@mmerterden/multi-agent-pipeline 8.6.1 → 10.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +544 -2484
- package/README.md +117 -138
- package/docs/features.md +1 -1
- package/index.js +8 -10
- package/install/_adapters.mjs +5 -1
- package/install/_common.mjs +63 -0
- package/install/claude.mjs +14 -14
- package/install/copilot.mjs +14 -8
- package/install/index.mjs +85 -19
- package/install/templates/claude-hooks.json +18 -0
- package/install/templates/copilot-instructions.md +3 -3
- package/package.json +21 -6
- package/pipeline/adapters/_base.mjs +366 -14
- package/pipeline/adapters/antigravity.mjs +140 -0
- package/pipeline/adapters/codex.mjs +159 -0
- package/pipeline/adapters/copilot-chat-orchestration.mjs +148 -0
- package/pipeline/adapters/copilot-chat.mjs +34 -68
- package/pipeline/adapters/cursor-orchestration.mjs +152 -0
- package/pipeline/adapters/cursor.mjs +49 -90
- package/pipeline/agents/android-architect.md +5 -5
- package/pipeline/agents/backend-architect.md +4 -4
- package/pipeline/agents/code-reviewer.md +10 -10
- package/pipeline/agents/dev-critic.md +17 -17
- package/pipeline/agents/explorer.md +3 -3
- package/pipeline/agents/ios-architect.md +4 -4
- package/pipeline/agents/security-auditor.md +12 -12
- package/pipeline/agents/task-clarifier.md +18 -18
- package/pipeline/claude-md-template.md +3 -3
- package/pipeline/commands/archive-guard.md +3 -3
- package/pipeline/commands/figma-to-swiftui.md +10 -10
- package/pipeline/commands/multi-agent/_account-picker.md +13 -9
- package/pipeline/commands/multi-agent/_dev-context.md +15 -15
- package/pipeline/commands/multi-agent/_input-parser.md +4 -4
- package/pipeline/commands/multi-agent/_repo-picker.md +9 -9
- package/pipeline/commands/multi-agent/analysis-resolve.md +129 -0
- package/pipeline/commands/multi-agent/analysis.md +667 -0
- package/pipeline/commands/multi-agent/autopilot.md +22 -22
- package/pipeline/commands/multi-agent/build-optimize.md +77 -0
- package/pipeline/commands/multi-agent/channels.md +96 -96
- package/pipeline/commands/multi-agent/delete.md +19 -17
- package/pipeline/commands/multi-agent/dev-autopilot.md +23 -23
- package/pipeline/commands/multi-agent/dev-local-autopilot.md +23 -23
- package/pipeline/commands/multi-agent/dev-local.md +25 -22
- package/pipeline/commands/multi-agent/dev.md +49 -49
- package/pipeline/commands/multi-agent/diff-explain.md +4 -4
- package/pipeline/commands/multi-agent/garbage-collect.md +58 -0
- package/pipeline/commands/multi-agent/help.md +75 -66
- package/pipeline/commands/multi-agent/issue.md +3 -3
- package/pipeline/commands/multi-agent/jira.md +12 -12
- package/pipeline/commands/multi-agent/kill.md +6 -6
- package/pipeline/commands/multi-agent/language.md +12 -12
- package/pipeline/commands/multi-agent/local-autopilot.md +34 -34
- package/pipeline/commands/multi-agent/local.md +24 -25
- package/pipeline/commands/multi-agent/log.md +6 -6
- package/pipeline/commands/multi-agent/manual-test.md +3 -3
- package/pipeline/commands/multi-agent/prune-logs.md +60 -0
- package/pipeline/commands/multi-agent/purge.md +10 -7
- package/pipeline/commands/multi-agent/refactor.md +9 -9
- package/pipeline/commands/multi-agent/refs/analysis-template.md +1062 -0
- package/pipeline/commands/multi-agent/refs/android-guide.md +15 -13
- package/pipeline/commands/multi-agent/refs/audit-guide.md +20 -20
- package/pipeline/commands/multi-agent/refs/backend-guide.md +9 -9
- package/pipeline/commands/multi-agent/refs/channels/confluence.md +17 -17
- package/pipeline/commands/multi-agent/refs/channels/issue-comment.md +30 -30
- package/pipeline/commands/multi-agent/refs/channels/jira.md +15 -15
- package/pipeline/commands/multi-agent/refs/channels/pr-review-actions.md +19 -17
- package/pipeline/commands/multi-agent/refs/channels/pr.md +22 -22
- package/pipeline/commands/multi-agent/refs/channels/wiki.md +19 -19
- package/pipeline/commands/multi-agent/refs/component-dispatch.md +11 -11
- package/pipeline/commands/multi-agent/refs/conventions-defaults.md +179 -0
- package/pipeline/commands/multi-agent/refs/cross-cli-contract.md +35 -33
- package/pipeline/commands/multi-agent/refs/features/dev-critic.md +5 -5
- package/pipeline/commands/multi-agent/refs/features/external-context-injection.md +6 -6
- package/pipeline/commands/multi-agent/refs/features/model-fallback.md +73 -0
- package/pipeline/commands/multi-agent/refs/features/plan-todos.md +1 -1
- package/pipeline/commands/multi-agent/refs/features/prior-fix-detection.md +4 -4
- package/pipeline/commands/multi-agent/refs/features/repo-map.md +6 -6
- package/pipeline/commands/multi-agent/refs/features/shadow-git.md +2 -2
- package/pipeline/commands/multi-agent/refs/frontend-guide.md +16 -16
- package/pipeline/commands/multi-agent/refs/issue-jira-triad.md +18 -18
- package/pipeline/commands/multi-agent/refs/keychain.md +18 -8
- package/pipeline/commands/multi-agent/refs/knowledge.md +9 -9
- package/pipeline/commands/multi-agent/refs/multi-repo-integration-build.md +19 -19
- package/pipeline/commands/multi-agent/refs/phases/log-format.md +29 -9
- package/pipeline/commands/multi-agent/refs/phases/modes.md +33 -33
- package/pipeline/commands/multi-agent/refs/phases/operations.md +11 -11
- package/pipeline/commands/multi-agent/refs/phases/phase-0-init.md +93 -57
- package/pipeline/commands/multi-agent/refs/phases/phase-1-analysis.md +59 -28
- package/pipeline/commands/multi-agent/refs/phases/phase-2-planning.md +115 -63
- package/pipeline/commands/multi-agent/refs/phases/phase-3-dev.md +99 -36
- package/pipeline/commands/multi-agent/refs/phases/phase-4-review.md +160 -63
- package/pipeline/commands/multi-agent/refs/phases/phase-5-test.md +33 -18
- package/pipeline/commands/multi-agent/refs/phases/phase-6-commit.md +45 -43
- package/pipeline/commands/multi-agent/refs/phases/phase-7-report.md +54 -28
- package/pipeline/commands/multi-agent/refs/phases.md +17 -17
- package/pipeline/commands/multi-agent/refs/picker-contract.md +65 -0
- package/pipeline/commands/multi-agent/refs/progress-contract.md +37 -21
- package/pipeline/commands/multi-agent/refs/rules.md +83 -25
- package/pipeline/commands/multi-agent/refs/swiftui-guide.md +32 -30
- package/pipeline/commands/multi-agent/refs/tracker-contract.md +54 -30
- package/pipeline/commands/multi-agent/refs/wiki-capture.md +36 -33
- package/pipeline/commands/multi-agent/resume.md +9 -9
- package/pipeline/commands/multi-agent/review.md +24 -24
- package/pipeline/commands/multi-agent/scan.md +10 -10
- package/pipeline/commands/multi-agent/search.md +8 -8
- package/pipeline/commands/multi-agent/setup.md +111 -84
- package/pipeline/commands/multi-agent/stack.md +5 -5
- package/pipeline/commands/multi-agent/status.md +5 -5
- package/pipeline/commands/multi-agent/sync.md +123 -111
- package/pipeline/commands/multi-agent/test.md +6 -6
- package/pipeline/commands/multi-agent/update.md +1 -1
- package/pipeline/commands/multi-agent.md +66 -60
- package/pipeline/commands/sim-test.md +14 -14
- package/pipeline/eval/golden-tasks/01-ios-bugfix-darkmode/expected/phase-1-analysis.json +1 -1
- package/pipeline/eval/golden-tasks/01-ios-bugfix-darkmode/expected/phase-4-review.json +2 -2
- package/pipeline/eval/golden-tasks/01-ios-bugfix-darkmode/expected/phase-4-triage.json +2 -2
- package/pipeline/eval/golden-tasks/01-ios-bugfix-darkmode/metadata.json +1 -1
- package/pipeline/eval/golden-tasks/02-android-feature-compose/expected/phase-1-analysis.json +2 -2
- package/pipeline/eval/golden-tasks/02-android-feature-compose/expected/phase-4-review.json +3 -3
- package/pipeline/eval/golden-tasks/02-android-feature-compose/expected/phase-4-triage.json +4 -4
- package/pipeline/eval/golden-tasks/02-android-feature-compose/metadata.json +1 -1
- package/pipeline/eval/golden-tasks/02-android-feature-compose/task.json +1 -1
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/expected/phase-1-analysis.json +29 -0
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/expected/phase-2-plan.json +42 -0
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/expected/phase-4-review.json +20 -0
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/expected/phase-4-triage.json +15 -0
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/03-backend-python-ratelimit/task.json +12 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/expected/phase-1-analysis.json +29 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/expected/phase-2-plan.json +40 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/expected/phase-4-review.json +20 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/expected/phase-4-triage.json +15 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/04-frontend-next-hydration/task.json +12 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/expected/phase-1-analysis.json +29 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/expected/phase-2-plan.json +42 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/expected/phase-4-review.json +28 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/expected/phase-4-triage.json +27 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/05-ios-security-keychain/task.json +12 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/expected/phase-1-analysis.json +29 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/expected/phase-2-plan.json +41 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/expected/phase-4-review.json +12 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/expected/phase-4-triage.json +6 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/06-android-refactor-usecase/task.json +12 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/expected/phase-1-analysis.json +29 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/expected/phase-2-plan.json +42 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/expected/phase-4-review.json +28 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/expected/phase-4-triage.json +27 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/07-backend-node-idempotency/task.json +12 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/expected/phase-1-analysis.json +25 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/expected/phase-2-plan.json +31 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/expected/phase-4-review.json +12 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/expected/phase-4-triage.json +18 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/metadata.json +14 -0
- package/pipeline/eval/golden-tasks/08-ios-auth-consensus-unverified/task.json +12 -0
- package/pipeline/eval/golden-tasks/README.md +14 -14
- package/pipeline/eval/intent-cases.json +40 -0
- package/pipeline/eval/run-metrics-fixture.json +46 -0
- package/pipeline/eval/triage/01-empty-findings/notes.md +1 -1
- package/pipeline/eval/triage/02-real-blocker/notes.md +2 -2
- package/pipeline/eval/triage/03-out-of-scope-defer/notes.md +1 -1
- package/pipeline/eval/triage/04-false-positive-reject/notes.md +1 -1
- package/pipeline/eval/triage/05-mixed-classification/notes.md +2 -2
- package/pipeline/eval/triage/06-severity-mismatch/notes.md +2 -2
- package/pipeline/eval/triage/07-duplicate-reviewers/notes.md +1 -1
- package/pipeline/eval/triage/08-style-misclassified/notes.md +1 -1
- package/pipeline/eval/triage/09-cascading-finding/notes.md +2 -2
- package/pipeline/eval/triage/10-deferred-crossref/notes.md +2 -2
- package/pipeline/eval/triage/11-vercel-token-leak-blocker/expected.json +3 -3
- package/pipeline/eval/triage/11-vercel-token-leak-blocker/input.json +2 -2
- package/pipeline/eval/triage/11-vercel-token-leak-blocker/notes.md +5 -5
- package/pipeline/eval/triage/README.md +4 -4
- package/pipeline/lib/account-resolver.sh +3 -3
- package/pipeline/lib/ask-choice.sh +98 -0
- package/pipeline/lib/channels-multi-repo.sh +3 -3
- package/pipeline/lib/classify-intent.sh +110 -0
- package/pipeline/lib/context-link-extractor.sh +3 -3
- package/pipeline/lib/credential-store-resolver.sh +3 -3
- package/pipeline/lib/credential-store.sh +9 -5
- package/pipeline/lib/extract-conventions.sh +1034 -0
- package/pipeline/lib/fetch-confluence.sh +3 -3
- package/pipeline/lib/fetch-crashlytics.sh +5 -5
- package/pipeline/lib/fetch-fortify.sh +5 -21
- package/pipeline/lib/fetch-swagger.sh +5 -5
- package/pipeline/lib/figma-screenshot.sh +536 -0
- package/pipeline/lib/issue-fetcher.sh +46 -20
- package/pipeline/lib/md2confluence-v3.py +1076 -0
- package/pipeline/lib/multi-repo-pipeline.sh +13 -22
- package/pipeline/lib/plan-todos.sh +7 -7
- package/pipeline/lib/post-pr-review.sh +53 -21
- package/pipeline/lib/repo-cache.sh +5 -5
- package/pipeline/lib/review-watch.sh +17 -13
