kit/framework/templates/codebase/structure.md +199 -199
package/kit/framework/templates/codebase/testing.md +301 -301
package/kit/framework/templates/config.json +44 -44
package/kit/framework/templates/context.md +352 -352
package/kit/framework/templates/continue-here.md +78 -78
package/kit/framework/templates/copilot-instructions.md +7 -7
package/kit/framework/templates/debug-subagent-prompt.md +91 -91
package/kit/framework/templates/dev-preferences.md +20 -20
package/kit/framework/templates/discovery.md +146 -146
package/kit/framework/templates/discussion-log.md +63 -63
package/kit/framework/templates/milestone-archive.md +123 -123
package/kit/framework/templates/milestone.md +115 -115
package/kit/framework/templates/phase-prompt.md +610 -610
package/kit/framework/templates/planner-subagent-prompt.md +117 -117
package/kit/framework/templates/project.md +186 -186
package/kit/framework/templates/requirements.md +231 -231
package/kit/framework/templates/research-project/ARCHITECTURE.md +204 -204
package/kit/framework/templates/research-project/FEATURES.md +147 -147
package/kit/framework/templates/research-project/PITFALLS.md +200 -200
package/kit/framework/templates/research-project/STACK.md +120 -120
package/kit/framework/templates/research-project/SUMMARY.md +170 -170
package/kit/framework/templates/research.md +419 -419
package/kit/framework/templates/retrospective.md +54 -54
package/kit/framework/templates/roadmap.md +202 -202
package/kit/framework/templates/state.md +176 -176
package/kit/framework/templates/summary-complex.md +59 -59
package/kit/framework/templates/summary-minimal.md +41 -41
package/kit/framework/templates/summary-standard.md +48 -48
package/kit/framework/templates/summary.md +209 -209
package/kit/framework/templates/user-profile.md +146 -146
package/kit/framework/templates/user-setup.md +256 -256
package/kit/framework/templates/verification-report.md +258 -258
package/kit/framework/workflows/add-phase.md +112 -112
package/kit/framework/workflows/add-tests.md +351 -351
package/kit/framework/workflows/add-todo.md +158 -158
package/kit/framework/workflows/audit-milestone.md +340 -340
package/kit/framework/workflows/audit-uat.md +109 -109
package/kit/framework/workflows/autonomous.md +891 -891
package/kit/framework/workflows/check-todos.md +177 -177
package/kit/framework/workflows/cleanup.md +152 -152
package/kit/framework/workflows/complete-milestone.md +696 -696
package/kit/framework/workflows/diagnose-issues.md +231 -231
package/kit/framework/workflows/discovery-phase.md +289 -289
package/kit/framework/workflows/discuss-phase-assumptions.md +653 -653
package/kit/framework/workflows/discuss-phase.md +784 -784
package/kit/framework/workflows/do.md +104 -104
package/kit/framework/workflows/execute-phase.md +838 -838
package/kit/framework/workflows/execute-plan.md +510 -510
package/kit/framework/workflows/fast.md +102 -102
package/kit/framework/workflows/forensics.md +265 -265
package/kit/framework/workflows/health.md +181 -181
package/kit/framework/workflows/help.md +619 -619
package/kit/framework/workflows/insert-phase.md +130 -130
package/kit/framework/workflows/list-phase-assumptions.md +178 -178
package/kit/framework/workflows/list-workspaces.md +56 -56
package/kit/framework/workflows/manager.md +362 -362
package/kit/framework/workflows/map-codebase.md +377 -377
package/kit/framework/workflows/milestone-summary.md +223 -223
package/kit/framework/workflows/new-milestone.md +486 -486
package/kit/framework/workflows/new-project.md +1159 -1159
package/kit/framework/workflows/new-workspace.md +237 -237
package/kit/framework/workflows/next.md +97 -97
package/kit/framework/workflows/node-repair.md +92 -92
package/kit/framework/workflows/note.md +156 -156
package/kit/framework/workflows/pause-work.md +176 -176
package/kit/framework/workflows/plan-milestone-gaps.md +273 -273
package/kit/framework/workflows/plan-phase.md +765 -765
package/kit/framework/workflows/plant-seed.md +169 -169
package/kit/framework/workflows/pr-branch.md +129 -129
package/kit/framework/workflows/profile-user.md +450 -450
package/kit/framework/workflows/progress.md +507 -507
package/kit/framework/workflows/quick.md +757 -757
