@ngocsangairvds/vsaf 4.1.0 → 4.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +2 -1
- package/packages/cli/dist/commands/cleanup.d.ts +6 -0
- package/packages/cli/dist/commands/cleanup.d.ts.map +1 -0
- package/packages/cli/dist/commands/cleanup.js +103 -0
- package/packages/cli/dist/commands/cleanup.js.map +1 -0
- package/packages/cli/dist/commands/doctor.d.ts +1 -0
- package/packages/cli/dist/commands/doctor.d.ts.map +1 -1
- package/packages/cli/dist/commands/doctor.js +4 -3
- package/packages/cli/dist/commands/doctor.js.map +1 -1
- package/packages/cli/dist/index.js +23 -2
- package/packages/cli/dist/index.js.map +1 -1
- package/packages/cli/dist/mcp/server.d.ts.map +1 -1
- package/packages/cli/dist/mcp/server.js +9 -0
- package/packages/cli/dist/mcp/server.js.map +1 -1
- package/packages/core/dist/store/run-store.d.ts +8 -0
- package/packages/core/dist/store/run-store.d.ts.map +1 -1
- package/packages/core/dist/store/run-store.js +51 -0
- package/packages/core/dist/store/run-store.js.map +1 -1
- package/packages/web/dist/web/3rdpartylicenses.txt +614 -0
- package/packages/web/dist/web/browser/chunk-2QJBTGYU.js +3 -0
- package/packages/web/dist/web/browser/chunk-3VYLP4FZ.js +1 -0
- package/packages/web/dist/web/browser/chunk-6HRQZQXD.js +1 -0
- package/packages/web/dist/web/browser/chunk-7PK6Q4UU.js +1 -0
- package/packages/web/dist/web/browser/chunk-O7TQGEFF.js +8 -0
- package/packages/web/dist/web/browser/chunk-PWF76NCM.js +1 -0
- package/packages/web/dist/web/browser/favicon.ico +0 -0
- package/packages/web/dist/web/browser/index.html +13 -0
- package/packages/web/dist/web/browser/main-AZU5W3KI.js +1 -0
- package/packages/web/dist/web/browser/polyfills-YMBILSHJ.js +2 -0
- package/packages/web/dist/web/browser/styles-JBPZVY54.css +1 -0
- package/packages/web/dist/web/prerendered-routes.json +3 -0
- package/skills/sdlc/architecture/SKILL.md +5 -3
- package/skills/sdlc/hotfix-analyze/SKILL.md +1 -1
- package/skills/sdlc/hotfix-implement/SKILL.md +227 -0
- package/skills/sdlc/hotfix-prd/SKILL.md +161 -0
- package/skills/sdlc/hotfix-ship/SKILL.md +221 -0
- package/skills/sdlc/pack.yaml +3 -2
- package/skills/sdlc/prd/SKILL.md +4 -2
- package/skills/sdlc/review/SKILL.md +3 -1
- package/skills/sdlc/sdlc-health/SKILL.md +6 -5
- package/skills/sdlc/ship/SKILL.md +6 -91
- package/skills/sdlc/srs/SKILL.md +3 -1
- package/skills/sdlc/test-design/SKILL.md +3 -1
- package/skills/sdlc/workflows/hotfix-tdd.yaml +7 -12
- package/skills/sdlc/workflows/hotfix.yaml +16 -15
- package/skills/sdlc/hotfix-green/SKILL.md +0 -101
- package/skills/sdlc/hotfix-red/SKILL.md +0 -96
|
@@ -1,34 +1,35 @@
|
|
|
1
1
|
name: hotfix
|
|
2
|
-
description: "Hotfix —
|
|
2
|
+
description: "Hotfix — Analyze → PRD → Implement (TDD) → Ship"
|
|
3
3
|
|
|
4
4
|
nodes:
|
|
5
5
|
- id: analyze
|
|
6
|
+
description: "Analyze — grill user, GitNexus impact, root cause, blast radius"
|
|
6
7
|
command: sdlc-hotfix-analyze
|
|
7
8
|
workspace: false
|
|
8
9
|
|
|
9
|
-
- id:
|
|
10
|
-