- package/pipeline/lib/shadow-git.sh +7 -7
- package/pipeline/lib/submodule-detector.sh +3 -3
- package/pipeline/lib/vercel-deploy.sh +28 -15
- package/pipeline/preferences-template.json +21 -4
- package/pipeline/rules/app-store-guidelines.md +2 -2
- package/pipeline/rules/code-style.md +6 -6
- package/pipeline/rules/figma-pipeline.md +100 -2
- package/pipeline/rules/kotlin-android.md +8 -8
- package/pipeline/rules/security.md +4 -4
- package/pipeline/rules/tdd.md +1 -1
- package/pipeline/rules/testing.md +5 -5
- package/pipeline/schemas/agent-state.schema.json +55 -20
- package/pipeline/schemas/analysis-output.schema.json +7 -2
- package/pipeline/schemas/analysis-spec.schema.json +484 -0
- package/pipeline/schemas/clarify-output.schema.json +5 -5
- package/pipeline/schemas/conventions-output.schema.json +70 -0
- package/pipeline/schemas/dev-critic-output.schema.json +2 -2
- package/pipeline/schemas/diff-risk.schema.json +3 -3
- package/pipeline/schemas/figma-project-config.schema.json +3 -3
- package/pipeline/schemas/learnings-ledger.schema.json +39 -0
- package/pipeline/schemas/migrations/README.md +2 -2
- package/pipeline/schemas/migrations/figma-config-1.0.0-to-2.0.0.mjs +5 -5
- package/pipeline/schemas/migrations/prefs-2.0.0-to-2.1.0.mjs +3 -3
- package/pipeline/schemas/migrations/prefs-2.1.0-to-2.2.0.mjs +4 -4
- package/pipeline/schemas/migrations/prefs-2.2.0-to-2.3.0.mjs +5 -5
- package/pipeline/schemas/migrations/state-2.0.0-to-2.1.0.mjs +3 -3
- package/pipeline/schemas/plan-todos.schema.json +4 -4
- package/pipeline/schemas/planning-output.schema.json +3 -3
- package/pipeline/schemas/prefs.schema.json +97 -13
- package/pipeline/schemas/reviewer-output.schema.json +7 -3
- package/pipeline/schemas/test-gap.schema.json +1 -1
- package/pipeline/schemas/token-budget.json +8 -8
- package/pipeline/schemas/triage-corpus.schema.json +1 -1
- package/pipeline/schemas/triage-output.schema.json +44 -6
- package/pipeline/scripts/README.md +64 -64
- package/pipeline/scripts/aggregate-metrics.mjs +55 -16
- package/pipeline/scripts/audit-log-rotate.sh +3 -3
- package/pipeline/scripts/audit-log.sh +20 -7
- package/pipeline/scripts/benchmark-phase-0.sh +6 -6
- package/pipeline/scripts/build-skills-index.mjs +15 -15
- package/pipeline/scripts/check-md-links.mjs +59 -0
- package/pipeline/scripts/classify-plan-safety.mjs +24 -18
- package/pipeline/scripts/cost-budget-check.mjs +160 -0
- package/pipeline/scripts/cost-table.json +23 -13
- package/pipeline/scripts/diff-explain.mjs +12 -12
- package/pipeline/scripts/diff-risk-score.mjs +18 -17
- package/pipeline/scripts/eval-golden-tasks-live.mjs +13 -10
- package/pipeline/scripts/eval-golden-tasks.mjs +3 -14
- package/pipeline/scripts/eval-intent.mjs +103 -0
- package/pipeline/scripts/eval-triage.mjs +3 -3
- package/pipeline/scripts/evidence-gate.mjs +155 -0
- package/pipeline/scripts/fixtures/install-layout.tsv +9 -9
- package/pipeline/scripts/gc-tmp.sh +102 -0
- package/pipeline/scripts/gen-mode-dispatch.mjs +27 -21
- package/pipeline/scripts/gen-skills-index.mjs +6 -6
- package/pipeline/scripts/github-ssh-setup.sh +1 -1
- package/pipeline/scripts/keychain-save.sh +1 -1
- package/pipeline/scripts/keychain.py +6 -6
- package/pipeline/scripts/learnings-ledger.mjs +284 -0
- package/pipeline/scripts/lint-skills.mjs +80 -0
- package/pipeline/scripts/log-metric.sh +18 -9
- package/pipeline/scripts/match-skills.mjs +13 -8
- package/pipeline/scripts/memory-load.sh +3 -3
- package/pipeline/scripts/memory-save.sh +5 -5
- package/pipeline/scripts/migrate-prefs.mjs +17 -17
- package/pipeline/scripts/migrate-state.mjs +12 -12
- package/pipeline/scripts/output-quality-check.sh +7 -7
- package/pipeline/scripts/phase-banner.sh +5 -5
- package/pipeline/scripts/phase-tracker.sh +90 -53
- package/pipeline/scripts/pre-commit-check.sh +45 -5
- package/pipeline/scripts/pre-push-check.sh +7 -7
- package/pipeline/scripts/prune-logs.sh +118 -0
- package/pipeline/scripts/render-agent-log-cost.sh +55 -18
- package/pipeline/scripts/render-cost-summary.sh +9 -9
- package/pipeline/scripts/render-work-summary.sh +4 -4
- package/pipeline/scripts/repo-map.mjs +9 -9
- package/pipeline/scripts/run-aggregator.mjs +7 -6
- package/pipeline/scripts/run-metrics.mjs +129 -0
- package/pipeline/scripts/run-smokes.mjs +76 -0
- package/pipeline/scripts/scan-skills.sh +11 -11
- package/pipeline/scripts/search-logs.sh +8 -8
- package/pipeline/scripts/sign-skills.sh +2 -2
- package/pipeline/scripts/smoke-adapters.sh +79 -10
- package/pipeline/scripts/smoke-add-detail.sh +5 -5
- package/pipeline/scripts/smoke-agent-log-cost.sh +85 -6
- package/pipeline/scripts/smoke-agent-model-routing.sh +3 -3
- package/pipeline/scripts/smoke-ask-choice.sh +42 -0
- package/pipeline/scripts/smoke-bitbucket-contract.sh +19 -3
- package/pipeline/scripts/smoke-changelog-version.sh +47 -0
- package/pipeline/scripts/smoke-channels-flow.sh +1 -1
- package/pipeline/scripts/smoke-ci-workflows.sh +5 -5
- package/pipeline/scripts/smoke-clarify.sh +3 -3
- package/pipeline/scripts/smoke-commands-skills-parity.sh +4 -4
- package/pipeline/scripts/smoke-community-gates.sh +75 -0
- package/pipeline/scripts/smoke-compliance-skills.sh +5 -5
- package/pipeline/scripts/smoke-cost-budget.sh +70 -0
- package/pipeline/scripts/smoke-cost-summary.sh +4 -4
- package/pipeline/scripts/smoke-cross-cli-behavior.sh +50 -9
- package/pipeline/scripts/smoke-cross-phase-cohesion.sh +5 -5
- package/pipeline/scripts/smoke-delete-flow.sh +5 -5
- package/pipeline/scripts/smoke-dev-critic.sh +2 -2
- package/pipeline/scripts/smoke-diff-explain.sh +22 -3
- package/pipeline/scripts/smoke-diff-risk.sh +1 -1
- package/pipeline/scripts/smoke-dynamic-skill-loading.sh +1 -1
- package/pipeline/scripts/smoke-eval-live.sh +4 -4
- package/pipeline/scripts/smoke-evidence-gate.sh +93 -0
- package/pipeline/scripts/smoke-existing-discovery-gate.sh +1 -1
- package/pipeline/scripts/smoke-extract-conventions.sh +163 -0
- package/pipeline/scripts/smoke-figma-android-parity.sh +1 -1
- package/pipeline/scripts/smoke-figma-credential-store.sh +3 -3
- package/pipeline/scripts/smoke-figma-cross-cli-inventory.sh +12 -12
- package/pipeline/scripts/smoke-figma-dispatch.sh +5 -5
- package/pipeline/scripts/smoke-figma-sync.sh +1 -1
- package/pipeline/scripts/smoke-gate-hooks.sh +56 -0
- package/pipeline/scripts/smoke-gc-tmp.sh +84 -0
- package/pipeline/scripts/smoke-identity-isolation.sh +7 -7
- package/pipeline/scripts/smoke-install-layout.sh +10 -10
- package/pipeline/scripts/smoke-intent-guard.sh +86 -0
- package/pipeline/scripts/smoke-issue-comment-template.sh +3 -3
- package/pipeline/scripts/smoke-issue-jira-triad.sh +1 -1
- package/pipeline/scripts/smoke-keychain.sh +6 -6
- package/pipeline/scripts/smoke-language-axis.sh +2 -2
- package/pipeline/scripts/smoke-learnings-ledger.sh +86 -0
- package/pipeline/scripts/smoke-lib-scripts.sh +2 -2
- package/pipeline/scripts/smoke-mcp-gate.sh +68 -0
- package/pipeline/scripts/smoke-md-links.sh +8 -0
- package/pipeline/scripts/smoke-md2confluence.sh +126 -0
- package/pipeline/scripts/smoke-metrics-cache-ratio.sh +72 -0
- package/pipeline/scripts/smoke-migrate-state.sh +10 -10
- package/pipeline/scripts/smoke-mode-dispatch-drift.sh +7 -4
- package/pipeline/scripts/smoke-model-fallback.sh +80 -0
- package/pipeline/scripts/smoke-multi-repo-integration.sh +3 -3
- package/pipeline/scripts/smoke-multi-repo-worktree.sh +1 -1
- package/pipeline/scripts/smoke-no-mcp-in-dev-phases.sh +115 -0
- package/pipeline/scripts/smoke-no-token-prompt.sh +31 -15
- package/pipeline/scripts/smoke-pat-audit.sh +26 -5
- package/pipeline/scripts/smoke-per-repo-memory.sh +1 -1
- package/pipeline/scripts/smoke-phase-0-multi-repo.sh +1 -1
- package/pipeline/scripts/smoke-phase-6-multi.sh +2 -2
- package/pipeline/scripts/smoke-phase-banner.sh +1 -1
- package/pipeline/scripts/smoke-phase-tracker.sh +1 -1
- package/pipeline/scripts/smoke-phase0-bridge-contract.sh +4 -4
- package/pipeline/scripts/smoke-phase4-triage.sh +94 -7
- package/pipeline/scripts/smoke-plan-approval-gate.sh +3 -3
- package/pipeline/scripts/smoke-plan-safety.sh +1 -1
- package/pipeline/scripts/smoke-plan-todos.sh +7 -4
- package/pipeline/scripts/smoke-pr-review-actions.sh +2 -2
- package/pipeline/scripts/smoke-pre-commit.sh +34 -2
- package/pipeline/scripts/smoke-pref-migration.sh +1 -1
- package/pipeline/scripts/smoke-prefs-language.sh +5 -5
- package/pipeline/scripts/smoke-progress-contract.sh +3 -3
- package/pipeline/scripts/smoke-prune-logs.sh +87 -0
- package/pipeline/scripts/smoke-push-retry.sh +1 -1
- package/pipeline/scripts/smoke-readme-counts.sh +1 -1
- package/pipeline/scripts/smoke-repo-map.sh +9 -9
- package/pipeline/scripts/smoke-review-watch.sh +12 -0
- package/pipeline/scripts/smoke-run-aggregator.sh +7 -7
- package/pipeline/scripts/smoke-run-metrics.sh +50 -0
- package/pipeline/scripts/smoke-schema-validation.sh +18 -11
- package/pipeline/scripts/smoke-search.sh +5 -5
- package/pipeline/scripts/smoke-shared-runtime.sh +108 -0
- package/pipeline/scripts/smoke-skill-authoring.sh +13 -13
- package/pipeline/scripts/smoke-skill-language.sh +4 -4
- package/pipeline/scripts/smoke-skill-manifest.sh +2 -2
- package/pipeline/scripts/smoke-skill-scan.sh +2 -2
- package/pipeline/scripts/smoke-stack-swap.sh +2 -2
- package/pipeline/scripts/smoke-subagent-validators.sh +8 -5
- package/pipeline/scripts/smoke-sync-adapters.sh +1 -1
- package/pipeline/scripts/smoke-sync-delegation.sh +7 -7
- package/pipeline/scripts/smoke-sync-parity.sh +1 -1
- package/pipeline/scripts/smoke-tasklist-ordering.sh +7 -7
- package/pipeline/scripts/smoke-telemetry.sh +1 -1
- package/pipeline/scripts/smoke-test-gap.sh +5 -5
- package/pipeline/scripts/smoke-token-budget.sh +1 -1
- package/pipeline/scripts/smoke-tracker-contract.sh +6 -6
- package/pipeline/scripts/smoke-tracker-tokens-invocation.sh +9 -1
- package/pipeline/scripts/smoke-triage-memory.sh +2 -2
- package/pipeline/scripts/smoke-url-enrichment.sh +2 -2
- package/pipeline/scripts/smoke-validator-contradiction.sh +1 -1
- package/pipeline/scripts/smoke-validator-gates.sh +164 -0
- package/pipeline/scripts/smoke-vercel-deploy-redact.sh +11 -11
- package/pipeline/scripts/smoke-wiki-integration.sh +2 -2
- package/pipeline/scripts/smoke-work-summary.sh +3 -3
- package/pipeline/scripts/smoke-worktree-path-convention.sh +4 -4
- package/pipeline/scripts/smoke-write-state.sh +2 -2
- package/pipeline/scripts/stack-swap.sh +3 -3
- package/pipeline/scripts/sync-adapters.mjs +37 -10
- package/pipeline/scripts/sync-parity-check.sh +6 -6
- package/pipeline/scripts/test-gap-scan.mjs +11 -13
- package/pipeline/scripts/token-budget-report.mjs +4 -4
- package/pipeline/scripts/triage-memory.mjs +6 -6
- package/pipeline/scripts/uninstall.mjs +42 -4
- package/pipeline/scripts/update-issue-progress.sh +2 -2
- package/pipeline/scripts/validate-analysis.mjs +19 -21
- package/pipeline/scripts/validate-diff-risk.mjs +4 -4
- package/pipeline/scripts/validate-planning.mjs +3 -3
- package/pipeline/scripts/validate-reviewer.mjs +4 -4
- package/pipeline/scripts/validate-schemas.mjs +4 -4
- package/pipeline/scripts/validate-test-gap.mjs +4 -4
- package/pipeline/scripts/validate-triage.mjs +68 -9
- package/pipeline/scripts/verify-skills.sh +7 -7
- package/pipeline/scripts/write-state.mjs +49 -11
- package/pipeline/skills/.skill-manifest.json +245 -149
- package/pipeline/skills/.skills-index.json +236 -47
- package/pipeline/skills/figma-android/README.md +5 -5
- package/pipeline/skills/figma-android/figma-component-code-connect/SKILL.md +3 -3
- package/pipeline/skills/figma-android/figma-component-implement/SKILL.md +8 -8
- package/pipeline/skills/figma-android/figma-component-test/SKILL.md +4 -4
- package/pipeline/skills/figma-android/figma-component-wiki/SKILL.md +5 -5
- package/pipeline/skills/figma-android/figma-to-component/SKILL.md +14 -14
- package/pipeline/skills/figma-common/README.md +29 -29
- package/pipeline/skills/figma-common/figma-cli-iterate/SKILL.md +20 -15
- package/pipeline/skills/figma-common/figma-cli-iterate-mend/SKILL.md +35 -30
- package/pipeline/skills/figma-common/figma-cli-lean-iterate/SKILL.md +35 -30
- package/pipeline/skills/figma-common/figma-cli-skip/SKILL.md +20 -20
- package/pipeline/skills/figma-common/figma-commit/COMMON_REBASE.md +32 -32
- package/pipeline/skills/figma-common/figma-commit/REVIEW.md +9 -9
- package/pipeline/skills/figma-common/figma-commit/SKILL.md +25 -20
- package/pipeline/skills/figma-common/figma-component-confluence-sync/SKILL.md +11 -6
- package/pipeline/skills/figma-common/figma-component-start/SKILL.md +30 -25
- package/pipeline/skills/figma-common/figma-component-status-update/SKILL.md +9 -4