package/kit/framework/workflows/remove-phase.md +155 -155
package/kit/framework/workflows/remove-workspace.md +90 -90
package/kit/framework/workflows/research-phase.md +82 -82
package/kit/framework/workflows/resume-project.md +326 -326
package/kit/framework/workflows/review.md +228 -228
package/kit/framework/workflows/session-report.md +146 -146
package/kit/framework/workflows/settings.md +283 -283
package/kit/framework/workflows/ship.md +228 -228
package/kit/framework/workflows/stats.md +60 -60
package/kit/framework/workflows/transition.md +671 -671
package/kit/framework/workflows/ui-phase.md +302 -302
package/kit/framework/workflows/ui-review.md +165 -165
package/kit/framework/workflows/update.md +323 -323
package/kit/framework/workflows/validate-phase.md +174 -174
package/kit/framework/workflows/verify-phase.md +252 -252
package/kit/framework/workflows/verify-work.md +637 -637
package/kit/hooks/check-update.js +118 -118
package/kit/hooks/context-monitor.js +163 -163
package/kit/hooks/prompt-guard.js +103 -103
package/kit/hooks/statusline.js +125 -125
package/kit/hooks/workflow-guard.js +101 -101
package/kit/settings.json +45 -45
package/kit/skills/_shared-dados-distribuidos/glossary.md +224 -0
package/kit/skills/_shared-supabase/glossary.md +27 -0
package/kit/skills/armadilhas-sistemas-distribuidos/SKILL.md +447 -0
package/kit/skills/audit-log-multi-tenant/SKILL.md +6 -0
package/kit/skills/cascading-failures/SKILL.md +4 -0
package/kit/skills/consistencia-leitura-replica/SKILL.md +385 -0
package/kit/skills/crm-lead-pipeline-patterns/SKILL.md +17 -0
package/kit/skills/escolha-modelo-consistencia/SKILL.md +495 -0
package/kit/skills/evolucao-schema-compativel/SKILL.md +448 -0
package/kit/skills/example-skill/SKILL.md +42 -42
package/kit/skills/multi-tenant-performance-scaling/SKILL.md +4 -0
package/kit/skills/multi-tenant-rls-hierarchy/SKILL.md +4 -0
package/kit/skills/postgres-isolamento-concorrencia/SKILL.md +552 -0
package/kit/skills/rbac-permissions-matrix-supabase/SKILL.md +37 -0
package/kit/skills/streams-eventos-cdc/SKILL.md +712 -0
package/kit/skills/supabase-column-level-security/SKILL.md +426 -0
package/kit/skills/supabase-cron-queues/SKILL.md +9 -0
package/kit/skills/supabase-custom-claims-rbac/SKILL.md +472 -0
package/kit/skills/supabase-database-functions/SKILL.md +85 -0
package/kit/skills/supabase-migrations/SKILL.md +133 -11
package/kit/skills/supabase-postgres-roles/SKILL.md +392 -0
package/kit/skills/supabase-rls-defense-in-depth/SKILL.md +418 -0
package/kit/skills/supabase-rls-policies/SKILL.md +462 -12
package/kit/skills/super-admin-platform-pattern/SKILL.md +4 -0
package/kit/skills/tenant-quente-mitigacao/SKILL.md +605 -0
package/package.json +63 -63
package/src/core/kit.js +216 -216
package/src/core/reflect.js +247 -247
package/src/core/reverse-sync.js +372 -372
package/src/core/sync.js +418 -418
package/src/core/watch.js +121 -121

package/kit/skills/evolucao-schema-compativel/SKILL.md ADDED Viewed

@@ -0,0 +1,448 @@
+---
+name: evolucao-schema-compativel
+description: Use ao escrever migration Postgres ou versionar contrato API Edge Function — padrão 3-passos (adicionar nullable → backfill em batches → impor NOT NULL), análogos Avro/Protobuf de schema evolution para Postgres (rename via view, alargamento seguro, mudança de default em coluna em uso), rolling upgrade client-side com JWT/session compat.
+---
+# Evolução de Schema Compatível — Padrão 3-Passos + Rolling Upgrade
+## Quando usar
+LLM carrega esta skill ao escrever migration Postgres ou versionar contrato de API em Edge Function Supabase com risco de quebra de compat. Trigger phrases:
+- "alterar coluna existente", "add not null em coluna em uso"
+- "migration sem downtime", "padrão 3-passos backfill"
+- "schema evolution Postgres", "Avro Postgres", "Protobuf Postgres"
+- "compat backward forward", "rolling upgrade Edge Function"
+- "renomear coluna sem downtime", "drop column antigo", "narrow type unsafe"
+- "versionar payload API", "JWT compat entre versões"
+Esta skill **estende** [`supabase-migrations`](../supabase-migrations/SKILL.md) (v1.8) — herda naming convention, RLS obrigatório e style guide; adiciona o padrão 3-passos canônico DDIA Ch 4 traduzido para Postgres.