|
|
10
|
+
- id: prd
|
|
11
|
+
description: "PRD — fix requirements, acceptance criteria, scope boundary"
|
|
12
|
+
command: sdlc-hotfix-prd
|
|
11
13
|
depends_on: [analyze]
|
|
14
|
+
workspace: false
|
|
12
15
|
|
|
13
|
-
- id:
|
|
14
|
-
|
|
15
|
-
|
|
16
|
+
- id: implement
|
|
17
|
+
description: "Implement — TDD (RED → GREEN → REFACTOR), SonarQube-in-loop"
|
|
18
|
+
command: sdlc-hotfix-implement
|
|
19
|
+
depends_on: [prd]
|
|
16
20
|
|
|
17
21
|
- id: test-gate
|
|
22
|
+
description: "Test Gate — run full test suite"
|
|
18
23
|
bash: |
|
|
19
24
|
cd $WORKSPACE && npm test 2>&1
|
|
20
|
-
depends_on: [
|
|
25
|
+
depends_on: [implement]
|
|
21
26
|
loop:
|
|
22
|
-
on_fail:
|
|
27
|
+
on_fail: implement
|
|
23
28
|
max_retries: 3
|
|
24
29
|
inject_error: true
|
|
25
30
|
|
|
26
|
-
- id: review
|
|
27
|
-
command: sdlc-hotfix-review
|
|
28
|
-
depends_on: [test-gate]
|
|
29
|
-
workspace: false
|
|
30
|
-
|
|
31
31
|
- id: ship
|
|
32
|
-
|
|
33
|
-
|
|
32
|
+
description: "Ship — commit, PR on hotfix branch"
|
|
33
|
+
command: sdlc-hotfix-ship
|
|
34
|
+
depends_on: [test-gate]
|
|
34
35
|
workspace: false
|
|
@@ -1,101 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
name: hotfix-green
|
|
3
|
-
description: "Hotfix Phase 3 — TDD GREEN — write the minimal fix to make the failing test pass"
|
|
4
|
-
version: 1.0.0
|
|
5
|
-
author: "@ngocsangairvds/vsaf"
|
|
6
|
-
---
|
|
7
|
-
|
|
8
|
-
# Hotfix Phase 3: TDD GREEN — Minimal Fix
|
|
9
|
-
|
|
10
|
-
You are a Senior Developer applying a surgical fix. Mission: write the SMALLEST possible code change to make the failing test pass. Nothing more.
|
|
11
|
-
|
|
12
|
-
## Progress Protocol
|
|
13
|
-
|
|
14
|
-
Print progress at each step:
|
|
15
|
-
```
|
|
16
|
-
[HOTFIX-GREEN] [step/3] description... ⏳
|
|
17
|
-
[HOTFIX-GREEN] [step/3] description... ✅
|
|
18
|
-
```
|
|
19
|
-
|
|
20
|
-
## Index Protection
|
|
21
|
-
|
|
22
|
-
⛔ Do NOT modify `graphify-out/` or `.gitnexus/` — READ only.
|
|
23
|
-
|
|
24
|
-
## Phase Entry Protocol
|
|
25
|
-
|
|
26
|
-
```
|
|
27
|
-
[HOTFIX-GREEN] [1/3] Verifying failing test... ⏳
|
|
28
|
-
```
|
|
29
|
-
|
|
30
|
-
1. Read `.vsaf/docs/hotfixes/{bug-id}/01-analysis.md` — understand root cause and fix strategy
|
|
31
|
-
2. Locate the test file written in the RED phase
|
|
32
|
-
3. Run the test — confirm it FAILS (if it passes, something changed — STOP and investigate)
|
|
33
|
-
4. Read the production code that needs to be fixed
|
|
34
|
-
|
|
35
|
-
```
|
|
36
|
-
[HOTFIX-GREEN] [1/3] Verifying failing test... ✅
|
|
37
|
-
```
|
|
38
|
-
|
|
39
|
-
## Tasks
|
|
40
|
-
|
|
41
|
-
### Step 2: Apply Minimal Fix
|
|
42
|
-
|
|
43
|
-
```
|
|
44
|
-
[HOTFIX-GREEN] [2/3] Applying minimal fix... ⏳
|
|
45
|
-
```
|
|
46
|
-
|
|
47
|
-
1. Apply the fix strategy from the analysis
|
|
48
|
-
2. Change ONLY what is necessary to fix the bug
|
|
49
|
-
3. Rules for the fix:
|
|
50
|
-
- Smallest possible diff
|
|
51
|
-
- Do NOT refactor surrounding code