- package/pipeline/skills/figma-common/figma-fix/SKILL.md +27 -22
- package/pipeline/skills/figma-common/figma-form-integration/SKILL.md +38 -38
- package/pipeline/skills/figma-common/figma-issue/SKILL.md +39 -34
- package/pipeline/skills/figma-common/figma-iterate/SKILL.md +20 -15
- package/pipeline/skills/figma-common/figma-iteration-commit/SKILL.md +44 -39
- package/pipeline/skills/figma-common/figma-mend/SKILL.md +6 -6
- package/pipeline/skills/figma-common/figma-price-integration/SKILL.md +30 -30
- package/pipeline/skills/figma-common/figma-remote-mcp-auth/SKILL.md +1 -1
- package/pipeline/skills/figma-common/figma-review/SKILL.md +31 -26
- package/pipeline/skills/figma-common/figma-setup/SKILL.md +11 -11
- package/pipeline/skills/figma-common/figma-setup/scripts/fetch-mcp-token.py +5 -5
- package/pipeline/skills/figma-common/figma-skip/SKILL.md +6 -6
- package/pipeline/skills/figma-common/figma-ui-patterns/SKILL.md +12 -12
- package/pipeline/skills/figma-common/figma-utility/SKILL.md +4 -4
- package/pipeline/skills/figma-common/figma-utility/scripts/figma-utility.py +1 -1
- package/pipeline/skills/figma-common/figma-validate/SKILL.md +48 -48
- package/pipeline/skills/figma-common/performance-iteration-commit-all/SKILL.md +42 -37
- package/pipeline/skills/figma-common/performance-review-next/SKILL.md +23 -18
- package/pipeline/skills/figma-common/performance-start/SKILL.md +52 -47
- package/pipeline/skills/figma-common/performance-swiftui/SKILL.md +68 -68
- package/pipeline/skills/figma-common/performance-tour/SKILL.md +42 -37
- package/pipeline/skills/figma-ios/REVIEW_CHECKLIST.md +16 -16
- package/pipeline/skills/figma-ios/figma-component-code-connect/SKILL.md +15 -15
- package/pipeline/skills/figma-ios/figma-component-implement/SKILL.md +9 -9
- package/pipeline/skills/figma-ios/figma-component-test/SKILL.md +15 -15
- package/pipeline/skills/figma-ios/figma-component-wiki/SKILL.md +18 -18
- package/pipeline/skills/figma-ios/figma-to-component/SKILL.md +38 -38
- package/pipeline/skills/figma-ios/figma-to-component/halt-return-protocol.md +2 -2
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-0-init.md +12 -12
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-1-gathering.md +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-1.5-existing-discovery.md +19 -19
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-2-orchestrator.md +25 -25
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-2a-testing-identifiers.md +7 -7
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-2b-localization.md +6 -6
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-2c-accessibility.md +38 -38
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-2d-analytics.md +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3-orchestrator.md +29 -29
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3a-location.md +6 -6
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3b-tokens.md +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3c-nested.md +12 -12
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3d-patterns.md +57 -57
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3e-assets.md +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3f-utilities.md +6 -6
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3g-property-coverage.md +10 -10
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-3h-variant-config.md +16 -16
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4-orchestrator.md +23 -23
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4a-configuration.md +26 -26
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4b-view.md +43 -43
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4c-documentation.md +17 -17
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4d-preview.md +19 -19
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-4e-modifiers.md +15 -15
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-5-orchestrator.md +39 -39
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-5a-viewinspector.md +7 -7
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-5b-snapshot.md +29 -29
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-5c-unit.md +9 -9
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-6-code-connect.md +31 -31
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-7-wiki.md +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-7a-confluence-generate.md +18 -18
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-7a-wiki-generate.md +16 -16
- package/pipeline/skills/figma-ios/figma-to-component/phases/phase-8-cleanup.md +2 -2
- package/pipeline/skills/figma-ios/figma-to-component/reference/accessibility.md +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/reference/code-connect.md +49 -49
- package/pipeline/skills/figma-ios/figma-to-component/reference/figma-to-swiftui-effects.md +8 -8
- package/pipeline/skills/figma-ios/figma-to-component/reference/halt-return-protocol.md +2 -2
- package/pipeline/skills/figma-ios/figma-to-component/reference/macros.md +9 -9
- package/pipeline/skills/figma-ios/figma-to-component/reference/missing-tokens.md +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/reference/orchestrator-discipline.md +10 -10
- package/pipeline/skills/figma-ios/figma-to-component/reference/remote-mcp-script.md +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/reference/rest-api-script.md +11 -11
- package/pipeline/skills/figma-ios/figma-to-component/reference/scripts-inventory.md +14 -14
- package/pipeline/skills/figma-ios/figma-to-component/reference/snapshot-testing.md +2 -2
- package/pipeline/skills/figma-ios/figma-to-component/reference/subcomponent-graph.md +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/reference/testing-identifiers-naming.md +6 -6
- package/pipeline/skills/figma-ios/figma-to-component/reference/tools.md +9 -9
- package/pipeline/skills/figma-ios/figma-to-component/reference/viewinspector.md +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/reference/wiki-to-confluence-mapping.md +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/apply-author-login-map.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/backfill-status.py +18 -18
- package/pipeline/skills/figma-ios/figma-to-component/scripts/build-author-registry.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/bulk-sync-issues.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/code-connect-data-gather.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/code-connect-publish.sh +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-component-status-upload.py +18 -18
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-component-status.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-data-gather.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-page-ids.example.json +9 -0
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-publish.py +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/scripts/figma-subcomponent-graph.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/figma-update.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/issue_sync_propagate.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/registry_writer.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/test_figma_update.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/test_registry_writer.py +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/test_skill_figma_issue.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/lib/test_update_issue_gh.py +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase1-gather.py +12 -12
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase2-finalize.py +3 -3
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase3-scripts.py +26 -26
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase4-finalize.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase5-finalize.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase6-finalize.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/phase7-finalize.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/register-icons-codeconnect.py +4 -4
- package/pipeline/skills/figma-ios/figma-to-component/scripts/remote-mcp-fetch.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/resolve-author-logins.py +2 -2
- package/pipeline/skills/figma-ios/figma-to-component/scripts/run-uicomponents-tests.sh +1 -1
- package/pipeline/skills/figma-ios/figma-to-component/scripts/sidebar-generator.py +5 -5
- package/pipeline/skills/figma-ios/figma-to-component/scripts/update-issue-from-registry.py +41 -41
- package/pipeline/skills/figma-ios/figma-to-component/scripts/validate-phase4.sh +8 -8
- package/pipeline/skills/figma-ios/figma-to-component/scripts/validate-phase6.sh +7 -7
- package/pipeline/skills/shared/README.md +62 -41
- package/pipeline/skills/shared/core/apple-archive-compliance/SKILL.md +39 -39
- package/pipeline/skills/shared/core/google-play-compliance/SKILL.md +44 -44
- package/pipeline/skills/shared/core/multi-agent/SKILL.md +182 -176
- package/pipeline/skills/shared/core/multi-agent-analysis/SKILL.md +55 -0
- package/pipeline/skills/shared/core/multi-agent-analysis-resolve/SKILL.md +48 -0
- package/pipeline/skills/shared/core/multi-agent-autopilot/SKILL.md +16 -16
- package/pipeline/skills/shared/core/multi-agent-build-optimize/SKILL.md +48 -0
- package/pipeline/skills/shared/core/multi-agent-channels/SKILL.md +40 -40
- package/pipeline/skills/shared/core/multi-agent-delete/SKILL.md +33 -30
- package/pipeline/skills/shared/core/multi-agent-dev/SKILL.md +26 -26
- package/pipeline/skills/shared/core/multi-agent-dev-autopilot/SKILL.md +22 -22
- package/pipeline/skills/shared/core/multi-agent-dev-local/SKILL.md +6 -6
- package/pipeline/skills/shared/core/multi-agent-dev-local-autopilot/SKILL.md +12 -12
- package/pipeline/skills/shared/core/multi-agent-diff-explain/SKILL.md +20 -20
- package/pipeline/skills/shared/core/multi-agent-garbage-collect/SKILL.md +61 -0
- package/pipeline/skills/shared/core/multi-agent-help/SKILL.md +22 -22
- package/pipeline/skills/shared/core/multi-agent-issue/SKILL.md +15 -15
- package/pipeline/skills/shared/core/multi-agent-jira/SKILL.md +12 -12
- package/pipeline/skills/shared/core/multi-agent-kill/SKILL.md +14 -14
- package/pipeline/skills/shared/core/multi-agent-language/SKILL.md +12 -12
- package/pipeline/skills/shared/core/multi-agent-local/SKILL.md +10 -10
- package/pipeline/skills/shared/core/multi-agent-local-autopilot/SKILL.md +18 -18
- package/pipeline/skills/shared/core/multi-agent-log/SKILL.md +9 -9
- package/pipeline/skills/shared/core/multi-agent-manual-test/SKILL.md +20 -20
- package/pipeline/skills/shared/core/multi-agent-prune-logs/SKILL.md +63 -0
- package/pipeline/skills/shared/core/multi-agent-purge/SKILL.md +16 -13
- package/pipeline/skills/shared/core/multi-agent-refactor/SKILL.md +110 -110
- package/pipeline/skills/shared/core/multi-agent-resume/SKILL.md +13 -13
- package/pipeline/skills/shared/core/multi-agent-review/SKILL.md +22 -22
- package/pipeline/skills/shared/core/multi-agent-scan/SKILL.md +18 -18
- package/pipeline/skills/shared/core/multi-agent-search/SKILL.md +13 -13
- package/pipeline/skills/shared/core/multi-agent-setup/SKILL.md +33 -30
- package/pipeline/skills/shared/core/multi-agent-stack/SKILL.md +14 -14
- package/pipeline/skills/shared/core/multi-agent-status/SKILL.md +9 -9
- package/pipeline/skills/shared/core/multi-agent-sync/SKILL.md +79 -79
- package/pipeline/skills/shared/core/multi-agent-test/SKILL.md +5 -5
- package/pipeline/skills/shared/core/multi-agent-update/SKILL.md +10 -10
- package/pipeline/skills/shared/external/NOTICE-swift-ios-skills.md +41 -0
- package/pipeline/skills/shared/external/NOTICE-xcode-build-skills.md +53 -0
- package/pipeline/skills/shared/external/agentflow/SKILL.md +9 -9
- package/pipeline/skills/shared/external/alarmkit/SKILL.md +113 -52
- package/pipeline/skills/shared/external/alarmkit/evals/evals.json +41 -0
- package/pipeline/skills/shared/external/alarmkit/references/alarmkit-patterns.md +23 -16
- package/pipeline/skills/shared/external/app-clips/SKILL.md +85 -354
- package/pipeline/skills/shared/external/app-clips/evals/evals.json +50 -0
- package/pipeline/skills/shared/external/app-clips/references/data-handoff-notifications-location.md +135 -0
- package/pipeline/skills/shared/external/app-clips/references/routing-and-experiences.md +125 -0
- package/pipeline/skills/shared/external/app-clips/references/size-capabilities-and-promotion.md +113 -0
- package/pipeline/skills/shared/external/app-intents/SKILL.md +152 -59
- package/pipeline/skills/shared/external/app-intents/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/app-intents/references/appintents-advanced.md +161 -118