+Material-fonte: *Designing Data-Intensive Applications*, Martin Kleppmann (O'Reilly 2017), capítulo 4 "Encoding and Evolution". Termos canônicos PT-BR ↔ EN definidos em [`../_shared-dados-distribuidos/glossary.md`](../_shared-dados-distribuidos/glossary.md) seção (g).
+## Regras absolutas
+**REGRA #1 (nunca adicionar NOT NULL em coluna existente direto):** `ALTER TABLE ... ALTER COLUMN x SET NOT NULL` em coluna em uso **DEVE** ser feita após backfill 100% verificado. Adicionar direto trava a tabela com `AccessExclusiveLock` enquanto Postgres scaneia toda a tabela validando — bloqueia reads/writes; pode demorar minutos em tabelas grandes; falha se houver 1 NULL remanescente.
+**REGRA #2 (nunca DROP COLUMN sem 2-fase):** `ALTER TABLE ... DROP COLUMN x` quebra rolling upgrade. App v1 ainda lendo a coluna recebe erro. Padrão correto: marcar deprecated em V2 (app não escreve mais), DROP em V3 (após 100% das instâncias V1 desligadas).
+**REGRA #3 (nunca narrow type direto):** `ALTER TABLE ... ALTER COLUMN x TYPE varchar(50)` em coluna `varchar(255)` em uso **DEVE** falhar se houver row com valor > 50 chars; mesmo se passar, viola forward compat (app antigo escreve string longa, falha). Padrão: nova coluna `x_short` + backfill com truncamento + transição V1→V2 → DROP da antiga.
+**REGRA #4 (nunca mudar default em coluna em uso direto):** `ALTER TABLE ... ALTER COLUMN x SET DEFAULT 'novo'` muda comportamento de inserts em pleno rolling upgrade (V1 não passa default explícito, espera o antigo; V2 espera o novo). Padrão: 2-passos (nova coluna shadow com novo default → backfill → swap).
+**REGRA #5 (Edge Function: nunca remover campo required do payload):** Cliente antigo enviando payload sem o campo novo deve continuar funcionando até forçar upgrade. Adicionar campo = optional + default no servidor; remover campo = manter como ignored por N versões antes de deletar; renomear = aceitar ambos os nomes durante transição.
+**REGRA #6 (rolling upgrade preserva ambas as versões em produção):** Em qualquer momento durante deploy, **V1 e V2 coexistem**. Schema/payload de dados em trânsito **DEVE** atender backward compat (V2 lê dados V1) **E** forward compat (V1 lê dados V2 ignorando campos novos).
+## Patterns canônicos
+### Padrão 3-passos: adicionar coluna NOT NULL em tabela em uso
+Pattern canônico DDIA Ch 4 ("rolling upgrade") aplicado a Postgres:
+```sql
+-- ============================================================
+-- MIGRATION 1 (V1+V2 coexistindo): adicionar coluna NULLABLE
+-- ============================================================
+-- Header v1.8 supabase-migrations
+-- Purpose: adicionar coluna phone_country a leads (3-passos, parte 1)
+-- Affected: public.leads
+-- Special considerations: coluna fica nullable temporariamente
+alter table public.leads
+  add column phone_country text;
+  -- nullable por default, sem CHECK ainda
+-- App V1 não usa essa coluna — ignora (forward compat OK)
+-- App V2 começa a escrever phone_country quando criar leads novos
+-- Linhas antigas continuam com NULL (sem quebrar V1)
+-- Index opcional para queries futuras
+create index if not exists leads_phone_country_idx
+  on public.leads (phone_country)
+  where phone_country is not null;
+```
+```sql
+-- ============================================================
+-- MIGRATION 2 (após V2 100% deployado): backfill em batches
+-- ============================================================
+-- Executar via job pg_cron OU script externo, NÃO em migration
+-- (migrations devem ser rápidas; backfill em loop)
+do $$
+declare
+  rows_updated int;
+begin
+  loop
+    -- Batch de 10k rows por iteração — evita lock prolongado
+    update public.leads
+    set phone_country = case
+      when contact_phone like '+55%' then 'BR'
+      when contact_phone like '+1%'  then 'US'
+      when contact_phone like '+44%' then 'UK'
+      else 'UNKNOWN'
+    end
+    where ctid in (
+      select ctid from public.leads
+      where phone_country is null
+      limit 10000
+    );
+    get diagnostics rows_updated = row_count;
+    exit when rows_updated = 0;
+    -- Pausa entre batches — alivia replication lag e WAL pressure
+    perform pg_sleep(0.1);
+  end loop;
+end $$;
+-- Verificar 100% backfilled antes de prosseguir
+select count(*) as remaining_nulls
+from public.leads
+where phone_country is null;
+-- DEVE retornar 0
+```
+```sql
+-- ============================================================
+-- MIGRATION 3 (apenas após backfill 100% verificado): NOT NULL
+-- ============================================================
+-- Postgres 12+ otimiza esta operação SE houver CHECK constraint VALID
+-- antes — escaneamento full table não acontece.