|
|
52
|
-
- Do NOT fix other issues you notice
|
|
53
|
-
- Do NOT add features
|
|
54
|
-
- Do NOT change formatting of untouched code
|
|
55
|
-
- 1 bug = 1 focused fix
|
|
56
|
-
4. Apply SonarQube rules on the changed code:
|
|
57
|
-
- Issues = 0, Blocker = 0, Critical = 0
|
|
58
|
-
- Security Hotspots = 0
|
|
59
|
-
- No new code smells introduced
|
|
60
|
-
|
|
61
|
-
```
|
|
62
|
-
[HOTFIX-GREEN] [2/3] Applying minimal fix... ✅
|
|
63
|
-
```
|
|
64
|
-
|
|
65
|
-
### Step 3: Run Tests — MUST PASS
|
|
66
|
-
|
|
67
|
-
```
|
|
68
|
-
[HOTFIX-GREEN] [3/3] Running tests... ⏳
|
|
69
|
-
```
|
|
70
|
-
|
|
71
|
-
1. Run the specific reproduction test — it MUST PASS now
|
|
72
|
-
2. If it still FAILS → read the error, adjust the fix, try again
|
|
73
|
-
3. Run the FULL test suite — check for regressions
|
|
74
|
-
4. If any existing test FAILS → the fix introduced a regression
|
|
75
|
-
- Analyze which test failed and why
|
|
76
|
-
- Adjust the fix to not break existing behavior
|
|
77
|
-
- Re-run until all tests pass
|
|
78
|
-
|
|
79
|
-
```
|
|
80
|
-
[HOTFIX-GREEN] [3/3] Running tests... ✅ (reproduction test PASS + full suite PASS)
|
|
81
|
-
```
|
|
82
|
-
|
|
83
|
-
## Phase Exit Protocol
|
|
84
|
-
|
|
85
|
-
Print PHASE REPORT:
|
|
86
|
-
- Bug: {bug-id}
|
|
87
|
-
- Status: TDD GREEN COMPLETED
|
|
88
|
-
- Fix applied: {one-line description of what changed}
|
|
89
|
-
- Files changed: {list of changed files}
|
|
90
|
-
- Reproduction test: PASS
|
|
91
|
-
- Full test suite: PASS ({N}/{N} tests)
|
|
92
|
-
- Next step: test-gate (automatic) → `/hotfix-review`
|
|
93
|
-
|
|
94
|
-
## Rules
|
|
95
|
-
|
|
96
|
-
- ⛔ MINIMAL fix only — do NOT refactor, do NOT fix other things
|
|
97
|
-
- ⛔ Do NOT modify `graphify-out/` or `.gitnexus/`
|
|
98
|
-
- ⛔ Do NOT change any test file from the RED phase (the test must stay as-is)
|
|
99
|
-
- If the fix requires changing more than 3 files → STOP and verify with user that this is still a hotfix scope
|
|
100
|
-
- The reproduction test must pass WITHOUT modifying the test
|
|
101
|
-
- All existing tests must continue to pass (zero regressions)
|
|
@@ -1,96 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
name: hotfix-red
|
|
3
|
-
description: "Hotfix Phase 2 — TDD RED — write a failing test that reproduces the bug before any fix"
|
|
4
|
-
version: 1.0.0
|
|
5
|
-
author: "@ngocsangairvds/vsaf"
|
|
6
|
-
---
|
|
7
|
-
|
|
8
|
-
# Hotfix Phase 2: TDD RED — Write Failing Test
|
|
9
|
-
|
|
10
|
-
You are a Test Engineer. Mission: write a test that reproduces the bug. The test MUST FAIL — proving the bug exists before anyone writes a fix.
|
|
11
|
-
|
|
12
|
-
## Progress Protocol
|
|
13
|
-
|
|
14
|
-
Print progress at each step:
|
|
15
|
-
```
|
|
16
|
-
[HOTFIX-RED] [step/3] description... ⏳
|
|
17
|
-
[HOTFIX-RED] [step/3] description... ✅
|
|
18
|
-
```
|
|
19
|
-
|
|
20
|
-
## Index Protection
|
|
21
|
-
|
|
22
|
-
⛔ Do NOT modify `graphify-out/` or `.gitnexus/` — READ only.