- package/pipeline/skills/shared/external/app-store-optimization/SKILL.md +289 -392
- package/pipeline/skills/shared/external/app-store-optimization/evals/evals.json +46 -0
- package/pipeline/skills/shared/external/app-store-optimization/references/keyword-research-methodology.md +174 -0
- package/pipeline/skills/shared/external/app-store-optimization/references/product-page-variants.md +191 -0
- package/pipeline/skills/shared/external/app-store-review/SKILL.md +57 -107
- package/pipeline/skills/shared/external/app-store-review/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/app-store-review/references/privacy-manifest.md +35 -12
- package/pipeline/skills/shared/external/app-store-review/references/review-checklists.md +28 -26
- package/pipeline/skills/shared/external/apple-on-device-ai/SKILL.md +53 -62
- package/pipeline/skills/shared/external/apple-on-device-ai/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/apple-on-device-ai/references/coreml-conversion.md +7 -1
- package/pipeline/skills/shared/external/apple-on-device-ai/references/coreml-optimization.md +4 -1
- package/pipeline/skills/shared/external/apple-on-device-ai/references/foundation-models.md +32 -12
- package/pipeline/skills/shared/external/apple-on-device-ai/references/mlx-swift.md +34 -30
- package/pipeline/skills/shared/external/authentication/SKILL.md +134 -138
- package/pipeline/skills/shared/external/authentication/evals/evals.json +48 -0
- package/pipeline/skills/shared/external/authentication/references/keychain-biometric.md +56 -29
- package/pipeline/skills/shared/external/authentication/references/passkeys.md +183 -0
- package/pipeline/skills/shared/external/avkit/SKILL.md +497 -0
- package/pipeline/skills/shared/external/avkit/evals/evals.json +55 -0
- package/pipeline/skills/shared/external/avkit/references/avkit-patterns.md +668 -0
- package/pipeline/skills/shared/external/background-processing/SKILL.md +29 -29
- package/pipeline/skills/shared/external/background-processing/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/background-processing/references/background-task-patterns.md +44 -19
- package/pipeline/skills/shared/external/callkit-voip/SKILL.md +136 -99
- package/pipeline/skills/shared/external/callkit-voip/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/callkit-voip/references/callkit-patterns.md +27 -8
- package/pipeline/skills/shared/external/ci-cd-pipelines/SKILL.md +7 -6
- package/pipeline/skills/shared/external/clean-code/SKILL.md +2 -2
- package/pipeline/skills/shared/external/cloudkit-sync/SKILL.md +63 -56
- package/pipeline/skills/shared/external/cloudkit-sync/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/cloudkit-sync/references/cloudkit-patterns.md +7 -4
- package/pipeline/skills/shared/external/contacts-framework/SKILL.md +31 -11
- package/pipeline/skills/shared/external/contacts-framework/evals/evals.json +41 -0
- package/pipeline/skills/shared/external/contacts-framework/references/contacts-patterns.md +51 -51
- package/pipeline/skills/shared/external/core-bluetooth/SKILL.md +70 -65
- package/pipeline/skills/shared/external/core-bluetooth/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/core-bluetooth/references/ble-patterns.md +25 -1
- package/pipeline/skills/shared/external/core-data/SKILL.md +496 -0
- package/pipeline/skills/shared/external/core-data/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/core-motion/SKILL.md +47 -14
- package/pipeline/skills/shared/external/core-motion/evals/evals.json +49 -0
- package/pipeline/skills/shared/external/core-motion/references/motion-patterns.md +47 -16
- package/pipeline/skills/shared/external/core-nfc/SKILL.md +43 -54
- package/pipeline/skills/shared/external/core-nfc/evals/evals.json +49 -0
- package/pipeline/skills/shared/external/core-nfc/references/nfc-patterns.md +32 -2
- package/pipeline/skills/shared/external/coreml/SKILL.md +89 -48
- package/pipeline/skills/shared/external/coreml/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/coreml/references/coreml-swift-integration.md +82 -37
- package/pipeline/skills/shared/external/cryptokit/SKILL.md +493 -0
- package/pipeline/skills/shared/external/cryptokit/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/cryptokit/references/cryptokit-patterns.md +602 -0
- package/pipeline/skills/shared/external/css-modern/SKILL.md +3 -2
- package/pipeline/skills/shared/external/database-patterns/SKILL.md +6 -5
- package/pipeline/skills/shared/external/debugging-instruments/SKILL.md +77 -47
- package/pipeline/skills/shared/external/debugging-instruments/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/debugging-instruments/references/instruments-guide.md +42 -34
- package/pipeline/skills/shared/external/debugging-instruments/references/lldb-patterns.md +2 -2
- package/pipeline/skills/shared/external/device-integrity/SKILL.md +136 -176
- package/pipeline/skills/shared/external/device-integrity/evals/evals.json +45 -0
- package/pipeline/skills/shared/external/device-integrity/references/device-integrity-patterns.md +240 -0
- package/pipeline/skills/shared/external/energykit/SKILL.md +73 -34
- package/pipeline/skills/shared/external/energykit/evals/evals.json +45 -0
- package/pipeline/skills/shared/external/energykit/references/energykit-patterns.md +80 -38
- package/pipeline/skills/shared/external/eventkit-calendar/SKILL.md +67 -53
- package/pipeline/skills/shared/external/eventkit-calendar/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/eventkit-calendar/references/eventkit-patterns.md +53 -3
- package/pipeline/skills/shared/external/healthkit/SKILL.md +57 -124
- package/pipeline/skills/shared/external/healthkit/evals/evals.json +46 -0
- package/pipeline/skills/shared/external/healthkit/references/healthkit-patterns.md +82 -1
- package/pipeline/skills/shared/external/homekit-matter/SKILL.md +43 -41
- package/pipeline/skills/shared/external/homekit-matter/evals/evals.json +45 -0
- package/pipeline/skills/shared/external/homekit-matter/references/matter-commissioning.md +13 -8
- package/pipeline/skills/shared/external/html-semantic/SKILL.md +5 -4
- package/pipeline/skills/shared/external/humanizer/SKILL.md +4 -4
- package/pipeline/skills/shared/external/ios-accessibility/SKILL.md +174 -18
- package/pipeline/skills/shared/external/ios-accessibility/evals/evals.json +49 -0
- package/pipeline/skills/shared/external/ios-accessibility/references/a11y-patterns.md +262 -4
- package/pipeline/skills/shared/external/ios-accessibility/references/media-accessibility.md +117 -0
- package/pipeline/skills/shared/external/ios-accessibility/references/nutrition-labels.md +141 -0
- package/pipeline/skills/shared/external/ios-localization/SKILL.md +67 -14
- package/pipeline/skills/shared/external/ios-localization/evals/evals.json +49 -0
- package/pipeline/skills/shared/external/ios-localization/references/formatstyle-locale.md +20 -3
- package/pipeline/skills/shared/external/ios-localization/references/string-catalogs.md +131 -22
- package/pipeline/skills/shared/external/ios-networking/SKILL.md +69 -22
- package/pipeline/skills/shared/external/ios-networking/evals/evals.json +50 -0
- package/pipeline/skills/shared/external/ios-networking/references/background-websocket.md +28 -16
- package/pipeline/skills/shared/external/ios-networking/references/file-storage-patterns.md +354 -0
- package/pipeline/skills/shared/external/ios-networking/references/network-framework.md +69 -44
- package/pipeline/skills/shared/external/ios-networking/references/urlsession-patterns.md +35 -69
- package/pipeline/skills/shared/external/ios-security/references/file-storage-patterns.md +8 -8
- package/pipeline/skills/shared/external/ios-simulator/SKILL.md +485 -0
- package/pipeline/skills/shared/external/ios-simulator/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/ios-simulator/references/simctl-commands.md +316 -0
- package/pipeline/skills/shared/external/live-activities/SKILL.md +120 -131
- package/pipeline/skills/shared/external/live-activities/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/live-activities/references/{live-activity-patterns.md → activitykit-patterns.md} +148 -63
- package/pipeline/skills/shared/external/mapkit-location/SKILL.md +40 -21
- package/pipeline/skills/shared/external/mapkit-location/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/mapkit-location/references/{corelocation-patterns.md → mapkit-corelocation-patterns.md} +88 -41
- package/pipeline/skills/shared/external/mapkit-location/references/mapkit-patterns.md +27 -24
- package/pipeline/skills/shared/external/metrickit-diagnostics/SKILL.md +129 -172
- package/pipeline/skills/shared/external/metrickit-diagnostics/evals/evals.json +46 -0
- package/pipeline/skills/shared/external/metrickit-diagnostics/references/metrickit-patterns.md +180 -0
- package/pipeline/skills/shared/external/musickit-audio/SKILL.md +45 -18
- package/pipeline/skills/shared/external/musickit-audio/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/musickit-audio/references/musickit-patterns.md +26 -6
- package/pipeline/skills/shared/external/natural-language/SKILL.md +48 -18
- package/pipeline/skills/shared/external/natural-language/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/natural-language/references/translation-patterns.md +20 -7
- package/pipeline/skills/shared/external/nextjs-app-router/SKILL.md +4 -3
- package/pipeline/skills/shared/external/passkit-wallet/SKILL.md +156 -66
- package/pipeline/skills/shared/external/passkit-wallet/evals/evals.json +51 -0
- package/pipeline/skills/shared/external/passkit-wallet/references/wallet-passes.md +69 -19
- package/pipeline/skills/shared/external/pdfkit/SKILL.md +499 -0
- package/pipeline/skills/shared/external/pdfkit/evals/evals.json +42 -0
- package/pipeline/skills/shared/external/pdfkit/references/pdfkit-patterns.md +844 -0
- package/pipeline/skills/shared/external/pencilkit-drawing/SKILL.md +122 -28
- package/pipeline/skills/shared/external/pencilkit-drawing/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/pencilkit-drawing/references/pencilkit-patterns.md +49 -18
- package/pipeline/skills/shared/external/permissionkit/SKILL.md +100 -51
- package/pipeline/skills/shared/external/permissionkit/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/permissionkit/references/permissionkit-patterns.md +48 -8
- package/pipeline/skills/shared/external/photos-camera-media/SKILL.md +13 -15
- package/pipeline/skills/shared/external/photos-camera-media/references/camera-capture.md +4 -4
- package/pipeline/skills/shared/external/photos-camera-media/references/image-loading-caching.md +2 -2
- package/pipeline/skills/shared/external/photos-camera-media/references/{photospicker-patterns.md → photokit-patterns.md} +3 -3
- package/pipeline/skills/shared/external/push-notifications/SKILL.md +45 -48
- package/pipeline/skills/shared/external/push-notifications/evals/evals.json +46 -0
- package/pipeline/skills/shared/external/push-notifications/references/notification-patterns.md +22 -33
- package/pipeline/skills/shared/external/push-notifications/references/rich-notifications.md +56 -37
- package/pipeline/skills/shared/external/python-patterns/SKILL.md +4 -3
- package/pipeline/skills/shared/external/react-best-practices/SKILL.md +1 -0
- package/pipeline/skills/shared/external/realitykit-ar/SKILL.md +74 -53
- package/pipeline/skills/shared/external/realitykit-ar/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/realitykit-ar/references/realitykit-patterns.md +10 -10
- package/pipeline/skills/shared/external/rest-api-design/SKILL.md +21 -20
- package/pipeline/skills/shared/external/shareplay-activities/SKILL.md +81 -64
- package/pipeline/skills/shared/external/shareplay-activities/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/shareplay-activities/references/shareplay-patterns.md +48 -9
- package/pipeline/skills/shared/external/speech-recognition/SKILL.md +118 -104
- package/pipeline/skills/shared/external/speech-recognition/evals/evals.json +49 -0
- package/pipeline/skills/shared/external/speech-recognition/references/speechanalyzer-patterns.md +171 -0
- package/pipeline/skills/shared/external/spm-build-analysis/SKILL.md +93 -0
- package/pipeline/skills/shared/external/spm-build-analysis/references/build-optimization-sources.md +155 -0
- package/pipeline/skills/shared/external/spm-build-analysis/references/recommendation-format.md +85 -0
- package/pipeline/skills/shared/external/spm-build-analysis/references/spm-analysis-checks.md +105 -0
- package/pipeline/skills/shared/external/spm-build-analysis/scripts/check_spm_pins.py +118 -0
- package/pipeline/skills/shared/external/storekit/SKILL.md +110 -44