+-- Passo 3a: adicionar CHECK constraint NOT VALID (não escaneia)
+alter table public.leads
+  add constraint leads_phone_country_check
+  check (phone_country is not null) not valid;
+-- Passo 3b: validar a constraint (escaneia mas usa ShareUpdateExclusiveLock,
+-- não AccessExclusiveLock — reads/writes continuam funcionando)
+alter table public.leads
+  validate constraint leads_phone_country_check;
+-- Passo 3c: adicionar NOT NULL (Postgres 12+ usa a CHECK validada,
+-- pula escaneamento, lock breve)
+alter table public.leads
+  alter column phone_country set not null;
+-- Passo 3d: remover a CHECK redundante (NOT NULL já cobre)
+alter table public.leads
+  drop constraint leads_phone_country_check;
+```
+**Por que 3 migrations e não 1:** entre Migration 1 e 3 precisa haver:
+- Deploy completo de V2 (que escreve `phone_country`)
+- Backfill rodado e verificado (pode levar horas em tabelas grandes)
+- Janela de validação (opcional: 24-72h para confirmar zero NULLs novos)
+### Análogos Avro/Protobuf → Postgres (matriz canônica)
+| Operação Avro/Protobuf | Compat Avro/Protobuf | Equivalente Postgres | Compat Postgres |
+|---|---|---|---|
+| Add field with default | backward + forward | `ADD COLUMN x text DEFAULT 'val'` | backward + forward (V1 ignora coluna nova; V2 lê valor explícito ou default) |
+| Add field required (sem default) | quebra forward | 3-passos (add nullable → backfill → SET NOT NULL) | seguro com 3-passos |
+| Remove optional field | backward + forward (Avro) | 2-passos (V2 não escreve mais → `DROP COLUMN` em V3) | seguro com 2-fase |
+| Remove required field | quebra ambos | NUNCA fazer; deprecate com 2-passos | seguro apenas se 100% V1 desligado |
+| Rename field | backward + forward via aliases (Avro) | `CREATE OR REPLACE VIEW` mantém nome antigo + nova coluna real | seguro via view alias |
+| Widen type (int32 → int64) | backward + forward (Avro/Protobuf) | `ALTER TABLE ... ALTER COLUMN x TYPE bigint` (em coluna `int`) | seguro (sem rewrite em Postgres 12+) |
+| Narrow type (int64 → int32) | quebra ambos | nova coluna + backfill com cast + swap | inseguro direto |
+| Widen string (varchar(50) → varchar(255)) | backward + forward | `ALTER TABLE ... ALTER COLUMN x TYPE varchar(255)` | seguro (catalog-only change Postgres 9.2+) |
+| Narrow string (varchar(255) → varchar(50)) | quebra ambos | nova coluna `x_short` + backfill com truncate + swap | inseguro direto |
+| Change default value | quebra forward | 2-passos (nova coluna shadow → backfill → swap) | inseguro direto em coluna em uso |
+### Rename de coluna via view (zero downtime)
+```sql
+-- ============================================================
+-- Cenário: renomear leads.contact_phone → leads.phone_e164
+-- ============================================================
+-- MIGRATION 1: criar nova coluna + backfill + view de compat
+alter table public.leads add column phone_e164 text;
+-- Backfill (em batches conforme padrão acima)
+update public.leads set phone_e164 = contact_phone where phone_e164 is null;
+-- VIEW expondo nome antigo para apps V1 — backward compat
+create or replace view public.leads_v1 as
+  select
+    id,
+    org_id,
+    phone_e164 as contact_phone,  -- alias preserva nome antigo
+    contact_email,
+    stage,
+    created_at
+  from public.leads;
+-- App V1 lê de leads_v1 (vê contact_phone)