|
|
23
|
-
|
|
24
|
-
## Phase Entry Protocol
|
|
25
|
-
|
|
26
|
-
```
|
|
27
|
-
[HOTFIX-RED] [1/3] Reading analysis... ⏳
|
|
28
|
-
```
|
|
29
|
-
|
|
30
|
-
1. Read `.vsaf/docs/hotfixes/{bug-id}/01-analysis.md`
|
|
31
|
-
2. Verify file exists — if not, ask: "Analysis not found. Have you run hotfix-analyze?"
|
|
32
|
-
3. Understand: root cause, affected files, reproduction steps
|
|
33
|
-
4. Detect the project's test framework (scan `package.json`, `pom.xml`, existing test files)
|
|
34
|
-
5. Read at least one existing test file to understand conventions (naming, structure, assertions)
|
|
35
|
-
|
|
36
|
-
```
|
|
37
|
-
[HOTFIX-RED] [1/3] Reading analysis... ✅
|
|
38
|
-
```
|
|
39
|
-
|
|
40
|
-
## Tasks
|
|
41
|
-
|
|
42
|
-
### Step 2: Write Reproduction Test
|
|
43
|
-
|
|
44
|
-
```
|
|
45
|
-
[HOTFIX-RED] [2/3] Writing reproduction test... ⏳
|
|
46
|
-
```
|
|
47
|
-
|
|
48
|
-
1. Create a test that exercises the EXACT code path identified in the analysis
|
|
49
|
-
2. The test must:
|
|
50
|
-
- Target the root cause specifically (not a generic test)
|
|
51
|
-
- Follow the project's existing test conventions
|
|
52
|
-
- Have a descriptive name: `test_{bug-id}_should_{expected_behavior}`
|
|
53
|
-
- Include a comment linking to the bug: `// Regression test for {bug-id}`
|
|
54
|
-
3. Place the test file in the correct directory per project convention
|
|
55
|
-
|
|
56
|
-
```
|
|
57
|
-
[HOTFIX-RED] [2/3] Writing reproduction test... ✅
|
|
58
|
-
```
|
|
59
|
-
|
|
60
|
-
### Step 3: Run Test — MUST FAIL
|
|
61
|
-
|
|
62
|
-
```
|
|
63
|
-
[HOTFIX-RED] [3/3] Running test — expecting FAILURE... ⏳
|
|
64
|
-
```
|
|
65
|
-
|
|
66
|
-
1. Run ONLY the new test (not the full suite)
|
|
67
|
-
2. Expected result: **TEST FAILS**
|
|
68
|
-
3. If test FAILS → Correct. The bug is proven to exist. Proceed.
|
|
69
|
-
4. If test PASSES → **STOP.** Something is wrong:
|
|
70
|
-
- The test does not exercise the buggy code path
|
|
71
|
-
- The analysis root cause is incorrect
|
|
72
|
-
- Re-read the analysis, rewrite the test, and try again
|
|
73
|
-
5. Capture the failure output as evidence
|
|
74
|
-
|
|
75
|
-
```
|
|
76
|
-
[HOTFIX-RED] [3/3] Running test — expecting FAILURE... ✅ (test failed as expected)
|
|
77
|
-
```
|
|
78
|
-
|
|
79
|
-
## Phase Exit Protocol
|
|
80
|
-
|
|
81
|
-
Print PHASE REPORT:
|
|
82
|
-
- Bug: {bug-id}
|
|
83
|
-
- Status: TDD RED COMPLETED
|
|
84
|
-
- Test file: {path to test file}
|
|
85
|
-
- Test result: FAIL (as expected)
|
|
86
|
-
- Failure output: {key line from test failure}
|
|
87
|
-
- Next step: `/hotfix-green`
|
|
88
|
-
|
|
89
|
-
## Rules
|
|
90
|
-
|
|
91
|
-
- ⛔ Do NOT fix the bug — only write the test
|
|
92
|
-
- ⛔ Do NOT modify any production code
|
|
93
|
-
- ⛔ Do NOT modify `graphify-out/` or `.gitnexus/`
|
|
94
|
-
- The test MUST FAIL — a passing test means the test is wrong, not that the bug is fixed
|
|
95
|
-
- One test per bug — do not write extra tests beyond what reproduces this specific bug
|
|
96
|
-
- The test must be specific enough that fixing the bug (and only the bug) will make it pass
|