- package/pipeline/skills/shared/external/storekit/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/storekit/references/app-review-guidelines.md +94 -43
- package/pipeline/skills/shared/external/storekit/references/storekit-advanced.md +82 -33
- package/pipeline/skills/shared/external/swift-api-design-guidelines/SKILL.md +449 -0
- package/pipeline/skills/shared/external/swift-api-design-guidelines/evals/evals.json +50 -0
- package/pipeline/skills/shared/external/swift-api-design-guidelines/references/argument-labels-and-parameters.md +164 -0
- package/pipeline/skills/shared/external/swift-api-design-guidelines/references/conventions-and-special-rules.md +219 -0
- package/pipeline/skills/shared/external/swift-api-design-guidelines/references/naming-and-clarity.md +184 -0
- package/pipeline/skills/shared/external/swift-api-design-guidelines/references/side-effects-and-mutating-pairs.md +158 -0
- package/pipeline/skills/shared/external/swift-architecture/SKILL.md +499 -0
- package/pipeline/skills/shared/external/swift-architecture/evals/evals.json +45 -0
- package/pipeline/skills/shared/external/swift-charts/SKILL.md +52 -40
- package/pipeline/skills/shared/external/swift-charts/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/swift-charts/references/charts-patterns.md +92 -11
- package/pipeline/skills/shared/external/swift-codable/SKILL.md +43 -16
- package/pipeline/skills/shared/external/swift-codable/evals/evals.json +43 -0
- package/pipeline/skills/shared/external/swift-concurrency/SKILL.md +50 -30
- package/pipeline/skills/shared/external/swift-concurrency/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/swift-concurrency/references/approachable-concurrency.md +11 -4
- package/pipeline/skills/shared/external/swift-concurrency/references/async-algorithms.md +113 -0
- package/pipeline/skills/shared/external/swift-concurrency/references/bridging-interop.md +150 -0
- package/pipeline/skills/shared/external/swift-concurrency/references/{swift-6-2-concurrency.md → concurrency-patterns.md} +22 -11
- package/pipeline/skills/shared/external/swift-concurrency/references/diagnostics.md +52 -0
- package/pipeline/skills/shared/external/swift-concurrency/references/swiftui-concurrency.md +2 -2
- package/pipeline/skills/shared/external/swift-concurrency/references/synchronization-primitives.md +21 -15
- package/pipeline/skills/shared/external/swift-concurrency-expert/SKILL.md +3 -3
- package/pipeline/skills/shared/external/swift-concurrency-pro/SKILL.md +2 -2
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/actors.md +3 -3
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/async-streams.md +1 -1
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/bridging.md +3 -3
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/bug-patterns.md +3 -3
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/cancellation.md +8 -8
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/diagnostics.md +1 -1
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/hotspots.md +2 -2
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/interop.md +4 -4
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/new-features.md +1 -1
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/structured.md +2 -2
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/testing.md +2 -2
- package/pipeline/skills/shared/external/swift-concurrency-pro/references/unstructured.md +3 -3
- package/pipeline/skills/shared/external/swift-formatstyle/SKILL.md +339 -0
- package/pipeline/skills/shared/external/swift-language/SKILL.md +33 -34
- package/pipeline/skills/shared/external/swift-language/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/swift-language/references/swift-attributes-interop.md +97 -0
- package/pipeline/skills/shared/external/swift-language/references/swift-patterns-extended.md +19 -6
- package/pipeline/skills/shared/external/swift-security/SKILL.md +195 -0
- package/pipeline/skills/shared/external/swift-security/evals/evals.json +48 -0
- package/pipeline/skills/shared/external/swift-security/references/biometric-authentication.md +595 -0
- package/pipeline/skills/shared/external/swift-security/references/certificate-trust.md +611 -0
- package/pipeline/skills/shared/external/swift-security/references/common-anti-patterns.md +708 -0
- package/pipeline/skills/shared/external/swift-security/references/compliance-owasp-mapping.md +573 -0
- package/pipeline/skills/shared/external/swift-security/references/credential-storage-patterns.md +752 -0
- package/pipeline/skills/shared/external/swift-security/references/cryptokit-public-key.md +538 -0
- package/pipeline/skills/shared/external/swift-security/references/cryptokit-symmetric.md +530 -0
- package/pipeline/skills/shared/external/swift-security/references/keychain-access-control.md +543 -0
- package/pipeline/skills/shared/external/swift-security/references/keychain-fundamentals.md +620 -0
- package/pipeline/skills/shared/external/swift-security/references/keychain-item-classes.md +515 -0
- package/pipeline/skills/shared/external/swift-security/references/keychain-sharing.md +496 -0
- package/pipeline/skills/shared/external/swift-security/references/migration-legacy-stores.md +747 -0
- package/pipeline/skills/shared/external/swift-security/references/secure-enclave.md +566 -0
- package/pipeline/skills/shared/external/swift-security/references/testing-security-code.md +813 -0
- package/pipeline/skills/shared/external/swift-testing/SKILL.md +97 -297
- package/pipeline/skills/shared/external/swift-testing/evals/evals.json +44 -0
- package/pipeline/skills/shared/external/swift-testing/references/testing-advanced.md +123 -0
- package/pipeline/skills/shared/external/swift-testing/references/testing-patterns.md +162 -34
- package/pipeline/skills/shared/external/swift-testing-pro/SKILL.md +2 -2
- package/pipeline/skills/shared/external/swift-testing-pro/references/async-tests.md +3 -3
- package/pipeline/skills/shared/external/swift-testing-pro/references/core-rules.md +2 -2
- package/pipeline/skills/shared/external/swift-testing-pro/references/migrating-from-xctest.md +5 -5
- package/pipeline/skills/shared/external/swift-testing-pro/references/new-features.md +3 -3
- package/pipeline/skills/shared/external/swift-testing-pro/references/writing-better-tests.md +5 -5
- package/pipeline/skills/shared/external/swiftdata/SKILL.md +44 -23
- package/pipeline/skills/shared/external/swiftdata/evals/evals.json +47 -0
- package/pipeline/skills/shared/external/swiftdata/references/core-data-coexistence.md +3 -3
- package/pipeline/skills/shared/external/swiftdata/references/indexing.md +75 -0
- package/pipeline/skills/shared/external/swiftdata/references/predicate-pitfalls.md +54 -0
- package/pipeline/skills/shared/external/swiftdata/references/swiftdata-advanced.md +14 -10
- package/pipeline/skills/shared/external/swiftdata/references/swiftdata-queries.md +5 -5
- package/pipeline/skills/shared/external/swiftdata-pro/SKILL.md +2 -2
- package/pipeline/skills/shared/external/swiftdata-pro/references/class-inheritance.md +2 -2
- package/pipeline/skills/shared/external/swiftdata-pro/references/cloudkit.md +1 -1
- package/pipeline/skills/shared/external/swiftdata-pro/references/core-rules.md +6 -6
- package/pipeline/skills/shared/external/swiftlint/SKILL.md +337 -0
- package/pipeline/skills/shared/external/swiftlint/references/adoption-and-configuration.md +297 -0
- package/pipeline/skills/shared/external/swiftlint/references/custom-rules-and-analyze.md +170 -0
- package/pipeline/skills/shared/external/swiftlint/references/plugins-run-scripts-and-integrations.md +307 -0
- package/pipeline/skills/shared/external/swiftlint/references/rule-reference.md +35 -0
- package/pipeline/skills/shared/external/swiftlint/references/rules-suppressions-and-baselines.md +306 -0
- package/pipeline/skills/shared/external/swiftui-animation/SKILL.md +56 -65
- package/pipeline/skills/shared/external/swiftui-animation/references/animation-advanced.md +48 -44
- package/pipeline/skills/shared/external/swiftui-animation/references/core-animation-bridge.md +6 -6
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/charts-accessibility.md +13 -13
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/charts.md +3 -3
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/image-optimization.md +1 -1
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/latest-apis.md +4 -4
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/layout-best-practices.md +2 -2
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/list-patterns.md +1 -1
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/macos-scenes.md +16 -16
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/macos-views.md +11 -11
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/macos-window-styling.md +7 -7
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/state-management.md +5 -5
- package/pipeline/skills/shared/external/swiftui-expert-skill/references/view-structure.md +6 -6
- package/pipeline/skills/shared/external/swiftui-gestures/SKILL.md +38 -16
- package/pipeline/skills/shared/external/swiftui-gestures/references/gesture-patterns.md +13 -3
- package/pipeline/skills/shared/external/swiftui-layout-components/SKILL.md +32 -28
- package/pipeline/skills/shared/external/swiftui-layout-components/references/form.md +1 -1
- package/pipeline/skills/shared/external/swiftui-layout-components/references/grids.md +202 -41
- package/pipeline/skills/shared/external/swiftui-layout-components/references/list.md +16 -25
- package/pipeline/skills/shared/external/swiftui-layout-components/references/scrollview.md +71 -26
- package/pipeline/skills/shared/external/swiftui-liquid-glass/SKILL.md +284 -65
- package/pipeline/skills/shared/external/swiftui-liquid-glass/references/liquid-glass.md +387 -0
- package/pipeline/skills/shared/external/swiftui-navigation/SKILL.md +10 -10
- package/pipeline/skills/shared/external/swiftui-navigation/references/deeplinks.md +15 -3
- package/pipeline/skills/shared/external/swiftui-navigation/references/navigationstack.md +2 -2
- package/pipeline/skills/shared/external/swiftui-navigation/references/tabview.md +1 -1
- package/pipeline/skills/shared/external/swiftui-patterns/SKILL.md +51 -25
- package/pipeline/skills/shared/external/swiftui-patterns/references/architecture-patterns.md +78 -6
- package/pipeline/skills/shared/external/swiftui-patterns/references/deprecated-migration.md +161 -16
- package/pipeline/skills/shared/external/swiftui-patterns/references/design-polish.md +85 -27
- package/pipeline/skills/shared/external/swiftui-patterns/references/platform-and-sharing.md +37 -33
- package/pipeline/skills/shared/external/swiftui-performance/SKILL.md +39 -51
- package/pipeline/skills/shared/external/swiftui-performance/references/demystify-swiftui-performance-wwdc23.md +204 -30
- package/pipeline/skills/shared/external/swiftui-performance/references/optimizing-swiftui-performance-instruments.md +226 -21
- package/pipeline/skills/shared/external/swiftui-performance/references/understanding-hangs-in-your-app.md +220 -20
- package/pipeline/skills/shared/external/swiftui-performance/references/understanding-improving-swiftui-performance.md +159 -34
- package/pipeline/skills/shared/external/swiftui-performance/references/wwdc-session-sources.md +27 -0
- package/pipeline/skills/shared/external/swiftui-pro/SKILL.md +2 -2
- package/pipeline/skills/shared/external/swiftui-pro/references/accessibility.md +4 -4
- package/pipeline/skills/shared/external/swiftui-pro/references/api.md +1 -1
- package/pipeline/skills/shared/external/swiftui-pro/references/data.md +2 -2
- package/pipeline/skills/shared/external/swiftui-pro/references/design.md +4 -4
- package/pipeline/skills/shared/external/swiftui-pro/references/hygiene.md +2 -2
- package/pipeline/skills/shared/external/swiftui-pro/references/navigation.md +1 -1
- package/pipeline/skills/shared/external/swiftui-pro/references/performance.md +1 -1
- package/pipeline/skills/shared/external/swiftui-pro/references/swift.md +2 -2
- package/pipeline/skills/shared/external/swiftui-pro/references/views.md +2 -2
- package/pipeline/skills/shared/external/swiftui-ui-patterns/SKILL.md +1 -1
- package/pipeline/skills/shared/external/swiftui-uikit-interop/SKILL.md +12 -12
- package/pipeline/skills/shared/external/swiftui-uikit-interop/references/hosting-migration.md +3 -3
- package/pipeline/skills/shared/external/swiftui-uikit-interop/references/representable-recipes.md +1 -1
- package/pipeline/skills/shared/external/swiftui-webkit/SKILL.md +11 -11
- package/pipeline/skills/shared/external/swiftui-webkit/references/migration-and-fallbacks.md +124 -10