+-- App V2 lê de leads (vê phone_e164)
+-- Ambos coexistem
+-- MIGRATION 2 (após 100% V2 deployado e validado N dias):
+drop view public.leads_v1;
+alter table public.leads drop column contact_phone;
+-- (Note: contact_phone aqui é a coluna ANTIGA renomeada via cópia,
+--  no exemplo simplificado backfill copiou; em rename real você
+--  faria backfill + DROP da antiga após swap)
+```
+### Mudança de default em coluna em uso (2-passos)
+```sql
+-- ============================================================
+-- Cenário: leads.stage default 'lead' → 'qualified'
+-- ============================================================
+-- ❌ ERRADO (1-passo direto):
+-- alter table public.leads alter column stage set default 'qualified';
+-- Quebra rolling upgrade: V1 inserts sem default explícito esperam 'lead'
+-- ✅ CERTO (2-passos):
+-- MIGRATION 1: criar coluna shadow com novo default
+alter table public.leads
+  add column stage_v2 text default 'qualified';
+-- Backfill (apenas rows novas/atualizadas; rows antigas mantêm stage original)
+-- Em V2 deployment: app escreve em AMBAS as colunas durante transição
+-- MIGRATION 2 (após V2 100% deployado escrevendo em ambas):
+-- swap atomic
+begin;
+  alter table public.leads drop column stage;
+  alter table public.leads rename column stage_v2 to stage;
+commit;
+```
+### Versionamento de payload em Edge Functions Supabase
+```typescript
+// ============================================================
+// supabase/functions/lead-create/index.ts
+// Padrão de versionamento de payload com backward + forward compat
+// ============================================================
+import { serve } from 'jsr:@supabase/functions-js'
+// V1 schema — original
+interface LeadPayloadV1 {
+  org_id: string
+  contact_email: string
+  contact_phone: string
+}
+// V2 schema — adiciona campos opcionais (forward compat: V1 não envia)
+interface LeadPayloadV2 extends LeadPayloadV1 {
+  phone_country?: string      // optional — V1 clients omitem
+  source_channel?: 'web' | 'whatsapp' | 'api'  // optional + enum
+  utm_campaign?: string       // optional
+}
+// V3 deprecation: contact_phone vira opcional (substituído por phone_e164)
+interface LeadPayloadV3 extends Omit<LeadPayloadV2, 'contact_phone'> {
+  contact_phone?: string      // ainda aceito mas deprecated — emitir warning
+  phone_e164?: string         // novo nome canônico — preferred
+}
+Deno.serve(async (req) => {
+  const payload = await req.json() as LeadPayloadV3
+  // 1. Resolver alias (backward compat: V1 e V2 ainda enviam contact_phone)
+  const phone = payload.phone_e164 ?? payload.contact_phone
+  if (!phone) {
+    return new Response(
+      JSON.stringify({ error: 'phone required (phone_e164 or contact_phone)' }),
+      { status: 400 }
+    )
+  }
+  // 2. Aplicar defaults para campos novos opcionais (forward compat)
+  const phoneCountry = payload.phone_country ?? inferCountryFromPhone(phone)
+  const sourceChannel = payload.source_channel ?? 'api'  // default
+  // 3. Emitir deprecation warning para clients antigos (não bloquear)
+  const warnings: string[] = []
+  if (payload.contact_phone && !payload.phone_e164) {
+    warnings.push('contact_phone is deprecated; use phone_e164 (will be removed in v4)')
+  }
+  // 4. Inserir com schema atual do DB
+  // ... insert logic ...
+  return new Response(
+    JSON.stringify({ success: true, warnings }),
+    { headers: { 'content-type': 'application/json' } }
+  )
+})
+function inferCountryFromPhone(phone: string): string {
+  if (phone.startsWith('+55')) return 'BR'
+  if (phone.startsWith('+1')) return 'US'
+  return 'UNKNOWN'
+}
+```
+**Regras de versionamento de payload aplicadas acima:**
+1. **Add field optional** — V2 adiciona `phone_country?`, `source_channel?` — V1 clients funcionam sem enviá-los (server aplica default)
+2. **Never-remove-required** — `contact_phone` foi marcado opcional em V3 (não removido) — V1/V2 clients ainda funcionam
+3. **Aliasing for rename** — V3 aceita ambos `contact_phone` e `phone_e164` durante transição
+4. **Deprecation warning** — server emite warning não-bloqueante para clients usando campo antigo, dando sinal para upgrade
+### Rolling upgrade client-side com JWT/session compat
+```typescript
+// ============================================================
+// Pattern: deploy escalonado V1+V2 coexistindo no SDK do cliente
+// ============================================================
+// JWT contém versão do schema que o cliente conhece
+// Cliente V1 tem JWT com schema_version: 1
+// Cliente V2 tem JWT com schema_version: 2 (após refreshSession após upgrade)
+// Server lê JWT e adapta resposta — backward compat
+import { createClient } from 'jsr:@supabase/supabase-js'
+const supabase = createClient(SUPABASE_URL, SUPABASE_ANON_KEY)
+async function fetchLead(leadId: string) {
+  const { data: { session } } = await supabase.auth.getSession()
+  const schemaVersion = session?.user?.app_metadata?.schema_version ?? 1
+  // Buscar do DB (sempre schema atual)
+  const { data: lead } = await supabase
+    .from('leads')
+    .select('id, org_id, contact_email, phone_e164, phone_country, source_channel')
+    .eq('id', leadId)
+    .single()
+  if (!lead) return null
+  // Adaptar response para a versão do JWT
+  if (schemaVersion === 1) {
+    // Cliente V1 não conhece phone_e164/source_channel — converter para nomes antigos
+    return {
+      id: lead.id,
+      org_id: lead.org_id,
+      contact_email: lead.contact_email,
+      contact_phone: lead.phone_e164,  // alias para nome antigo
+      // omite phone_country e source_channel (cliente V1 não usa)
+    }
+  }
+  return lead  // Cliente V2 recebe schema completo
+}
+// Após upgrade do cliente para V2, chamar refreshSession
+// para obter JWT com schema_version: 2
+async function upgradeClientVersion() {
+  await supabase.auth.refreshSession()
+  // Hook custom JWT no servidor seta app_metadata.schema_version = 2
+}
+```
+## Anti-patterns
+### Anti-pattern 1: ADD COLUMN NOT NULL em tabela com dados (1-passo)
+**Errado:**
+```sql
+alter table public.leads add column phone_country text not null default 'BR';
+```
+**Por quê:**
+- Trava a tabela com `AccessExclusiveLock` enquanto Postgres reescreve cada row preenchendo o default. Em tabelas com milhões de rows isso pode travar reads/writes por minutos.
+- Se a tabela é particionada, locks são tomados em todas as partições.
+- Default fixo `'BR'` é wrong para tenants internacionais — viola correção do dado.
+**Certo:** padrão 3-passos (add nullable → backfill conditional → SET NOT NULL).
+### Anti-pattern 2: DROP COLUMN durante rolling upgrade
+**Errado:**
+```sql
+-- App V1 ainda em produção lê leads.legacy_field
+alter table public.leads drop column legacy_field;
+-- Boom: V1 quebra com "column does not exist"
+```
+**Por quê:** quebra backward compat instantaneamente. Mesmo que apenas 1% das instâncias V1 ainda esteja rodando, esse 1% trava.
+**Certo:** 2-fase. V2 para de escrever/ler `legacy_field` (mas tolera presença). Após 100% V1 desligado por janela de segurança (24-72h), DROP COLUMN.
+### Anti-pattern 3: ALTER COLUMN TYPE narrow direto
+**Errado:**
+```sql
+alter table public.leads alter column contact_email type varchar(50);
+-- Falha se houver email > 50 chars; mesmo passando, V1 que escreve email longo quebra
+```
+**Por quê:** narrowing quebra forward compat. App antigo (V1) que ainda envia strings de 100 chars vai falhar com violation. Mesmo se você "souber" que dados atuais cabem, app V1 em produção pode escrever long string a qualquer momento.
+**Certo:** nova coluna `email_short varchar(50)` + backfill com truncate + swap após V2 100% deployado.
+### Anti-pattern 4: rename via `ALTER TABLE RENAME COLUMN` durante rolling upgrade
+**Errado:**
+```sql
+alter table public.leads rename column contact_phone to phone_e164;
+-- App V1 que ainda referencia contact_phone quebra IMEDIATAMENTE
+```
+**Por quê:** não há janela de coexistência. V1 e V2 não podem ler colunas com nomes diferentes ao mesmo tempo. Postgres não tem conceito nativo de "alias" para coluna como Avro tem para field.
+**Certo:** nova coluna + view alias para nome antigo + backfill + DROP da view e coluna antiga após V2 100%. Ver pattern `Rename de coluna via view (zero downtime)` acima.