- package/pipeline/skills/shared/external/tailwind-css/SKILL.md +3 -2
- package/pipeline/skills/shared/external/testing-backend/SKILL.md +2 -1
- package/pipeline/skills/shared/external/tipkit/SKILL.md +3 -3
- package/pipeline/skills/shared/external/tipkit/references/tipkit-patterns.md +9 -9
- package/pipeline/skills/shared/external/typescript-patterns/SKILL.md +17 -16
- package/pipeline/skills/shared/external/vision-framework/SKILL.md +11 -11
- package/pipeline/skills/shared/external/vision-framework/references/vision-requests.md +1 -1
- package/pipeline/skills/shared/external/vision-framework/references/visionkit-scanner.md +5 -5
- package/pipeline/skills/shared/external/vue-composition/SKILL.md +7 -6
- package/pipeline/skills/shared/external/weatherkit/SKILL.md +3 -3
- package/pipeline/skills/shared/external/weatherkit/references/weatherkit-patterns.md +9 -9
- package/pipeline/skills/shared/external/web-accessibility/SKILL.md +1 -0
- package/pipeline/skills/shared/external/web-performance/SKILL.md +8 -7
- package/pipeline/skills/shared/external/web-testing/SKILL.md +7 -6
- package/pipeline/skills/shared/external/widgetkit/SKILL.md +23 -17
- package/pipeline/skills/shared/external/widgetkit/references/widgetkit-advanced.md +99 -0
- package/pipeline/skills/shared/external/xcode-build-benchmark/SKILL.md +89 -0
- package/pipeline/skills/shared/external/xcode-build-benchmark/references/benchmark-artifacts.md +94 -0
- package/pipeline/skills/shared/external/xcode-build-benchmark/references/benchmarking-workflow.md +67 -0
- package/pipeline/skills/shared/external/xcode-build-benchmark/schemas/build-benchmark.schema.json +230 -0
- package/pipeline/skills/shared/external/xcode-build-benchmark/scripts/benchmark_builds.py +308 -0
- package/pipeline/skills/shared/external/xcode-build-fixer/SKILL.md +219 -0
- package/pipeline/skills/shared/external/xcode-build-fixer/references/build-settings-best-practices.md +216 -0
- package/pipeline/skills/shared/external/xcode-build-fixer/references/fix-patterns.md +290 -0
- package/pipeline/skills/shared/external/xcode-build-fixer/references/recommendation-format.md +85 -0
- package/pipeline/skills/shared/external/xcode-build-fixer/scripts/benchmark_builds.py +308 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/SKILL.md +157 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/references/benchmark-artifacts.md +94 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/references/build-settings-best-practices.md +216 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/references/orchestration-report-template.md +143 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/references/recommendation-format.md +85 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/scripts/benchmark_builds.py +308 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/scripts/diagnose_compilation.py +273 -0
- package/pipeline/skills/shared/external/xcode-build-orchestrator/scripts/generate_optimization_report.py +533 -0
- package/pipeline/skills/shared/external/xcode-compilation-analyzer/SKILL.md +90 -0
- package/pipeline/skills/shared/external/xcode-compilation-analyzer/references/build-optimization-sources.md +155 -0
- package/pipeline/skills/shared/external/xcode-compilation-analyzer/references/code-compilation-checks.md +106 -0
- package/pipeline/skills/shared/external/xcode-compilation-analyzer/references/recommendation-format.md +85 -0
- package/pipeline/skills/shared/external/xcode-compilation-analyzer/scripts/diagnose_compilation.py +273 -0
- package/pipeline/skills/shared/external/xcode-project-analyzer/SKILL.md +77 -0
- package/pipeline/skills/shared/external/xcode-project-analyzer/references/build-optimization-sources.md +155 -0
- package/pipeline/skills/shared/external/xcode-project-analyzer/references/build-settings-best-practices.md +216 -0
- package/pipeline/skills/shared/external/xcode-project-analyzer/references/project-audit-checks.md +101 -0
- package/pipeline/skills/shared/external/xcode-project-analyzer/references/recommendation-format.md +85 -0
- package/pipeline/skills/skills-index.md +213 -192
- package/docs/GENERICITY-REVIEW.md +0 -277
- package/docs/STABILITY-FIX-PLAN.md +0 -168
- package/pipeline/scripts/.last-figma-sync-plan.json +0 -23
- package/pipeline/scripts/README-figma-smokes.md +0 -34
- package/pipeline/scripts/figma-placeholder-map.json +0 -191
- package/pipeline/scripts/import-figma-skills.sh +0 -253
- package/pipeline/scripts/smoke-figma-config-schema.sh +0 -144
- package/pipeline/scripts/smoke-figma-skill-import.sh +0 -174
- package/pipeline/scripts/smoke-install-leak-gate.sh +0 -125
- package/pipeline/scripts/smoke-personal-data.sh +0 -82
- package/pipeline/scripts/sync-figma-source.sh +0 -228
- package/pipeline/skills/figma-ios/figma-to-component/scripts/confluence-page-ids.json +0 -94
- package/pipeline/skills/shared/external/app-store-review/references/code-signing.md +0 -259
- package/pipeline/skills/shared/external/app-store-review/references/rejection-patterns.md +0 -152
- package/pipeline/skills/shared/external/pencilkit-drawing/references/paperkit-integration.md +0 -376
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: authentication
|
|
3
|
-
description: "Implement iOS authentication
|
|
3
|
+
description: "Implement iOS authentication flows with AuthenticationServices and LocalAuthentication. Use when building Sign in with Apple, passkey/WebAuthn registration or sign-in with ASAuthorizationPlatformPublicKeyCredentialProvider, ASAuthorizationController credential state and revocation handling, ASWebAuthenticationSession OAuth or third-party login, Password AutoFill, identity-token server validation, or local biometric re-authentication with LAContext."
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
# Authentication
|
|
7
7
|
|
|
8
8
|
Implement authentication flows on iOS using the AuthenticationServices
|
|
9
|
-
framework, including Sign in with Apple, OAuth/third-party web
|
|
10
|
-
Password AutoFill, and biometric authentication.
|
|
9
|
+
framework, including Sign in with Apple, passkeys, OAuth/third-party web
|
|
10
|
+
auth, Password AutoFill, and biometric re-authentication.
|
|
11
11
|
|
|
12
12
|
## Contents
|
|
13
13
|
|
|
@@ -16,9 +16,11 @@ Password AutoFill, and biometric authentication.
|
|
|
16
16
|
- [Credential State Checking](#credential-state-checking)
|
|
17
17
|
- [Token Validation](#token-validation)
|
|
18
18
|
- [Existing Account Setup Flows](#existing-account-setup-flows)
|
|
19
|
+
- [Passkeys](#passkeys)
|
|
19
20
|
- [ASWebAuthenticationSession (OAuth)](#aswebauthenticationsession-oauth)
|
|
20
21
|
- [Password AutoFill Credentials](#password-autofill-credentials)
|
|
21
22
|
- [Biometric Authentication](#biometric-authentication)
|
|
23
|
+
- [Security Boundaries](#security-boundaries)
|
|
22
24
|
- [SwiftUI SignInWithAppleButton](#swiftui-signinwithapplebutton)
|
|
23
25
|
- [Common Mistakes](#common-mistakes)
|
|
24
26
|
- [Review Checklist](#review-checklist)
|
|
@@ -110,9 +112,9 @@ extension LoginViewController: ASAuthorizationControllerDelegate {
|
|
|
110
112
|
| `user` | `String` | Always | Always |
|
|
111
113
|
| `email` | `String?` | Provided if requested | `nil` |
|
|
112
114
|
| `fullName` | `PersonNameComponents?` | Provided if requested | `nil` |
|
|
113
|
-
| `identityToken` | `Data?` | JWT
|
|
115
|
+
| `identityToken` | `Data?` | JWT encoded as UTF-8 data | JWT encoded as UTF-8 data |
|
|
114
116
|
| `authorizationCode` | `Data?` | Short-lived code | Short-lived code |
|
|
115
|
-
| `realUserStatus` | `ASUserDetectionStatus` |
|
|
117
|
+
| `realUserStatus` | `ASUserDetectionStatus` | Fraud-prevention signal | Do not rely on later attempts |
|
|
116
118
|
|
|
117
119
|
**Critical:** `email` and `fullName` are provided ONLY on the first
|
|
118
120
|
authorization. Cache them immediately during the initial sign-up flow. If the
|
|
@@ -140,33 +142,31 @@ Check credential state on every app launch. The user may revoke access at
|
|
|
140
142
|
any time via Settings > Apple Account > Sign-In & Security.
|
|
141
143
|
|
|
142
144
|
```swift
|
|
143
|
-
func checkCredentialState()
|
|
145
|
+
func checkCredentialState() {
|
|
144
146
|
let provider = ASAuthorizationAppleIDProvider()
|
|
145
147
|
guard let userID = loadSavedUserID() else {
|
|
146
148
|
showLoginScreen()
|
|
147
149
|
return
|
|
148
150
|
}
|
|
149
151
|
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
152
|
+
provider.getCredentialState(forUserID: userID) { state, _ in
|
|
153
|
+
DispatchQueue.main.async {
|
|
154
|
+
switch state {
|
|
155
|
+
case .authorized:
|
|
156
|
+
proceedToMainApp()
|
|
157
|
+
case .revoked:
|
|
158
|
+
// User revoked -- sign out and clear local data
|
|
159
|
+
signOut()
|
|
160
|
+
showLoginScreen()
|
|
161
|
+
case .notFound:
|
|
162
|
+
showLoginScreen()
|
|
163
|
+
case .transferred:
|
|
164
|
+
// App transferred to new team -- migrate user identifier
|
|
165
|
+
migrateUser()
|
|
166
|
+
@unknown default:
|
|
167
|
+
showLoginScreen()
|
|
168
|
+
}
|
|
166
169
|
}
|
|
167
|
-
} catch {
|
|
168
|
-
// Network error -- allow offline access or retry
|
|
169
|
-
proceedToMainApp()
|
|
170
170
|
}
|
|
171
171
|
}
|
|
172
172
|
```
|
|
@@ -244,6 +244,58 @@ Call this in `viewDidAppear` or on app launch. If no existing credentials
|
|
|
244
244
|
are found, the delegate receives a `.notInteractive` error -- handle it
|
|
245
245
|
silently and show your normal login UI.
|
|
246
246
|
|
|
247
|
+
## Passkeys
|
|
248
|
+
|
|
249
|
+
Use passkeys for passwordless WebAuthn-style registration and sign-in. The
|
|
250
|
+
app must have an Associated Domains entitlement for the relying party domain
|
|
251
|
+
using the `webcredentials:` service; passkey requests fail for services the app
|
|
252
|
+
has not configured as associated domains.
|
|
253
|
+
|
|
254
|
+
For platform passkeys synced through iCloud Keychain, request a server-provided
|
|
255
|
+
challenge and create requests with `ASAuthorizationPlatformPublicKeyCredentialProvider`:
|
|
256
|
+
|
|
257
|
+
```swift
|
|
258
|
+
let challenge: Data = try await server.registrationChallenge()
|
|
259
|
+
let userID: Data = try await server.passkeyUserID()
|
|
260
|
+
let provider = ASAuthorizationPlatformPublicKeyCredentialProvider(
|
|
261
|
+
relyingPartyIdentifier: "example.com"
|
|
262
|
+
)
|
|
263
|
+
let request = provider.createCredentialRegistrationRequest(
|
|
264
|
+
challenge: challenge,
|
|
265
|
+
name: username,
|
|
266
|
+
userID: userID
|
|
267
|
+
)
|
|
268
|
+
|
|
269
|
+
let controller = ASAuthorizationController(authorizationRequests: [request])
|
|
270
|
+
controller.delegate = self
|
|
271
|
+
controller.presentationContextProvider = self
|
|
272
|
+
controller.performRequests()
|
|
273
|
+
```
|
|
274
|
+
|
|
275
|
+
For sign-in, use `createCredentialAssertionRequest(challenge:)` with a fresh
|
|
276
|
+
server challenge, then send the resulting registration or assertion object to
|
|
277
|
+
the relying-party server for verification:
|
|
278
|
+
|
|
279
|
+
```swift
|
|
280
|
+
let request = provider.createCredentialAssertionRequest(challenge: challenge)
|
|
281
|
+
|
|
282
|
+
switch authorization.credential {
|
|
283
|
+
case let registration as ASAuthorizationPlatformPublicKeyCredentialRegistration:
|
|
284
|
+
try await server.finishPasskeyRegistration(registration)
|
|
285
|
+
case let assertion as ASAuthorizationPlatformPublicKeyCredentialAssertion:
|
|
286
|
+
try await server.finishPasskeySignIn(assertion)
|
|
287
|
+
default:
|
|
288
|
+
break
|
|
289
|
+
}
|
|
290
|
+
```
|
|
291
|
+
|
|
292
|
+
For inline passkey suggestions, set the username field's `textContentType` to
|
|
293
|
+
`.username`, include the passkey assertion request in the controller, and call
|
|
294
|
+
`performAutoFillAssistedRequests()`. Use `ASAuthorizationSecurityKeyPublicKeyCredentialProvider`
|
|
295
|
+
only when the user must authenticate with a physical security key. See
|
|
296
|
+
[references/passkeys.md](references/passkeys.md) for complete registration,
|
|
297
|
+
assertion, AutoFill, and security-key patterns.
|
|
298
|
+
|
|
247
299
|
## ASWebAuthenticationSession (OAuth)
|
|
248
300
|
|
|
249
301
|
Use `ASWebAuthenticationSession` for OAuth and third-party authentication
|
|
@@ -253,6 +305,12 @@ Use `ASWebAuthenticationSession` for OAuth and third-party authentication
|
|
|
253
305
|
import AuthenticationServices
|
|
254
306
|
|
|
255
307
|
final class OAuthController: NSObject, ASWebAuthenticationPresentationContextProviding {
|
|
308
|
+
private weak var presentationAnchor: ASPresentationAnchor?