+### Anti-pattern 5: remover campo required do payload da Edge Function sem deprecation
+**Errado:**
+```typescript
+// V2 da Edge Function rejeita request V1 sem o novo campo
+interface LeadPayload {
+  org_id: string
+  contact_email: string
+  source_channel: 'web' | 'whatsapp' | 'api'  // novo, marcado required
+}
+// Cliente V1 que não envia source_channel recebe 400
+```
+**Por quê:** quebra forward compat. SDK V1 instalado em apps mobile não atualizados continua mandando payload antigo. Forçar upgrade instantâneo é hostile (mobile apps demoram dias para atualizar).
+**Certo:** novo campo = `optional` no servidor. Server aplica default razoável quando ausente. Após N versões (~3 meses) e telemetria mostrando 0% de requests sem o campo, considerar tornar required.
+### Anti-pattern 6: schema migration sem schema registry equivalente em Postgres (info loss)
+**Errado:** confiar que "todo dev sabe que `leads.tier` é um enum com valores `free/pro/enterprise`" sem documentar.
+**Por quê:** Avro/Protobuf têm schema registry centralizado — schema é dado de primeira classe. Em Postgres puro, schema vive no código + memória do dev. Após 6 meses, ninguém lembra que `tier` é enum implícito.
+**Certo:**
+- Use `CHECK constraint` para enforçar valores válidos no DB: `tier text check (tier in ('free','pro','enterprise'))`
+- Use `COMMENT ON COLUMN public.leads.tier IS 'enum free|pro|enterprise — see schema docs'` para documentação no catálogo Postgres
+- Consider Postgres `ENUM` type quando valores são realmente fechados (mas trade-off: ALTER TYPE ADD VALUE precisa cuidado em transações)
+## Checklist pré-merge de migration
+Antes de aceitar PR com migration que modifica coluna existente:
+- [ ] É ADD COLUMN sem default — sem risco (NULL ok)
+- [ ] É ADD COLUMN com default constante — verificar tamanho da tabela; se >100k rows, considerar 3-passos
+- [ ] É ADD COLUMN NOT NULL — **REQUER 3-passos** (add nullable → backfill → SET NOT NULL)
+- [ ] É DROP COLUMN — **REQUER 2-fase** (V2 para de usar → DROP em V3)
+- [ ] É ALTER COLUMN TYPE — **WIDENING ok, NARROWING requer pattern shadow column**
+- [ ] É ALTER COLUMN SET DEFAULT em coluna em uso — **REQUER 2-passos** (shadow column)
+- [ ] É RENAME COLUMN — **REQUER pattern view alias** durante rolling upgrade
+- [ ] Migration é idempotent (`IF NOT EXISTS`, `IF EXISTS`)
+- [ ] Backfill (se houver) está em script externo / pg_cron job, não na migration
+## Ver também
+- [`../_shared-dados-distribuidos/glossary.md`](../_shared-dados-distribuidos/glossary.md) — termos canônicos PT-BR ↔ EN: `rolling upgrade`, `backward compatibility`, `forward compatibility`, `schema evolution`, `Avro`, `Protocol Buffers`, `schema registry` (seção g)
+- [`../supabase-migrations/SKILL.md`](../supabase-migrations/SKILL.md) — naming convention `YYYYMMDDHHmmss_short.sql`, header de metadados, RLS obrigatório (v1.8 herdado)
+- [`../supabase-declarative-schema/SKILL.md`](../supabase-declarative-schema/SKILL.md) — workflow `stop → db diff -f → revisar → apply` (v1.8)
+- [`../supabase-database-functions/SKILL.md`](../supabase-database-functions/SKILL.md) — funções PG com `STABLE` marker para uso em backfill (v1.8)
+- [`../supabase-edge-functions/SKILL.md`](../supabase-edge-functions/SKILL.md) — Deno + imports `npm:`/`jsr:` para Edge Functions com versionamento de payload (v1.8)
+- [`../supabase-postgres-style/SKILL.md`](../supabase-postgres-style/SKILL.md) — convenções SQL (snake_case, lowercase reserved, ISO 8601) (v1.8)
+- DDIA cap. 4 "Encoding and Evolution" — fonte canônica do padrão rolling upgrade
+- [Martin Kleppmann — Schema evolution in Avro, Protocol Buffers and Thrift](https://martin.kleppmann.com/2012/12/05/schema-evolution-in-avro-protocol-buffers-thrift.html)

package/kit/skills/example-skill/SKILL.md CHANGED Viewed

@@ -1,42 +1,42 @@
----
-name: example-skill
-description: Example skill template. Replace with your own. Use when the user mentions "example", "demo", or asks how skills work.