|
|
309
|
+
|
|
310
|
+
init(presentationAnchor: ASPresentationAnchor) {
|
|
311
|
+
self.presentationAnchor = presentationAnchor
|
|
312
|
+
}
|
|
313
|
+
|
|
256
314
|
func startOAuthFlow() {
|
|
257
315
|
let authURL = URL(string:
|
|
258
316
|
"https://provider.com/oauth/authorize?client_id=YOUR_ID&redirect_uri=myapp://callback&response_type=code"
|
|
@@ -271,33 +329,18 @@ final class OAuthController: NSObject, ASWebAuthenticationPresentationContextPro
|
|
|
271
329
|
}
|
|
272
330
|
|
|
273
331
|
func presentationAnchor(for session: ASWebAuthenticationSession) -> ASPresentationAnchor {
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
}
|
|
277
|
-
```
|
|
278
|
-
|
|
279
|
-
### SwiftUI WebAuthenticationSession
|
|
280
|
-
|
|
281
|
-
```swift
|
|
282
|
-
struct OAuthLoginView: View {
|
|
283
|
-
@Environment(\.webAuthenticationSession) private var webAuthSession
|
|
284
|
-
|
|
285
|
-
var body: some View {
|
|
286
|
-
Button("Sign in with Provider") {
|
|
287
|
-
Task {
|
|
288
|
-
let url = URL(string: "https://provider.com/oauth/authorize?client_id=YOUR_ID")!
|
|
289
|
-
let callbackURL = try await webAuthSession.authenticate(
|
|
290
|
-
using: url, callback: .customScheme("myapp")
|
|
291
|
-
)
|
|
292
|
-
// Extract authorization code from callbackURL
|
|
293
|
-
}
|
|
332
|
+
guard let presentationAnchor else {
|
|
333
|
+
fatalError("ASWebAuthenticationSession needs the active window")
|
|
294
334
|
}
|
|
335
|
+
return presentationAnchor
|
|
295
336
|
}
|
|
296
337
|
}
|
|
297
338
|
```
|
|
298
339
|
|
|
299
|
-
|
|
300
|
-
|
|
340
|
+
In SwiftUI, use `@Environment(\.webAuthenticationSession)` and call
|
|
341
|
+
`authenticate(using:callback:preferredBrowserSession:additionalHeaderFields:)`
|
|
342
|
+
with `.customScheme("myapp")` or `.https(host:path:)`; prefer `.ephemeral`
|
|
343
|
+
only when the provider flow should avoid shared browser cookies.
|
|
301
344
|
|
|
302
345
|
## Password AutoFill Credentials
|
|
303
346
|
|
|
@@ -348,10 +391,11 @@ passwordField.textContentType = .password
|
|
|
348
391
|
|
|
349
392
|
## Biometric Authentication
|
|
350
393
|
|
|
351
|
-
Use `LAContext` from LocalAuthentication for
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
394
|
+
Use `LAContext` from LocalAuthentication for local re-authentication before
|
|
395
|
+
showing account settings or starting sensitive actions. Do not treat a returned
|
|
396
|
+
`Bool` as proof to unlock a stored secret; protect secrets with Keychain access
|
|
397
|
+
control instead. See [references/keychain-biometric.md](references/keychain-biometric.md)
|
|
398
|
+
for `SecAccessControl` and `.biometryCurrentSet` patterns.
|
|
355
399
|
|
|
356
400
|
```swift
|
|
357
401
|
import LocalAuthentication
|
|
@@ -376,102 +420,48 @@ func authenticateWithBiometrics() async throws -> Bool {
|
|
|
376
420
|
**Required:** Add `NSFaceIDUsageDescription` to Info.plist. Missing this
|
|
377
421
|
key crashes on Face ID devices.
|
|
378
422
|
|
|
379
|
-
##
|
|
380
|
-
|
|
381
|
-
```swift
|
|
382
|
-
import AuthenticationServices
|
|
383
|
-
|
|
384
|
-
struct AppleSignInView: View {
|
|
385
|
-
@Environment(\.colorScheme) var colorScheme
|
|
386
|
-
|
|
387
|
-
var body: some View {
|
|
388
|
-
SignInWithAppleButton(.signIn) { request in
|
|
389
|
-
request.requestedScopes = [.fullName, .email]
|
|
390
|
-
} onCompletion: { result in
|
|
391
|
-
switch result {
|
|
392
|
-
case .success(let authorization):
|
|
393
|
-
guard let credential = authorization.credential
|
|
394
|
-
as? ASAuthorizationAppleIDCredential else { return }
|
|
395
|
-
handleCredential(credential)
|
|
396
|
-
case .failure(let error):
|
|
397
|
-
handleError(error)
|
|
398
|
-
}
|
|
399
|
-
}
|
|
400
|
-
.signInWithAppleButtonStyle(
|
|
401
|
-
colorScheme == .dark ? .white : .black
|
|
402
|
-
)
|
|
403
|
-
.frame(height: 50)
|
|
404
|
-
}
|
|
405
|
-
}
|
|
406
|
-
```
|
|
407
|
-
|
|
408
|
-
## Common Mistakes
|
|
409
|
-
|
|
410
|
-
### 1. Not checking credential state on app launch
|
|
411
|
-
|
|
412
|
-
```swift
|
|
413
|
-
// DON'T: Assume the user is still authorized
|
|
414
|
-
func appDidLaunch() {
|
|
415
|
-
if UserDefaults.standard.bool(forKey: "isLoggedIn") {
|
|
416
|
-
showMainApp() // User may have revoked access!
|
|
417
|
-
}
|
|
418
|
-
}
|
|
419
|
-
|
|
420
|
-
// DO: Check credential state every launch
|
|
421
|
-
func appDidLaunch() async {
|
|
422
|
-
await checkCredentialState() // See "Credential State Checking" above
|
|
423
|
-
}
|
|
424
|
-
```
|
|
425
|
-
|
|
426
|
-
### 2. Not performing existing account setup flows
|
|
427
|
-
|
|
428
|
-
```swift
|
|
429
|
-
// DON'T: Always show a full login screen on launch
|
|
430
|
-
// DO: Call performExistingAccountSetupFlows() first;
|
|
431
|
-
// show login UI only if .notInteractive error received
|
|
432
|
-
```
|
|
423
|
+
## Security Boundaries
|
|
433
424
|
|
|
434
|
-
|
|
425
|
+
This skill owns user-facing account authentication: Sign in with Apple,
|
|
426
|
+
passkeys, Password AutoFill, ASAuthorizationController, OAuth session
|
|
427
|
+
presentation, credential state, and local biometric re-authentication. Route
|
|
428
|
+
deep security work to `swift-security`: Keychain architecture/migration,
|
|
429
|
+
CryptoKit, Secure Enclave, certificate pinning/trust, keychain sharing, storage
|
|
430
|
+
hardening, and OWASP MASVS/MASTG. Keep only the storage minimum here: tokens and
|
|
431
|
+
secrets belong in Keychain; `LAContext.evaluatePolicy` alone must not release
|
|
432
|
+
protected secrets.
|
|
435
433
|
|
|
436
|
-
|
|
437
|
-
// DON'T: Force-unwrap email or fullName
|
|
438
|
-
let email = credential.email! // Crashes on subsequent logins
|
|
439
|
-
|
|
440
|
-
// DO: Handle nil gracefully -- only available on first authorization
|
|
441
|
-
if let email = credential.email {
|
|
442
|
-
saveEmail(email) // Persist immediately
|
|
443
|
-
}
|
|
444
|
-
```
|
|
445
|
-
|
|
446
|
-
### 4. Not implementing ASAuthorizationControllerPresentationContextProviding
|
|
447
|
-
|
|
448
|
-
```swift
|
|
449
|
-
// DON'T: Skip the presentation context provider
|
|
450
|
-
controller.delegate = self
|
|
451
|
-
controller.performRequests() // May not display UI correctly
|
|
452
|
-
|
|
453
|
-
// DO: Always set the presentation context provider
|
|
454
|
-
controller.delegate = self
|
|
455
|
-
controller.presentationContextProvider = self // Required for proper UI
|
|
456
|
-
controller.performRequests()
|
|
457
|
-
```
|
|
434
|
+
## SwiftUI SignInWithAppleButton
|
|
458
435
|
|
|
459
|
-
|
|
436
|
+
Use `SignInWithAppleButton` in SwiftUI views when the login surface is SwiftUI.
|
|
437
|
+
Request `.fullName` and `.email`, handle `.success` and `.failure`, downcast to
|
|
438
|
+
`ASAuthorizationAppleIDCredential`, and send the credential through the same
|
|
439
|
+
server-validation flow as UIKit. Style with `.signInWithAppleButtonStyle(...)`.
|
|
460
440
|
|
|
461
|
-
|
|
462
|
-
// DON'T: Store tokens in UserDefaults
|
|
463
|
-
UserDefaults.standard.set(tokenString, forKey: "identityToken")
|
|
441
|
+
## Common Mistakes
|
|
464
442
|
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
443
|
+
- Assuming a saved local session means the Apple ID credential is still valid.
|
|
444
|
+
Check credential state at launch and handle revocation notifications.
|
|
445
|
+
- Showing a full login screen before trying existing account setup flows.
|
|
446
|
+
Treat `.notInteractive` as the normal "no local credential" path.
|
|
447
|
+
- Force-unwrapping `email` or `fullName`. Cache them on first authorization and
|
|
448
|
+
handle `nil` later.
|
|
449
|
+
- Creating an `ASAuthorizationController` without a presentation context
|
|
450
|
+
provider. Authorization UI needs the active presentation anchor.
|
|
451
|
+
- Storing identity tokens, authorization codes, access tokens, passwords, or
|
|
452
|
+
passkey server state in `UserDefaults`, files, or Core Data. Store secrets in
|
|
453
|
+
Keychain and keep relying-party passkey verification server-side.
|
|
454
|
+
- Adding passkey requests without `webcredentials:` Associated Domains for the
|
|
455
|
+
relying-party domain, or trying to use app-native passkeys for unrelated
|
|
456
|
+
websites.
|
|
457
|
+
- Expanding authentication work into CryptoKit, Secure Enclave, certificate
|
|
458
|
+
pinning, or OWASP MASVS. Route those to `swift-security`.
|
|
469
459
|
|
|
470
460
|
## Review Checklist
|
|
471
461
|
|
|
472
462
|
- [ ] "Sign in with Apple" capability added in Xcode project
|
|
473
463
|
- [ ] `ASAuthorizationControllerPresentationContextProviding` implemented
|
|
474
|
-
- [ ] Credential state checked on every app launch (`
|
|
464
|
+
- [ ] Credential state checked on every app launch (`getCredentialState(forUserID:completion:)`)
|
|
475
465
|
- [ ] `credentialRevokedNotification` observer registered; sign-out handled
|
|
476
466
|
- [ ] `email` and `fullName` cached on first authorization (not assumed available later)
|
|
477
467
|
- [ ] `identityToken` sent to server for validation, not trusted client-side only
|
|
@@ -482,15 +472,21 @@ try KeychainHelper.save(tokenData, forKey: "identityToken")
|
|
|
482
472
|
- [ ] `ASWebAuthenticationSession` used for OAuth (not `WKWebView`)
|
|
483
473
|
- [ ] `prefersEphemeralWebBrowserSession` set for OAuth when appropriate
|
|
484
474
|
- [ ] `textContentType` set on username/password fields for AutoFill
|
|
475
|
+
- [ ] Passkey relying party has `webcredentials:` Associated Domains configured
|
|
476
|
+
- [ ] Passkey registration/assertion challenges come from the server and are verified server-side
|
|
477
|
+
- [ ] Deep Keychain, CryptoKit, Secure Enclave, certificate pinning, and MASVS work routed to `swift-security`
|
|
485
478
|
|
|
486
479
|
## References
|
|
487
480
|
|
|
488
|
-
- Keychain & biometric patterns:
|
|
481
|
+
- Keychain & biometric patterns: [references/keychain-biometric.md](references/keychain-biometric.md)
|
|
482
|
+
- Passkey patterns: [references/passkeys.md](references/passkeys.md)
|
|
489
483
|
- [AuthenticationServices](https://sosumi.ai/documentation/authenticationservices)
|
|
490
484
|
- [ASAuthorizationAppleIDProvider](https://sosumi.ai/documentation/authenticationservices/asauthorizationappleidprovider)
|
|
491
485
|
- [ASAuthorizationAppleIDCredential](https://sosumi.ai/documentation/authenticationservices/asauthorizationappleidcredential)
|
|
492
486
|
- [ASAuthorizationController](https://sosumi.ai/documentation/authenticationservices/asauthorizationcontroller)
|
|
493
487
|
- [ASWebAuthenticationSession](https://sosumi.ai/documentation/authenticationservices/aswebauthenticationsession)
|
|
488
|
+
- [Supporting passkeys](https://sosumi.ai/documentation/authenticationservices/supporting-passkeys)
|
|
489
|
+
- [ASAuthorizationPlatformPublicKeyCredentialProvider](https://sosumi.ai/documentation/authenticationservices/asauthorizationplatformpublickeycredentialprovider)
|
|
494
490
|
- [ASAuthorizationPasswordProvider](https://sosumi.ai/documentation/authenticationservices/asauthorizationpasswordprovider)
|
|
495
491
|
- [SignInWithAppleButton](https://sosumi.ai/documentation/authenticationservices/signinwithapplebutton)
|
|
496
492
|
- [Implementing User Authentication with Sign in with Apple](https://sosumi.ai/documentation/authenticationservices/implementing-user-authentication-with-sign-in-with-apple)
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
{
|
|
2
|
+
"skill_name": "authentication",
|
|
3
|
+
"evals": [
|
|
4
|
+
{
|
|
5
|
+
"id": 0,
|
|
6
|
+
"name": "passkey-registration-and-signin",
|
|
7
|
+
"prompt": "We're adding passwordless sign-in to our iOS app for accounts on example.com. The server can mint WebAuthn challenges, and product wants passkeys first, a physical security key fallback, and inline suggestions in the username field. What should the implementation checklist and core AuthenticationServices flow look like?",
|
|
8
|
+
"expected_output": "A passkey implementation checklist that covers associated domains, platform passkey registration/assertion, AutoFill-assisted requests, physical security key boundaries, and server-side verification.",
|
|
9
|
+
"files": [],
|
|
10
|
+
"expectations": [
|
|
11
|
+
"Names the Associated Domains requirement with the `webcredentials:` service for the relying-party domain.",
|
|
12
|
+
"Uses `ASAuthorizationPlatformPublicKeyCredentialProvider(relyingPartyIdentifier:)` for platform passkeys and distinguishes registration from assertion requests.",
|
|
13
|
+
"States that registration and assertion challenges come from the relying-party server and that passkey results must be verified server-side before issuing a session.",
|
|
14
|
+
"Mentions `performAutoFillAssistedRequests()` with a username text field using `.username` for inline passkey suggestions.",
|
|
15
|
+
"Uses `ASAuthorizationSecurityKeyPublicKeyCredentialProvider` only for physical security key fallback, not as the default platform passkey provider."
|
|
16
|
+
]
|
|
17
|
+
},
|
|
18
|
+
{
|
|
19
|
+
"id": 1,
|
|
20
|
+
"name": "sign-in-with-apple-oauth-review",
|
|
21
|
+
"prompt": "Review this iOS login plan before implementation: Sign in with Apple for new accounts, saved password suggestions for returning users, GitHub OAuth, cached account profile data, local Face ID re-auth before account deletion, and token storage. What are the must-have AuthenticationServices and LocalAuthentication checks?",
|
|
22
|
+
"expected_output": "A review checklist that covers Sign in with Apple setup, credential handling, existing account flows, OAuth session presentation, biometric re-auth boundaries, and secure token storage.",
|
|
23
|
+
"files": [],
|
|
24
|
+
"expectations": [
|
|
25
|
+
"Requires the Sign in with Apple capability plus `ASAuthorizationControllerPresentationContextProviding` for authorization UI.",
|
|
26
|
+
"Explains that `email` and `fullName` must be cached during first authorization and handled as optional later.",
|
|
27
|
+
"Requires Apple ID credential state checks with `getCredentialState(forUserID:completion:)` and handling credential revocation notifications.",
|
|
28
|
+
"Sends `identityToken` and `authorizationCode` to the server for validation instead of trusting them only on device.",
|
|
29
|
+
"Uses `ASWebAuthenticationSession` for GitHub OAuth, avoids `WKWebView`, and returns a real active presentation anchor.",
|
|
30
|
+
"Stores secrets in Keychain and treats `LAContext.evaluatePolicy` as local re-authentication rather than standalone proof for releasing stored secrets."
|
|
31
|
+
]
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
"id": 2,
|
|
35
|
+
"name": "security-boundary-routing",
|
|
36
|
+
"prompt": "A team asks the authentication skill to design the whole account security layer: Sign in with Apple, passkeys, refresh-token storage, CryptoKit encryption, certificate pinning, biometric unlock, and OWASP MASVS mapping. Give a concise scope review that says what this skill should cover and what belongs in sibling security work.",
|
|
37
|
+
"expected_output": "A boundary-aware scope review that keeps AuthenticationServices auth flows in scope while routing deep Keychain, CryptoKit, certificate trust, and compliance work to the security skill.",
|
|
38
|
+
"files": [],
|
|
39
|
+
"expectations": [
|
|
40
|
+
"Keeps Sign in with Apple, passkeys, Password AutoFill, ASAuthorizationController flows, ASWebAuthenticationSession OAuth, and local biometric re-authentication in the authentication skill scope.",
|
|
41
|
+
"Routes detailed Keychain architecture, CryptoKit encryption, Secure Enclave, certificate pinning, and OWASP MASVS mapping to the sibling security skill instead of expanding the authentication answer into those domains.",
|
|
42
|
+
"Still states that auth tokens and secrets should be stored in Keychain, not UserDefaults, files, or Core Data.",
|
|
43
|
+
"Warns that `LAContext.evaluatePolicy` alone should not release stored secrets and that Keychain access control is the right handoff for protected token/key reads.",
|
|
44
|
+
"Does not claim that the authentication skill owns backend WebAuthn relying-party implementation beyond requiring server challenges and server verification."
|
|
45
|
+
]
|
|
46
|
+
}
|
|
47
|
+
]
|
|
48
|
+
}
|
|
@@ -1,19 +1,25 @@
|
|
|
1
1
|
# Keychain Token Storage & Biometric Authentication
|
|
2
2
|
|
|
3
3
|
Self-contained reference for storing authentication tokens in Keychain and
|
|
4
|
-
protecting them with biometric authentication (Face ID /
|
|
5
|
-
the patterns most commonly needed alongside Sign in with
|
|
4
|
+
protecting them with Keychain-bound biometric authentication (Face ID /
|
|
5
|
+
Touch ID). Covers the patterns most commonly needed alongside Sign in with
|
|
6
|
+
Apple, passkey, and OAuth flows.
|
|
7
|
+
|
|
8
|
+
This is an authentication-adjacent quick reference, not a full security
|
|
9
|
+
architecture guide. Route Keychain migration, access-control policy design,
|
|
10
|
+
CryptoKit encryption, Secure Enclave keys, certificate pinning, keychain
|
|
11
|
+
sharing, storage-hardening strategy, and OWASP MASVS/MASTG mapping to
|
|
12
|
+
`swift-security`.
|
|
6
13
|
|
|
7
14
|
## Contents
|
|
8
15
|
|
|
9
16
|
- [Storing Tokens in Keychain](#storing-tokens-in-keychain)
|
|
10
17
|
- [Reading Tokens from Keychain](#reading-tokens-from-keychain)
|
|
11
18
|
- [Deleting Tokens from Keychain](#deleting-tokens-from-keychain)
|
|
12
|
-
- [kSecAttrAccessible Values](#ksecattracccessible-values)
|
|
13
19
|
- [Biometric Authentication with LAContext](#biometric-authentication-with-lacontext)
|
|
14
20
|
- [Biometric-Protected Keychain Items](#biometric-protected-keychain-items)
|
|
15
|
-
- [SecAccessControl Flags](#secaccesscontrol-flags)
|
|
16
21
|
- [Keychain Error Handling](#keychain-error-handling)
|
|
22
|
+
- [References](#references)
|
|
17
23
|
|
|
18
24
|
## Storing Tokens in Keychain
|
|
19
25
|
|
|
@@ -88,26 +94,23 @@ func deleteFromKeychain(account: String, service: String) throws {
|
|
|
88
94
|
}
|
|
89
95
|
```
|
|
90
96
|
|
|
91
|
-
|
|
97
|
+
Use a `ThisDeviceOnly` accessibility class for sensitive app credentials unless
|
|
98
|
+
the product explicitly requires restore or sharing behavior. Choose broader
|
|
99
|
+
Keychain accessibility, migration, or sharing strategy in `swift-security`, not
|
|
100
|
+
in this authentication skill.
|
|
92
101
|
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
| `kSecAttrAccessibleWhenUnlockedThisDeviceOnly` | Device unlocked | Yes | Sensitive credentials |
|
|
97
|
-
| `kSecAttrAccessibleAfterFirstUnlock` | After first unlock | No | Background-accessible tokens |
|
|
98
|
-
| `kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly` | After first unlock | Yes | Background tokens, no backup |
|
|
99
|
-
| `kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly` | Passcode set + unlocked | Yes | Highest security |
|
|
102
|
+
Do not use `kSecAttrAccessibleAlways` for app credentials; Apple marks it as not
|
|
103
|
+
recommended for application use because items remain accessible regardless of
|
|
104
|
+
lock state.
|
|
100
105
|
|
|
101
|
-
Rules:
|
|
102
|
-
- Use `ThisDeviceOnly` variants for sensitive data. Prevents backup/restore to other devices.
|
|
103
|
-
- Use `AfterFirstUnlock` for tokens needed by background operations.
|
|
104
|
-
- Use `WhenPasscodeSetThisDeviceOnly` for most sensitive data. Item is deleted if passcode is removed.
|
|
105
|
-
- NEVER use `kSecAttrAccessibleAlways` (deprecated and insecure).
|
|
106
106
|
|
|
107
107
|
## Biometric Authentication with LAContext
|
|
108
108
|
|
|
109
109
|
Use `LAContext` from LocalAuthentication for Face ID / Touch ID prompts before
|
|
110
|
-
|
|
110
|
+
showing sensitive screens or performing protected actions. This is a local
|
|
111
|
+
interaction gate, not proof that a stored secret is safe to release. For tokens,
|
|
112
|
+
private keys, or high-value credentials, bind access to the Keychain item with
|
|
113
|
+
`SecAccessControl` and let `SecItemCopyMatching` perform the authentication.
|
|
111
114
|
|
|
112
115
|
```swift
|
|
113
116
|
import LocalAuthentication
|
|
@@ -172,22 +175,36 @@ let query: [String: Any] = [
|
|
|
172
175
|
kSecClass as String: kSecClassGenericPassword,
|
|
173
176
|
kSecAttrAccount as String: "auth-token",
|
|
174
177
|
kSecValueData as String: tokenData,
|
|
175
|
-
kSecAttrAccessControl as String: access
|
|
176
|
-
kSecUseAuthenticationContext as String: LAContext()
|
|
178
|
+
kSecAttrAccessControl as String: access
|
|
177
179
|
]
|
|
178
180
|
```
|
|
179
181
|
|
|
180
|
-
|
|
182
|
+
Read the protected item with an authentication context so Keychain, not app
|
|
183
|
+
logic, controls release of the secret:
|
|
184
|
+
|
|
185
|
+
```swift
|
|
186
|
+
let context = LAContext()
|
|
187
|
+
context.localizedReason = "Authenticate to access your account"
|
|
188
|
+
|
|
189
|
+
let query: [String: Any] = [
|
|
190
|
+
kSecClass as String: kSecClassGenericPassword,
|
|
191
|
+
kSecAttrAccount as String: "auth-token",
|
|
192
|
+
kSecReturnData as String: true,
|
|
193
|
+
kSecMatchLimit as String: kSecMatchLimitOne,
|
|
194
|
+
kSecUseAuthenticationContext as String: context
|
|
195
|
+
]
|
|
196
|
+
|
|
197
|
+
var result: AnyObject?
|
|
198
|
+
let status = SecItemCopyMatching(query as CFDictionary, &result)
|
|
199
|
+
guard status == errSecSuccess, let tokenData = result as? Data else {
|
|
200
|
+
throw KeychainError.readFailed(status)
|
|
201
|
+
}
|
|
202
|
+
```
|
|
181
203
|
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
| `.biometryAny` | Requires biometry, survives enrollment changes. |
|
|
186
|
-
| `.userPresence` | Biometry or passcode. Most flexible. |
|
|
204
|
+
Use `.biometryCurrentSet` when an auth token must be invalidated after biometric
|
|
205
|
+
enrollment changes. Route broader SecAccessControl flag selection and policy
|
|
206
|
+
tradeoffs to `swift-security`.
|
|
187
207
|
|
|
188
|
-
Use `.biometryCurrentSet` for high-security items (tokens, keys). Use
|
|
189
|
-
`.userPresence` when you want to allow passcode fallback without a separate
|
|
190
|
-
`LAContext` evaluation.
|
|
191
208
|
|
|
192
209
|
## Keychain Error Handling
|
|
193
210
|
|
|
@@ -209,3 +226,13 @@ enum KeychainError: Error {
|
|
|
209
226
|
}
|
|
210
227
|
}
|
|
211
228
|
```
|
|
229
|
+
|
|
230
|
+
## References
|
|
231
|
+
|
|
232
|
+
- [Restricting keychain item accessibility](https://sosumi.ai/documentation/security/restricting-keychain-item-accessibility)
|
|
233
|
+
- [Accessing Keychain Items with Face ID or Touch ID](https://sosumi.ai/documentation/localauthentication/accessing-keychain-items-with-face-id-or-touch-id)
|
|
234
|
+
- [LAContext](https://sosumi.ai/documentation/localauthentication/lacontext)
|
|
235
|
+
- [NSFaceIDUsageDescription](https://sosumi.ai/documentation/bundleresources/information-property-list/nsfaceidusagedescription)
|
|
236
|
+
- [kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly](https://sosumi.ai/documentation/security/ksecattraccessiblewhenpasscodesetthisdeviceonly)
|
|
237
|
+
- [SecAccessControlCreateFlags.userPresence](https://sosumi.ai/documentation/security/secaccesscontrolcreateflags/userpresence)
|
|
238
|
+
- [SecAccessControlCreateFlags.biometryCurrentSet](https://sosumi.ai/documentation/security/secaccesscontrolcreateflags/biometrycurrentset)
|