----
-# Example skill
-This is the SKILL.md of an example skill. Skills are lightweight expertise
-packs that an LLM loads when its description matches the user's intent.
-## When to use
-The frontmatter `description` is what triggers a skill. Be specific about
-*when* to use it, not just *what* it does.
-Example trigger phrases:
-- "show me an example skill"
-- "how do skills work"
-- "demo the skill loading"
-## What this skill does
-When loaded, this skill instructs the LLM to:
-1. Acknowledge that the example skill loaded.
-2. Explain in one sentence what skills are.
-3. Point the user at `kit/skills/<name>/SKILL.md` so they know where to author their own.
-## References
-Optional `references/` folder next to this file can hold longer docs the LLM
-loads only when needed (saves context window). For example:
-```
-kit/skills/example-skill/
-├── SKILL.md         (this file — always loaded when triggered)
-└── references/
-    ├── advanced-usage.md
-    └── api-reference.md
-```
-Replace this whole folder with your own skill when ready.
+---
+name: example-skill
+description: Example skill template. Replace with your own. Use when the user mentions "example", "demo", or asks how skills work.
+---
+# Example skill
+This is the SKILL.md of an example skill. Skills are lightweight expertise
+packs that an LLM loads when its description matches the user's intent.
+## When to use
+The frontmatter `description` is what triggers a skill. Be specific about
+*when* to use it, not just *what* it does.
+Example trigger phrases:
+- "show me an example skill"
+- "how do skills work"
+- "demo the skill loading"
+## What this skill does
+When loaded, this skill instructs the LLM to:
+1. Acknowledge that the example skill loaded.
+2. Explain in one sentence what skills are.
+3. Point the user at `kit/skills/<name>/SKILL.md` so they know where to author their own.
+## References
+Optional `references/` folder next to this file can hold longer docs the LLM
+loads only when needed (saves context window). For example:
+```
+kit/skills/example-skill/
+├── SKILL.md         (this file — always loaded when triggered)
+└── references/
+    ├── advanced-usage.md
+    └── api-reference.md
+```
+Replace this whole folder with your own skill when ready.

package/kit/skills/multi-tenant-performance-scaling/SKILL.md CHANGED Viewed

@@ -300,6 +300,10 @@ create index members_user_active_idx
 Apenas rows ativas no index. Tamanho 10× menor, query plan idêntico em hot path.
+## Detecção e Mitigação de Tenant Quente (v1.22+)
+> Para detectar e mitigar o "tenant Justin Bieber" (1 tenant >>> outros), ver skill [`tenant-quente-mitigacao`](../tenant-quente-mitigacao/SKILL.md) (v1.22 — DDIA Ch 6). Cobre 3 métricas canônicas (queries/min, storage GB, conexões), 5 estratégias de mitigação (rate limit, pool isolado, replica dedicada, MV, request shaping), particionamento range vs hash para tenant_id, e rebalanceamento sem downtime.
 ## Ver também
 - [b2b-saas-architecture](../b2b-saas-architecture/SKILL.md) — schema canônico que esta skill performance-otimiza (skill irmã)

package/kit/skills/multi-tenant-rls-hierarchy/SKILL.md CHANGED Viewed

@@ -327,6 +327,10 @@ create policy "super_admin_bypass" on public.leads as permissive for all to auth
 **Certo:** policy super_admin OK, mas **toda operação super_admin** deve emitir evento `super_admin_action` em `audit_log` (Phase 109). Trigger AFTER INSERT/UPDATE/DELETE em tabelas críticas que checa `private.is_super_admin()` e registra.
+## Invariantes Linearizáveis Cross-Tenant (v1.22+)
+> Para uniqueness constraints cross-org (slug global, license key) e padrões `SELECT FOR UPDATE` em writes cross-tenant, ver skill [`escolha-modelo-consistencia`](../escolha-modelo-consistencia/SKILL.md) (v1.22 — DDIA Ch 9). Resumo: deixe `UNIQUE` constraint Postgres disparar via `INSERT ... ON CONFLICT DO NOTHING RETURNING` em vez de UPDATE+SELECT em nível de app (race window).
 ## Ver também
 - [supabase-rls-policies](../supabase-rls-policies/SKILL.md) — anti-patterns base v1.8 herdados (REGRA #6)