@oddessentials/repo-standards 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +202 -0
  3. package/dist/config/standards.csharp-dotnet.azure-devops.json +542 -0
  4. package/dist/config/standards.csharp-dotnet.github-actions.json +542 -0
  5. package/dist/config/standards.csharp-dotnet.json +603 -0
  6. package/dist/config/standards.json +1351 -0
  7. package/dist/config/standards.python.azure-devops.json +557 -0
  8. package/dist/config/standards.python.github-actions.json +557 -0
  9. package/dist/config/standards.python.json +618 -0
  10. package/dist/config/standards.typescript-js.azure-devops.json +555 -0
  11. package/dist/config/standards.typescript-js.github-actions.json +555 -0
  12. package/dist/config/standards.typescript-js.json +616 -0
  13. package/dist/index.d.ts +11 -0
  14. package/dist/index.d.ts.map +1 -0
  15. package/dist/index.js +42 -0
  16. package/dist/types.d.ts +21 -0
  17. package/dist/types.d.ts.map +1 -0
  18. package/dist/types.js +2 -0
  19. package/package.json +82 -0
package/dist/config/standards.csharp-dotnet.json ADDED
@@ -0,0 +1,603 @@
1
+ {
2
+ "checklist": {
3
+ "core": [
4
+ {
5
+ "ciHints": {
6
+ "azure-devops": {
7
+ "stage": "quality"
8
+ },
9
+ "github-actions": {
10
+ "job": "ci"
11
+ }
12
+ },
13
+ "description": "Maintain proper .gitignore and .dockerignore files to prevent committing secrets, build artifacts, or unnecessary files.",
14
+ "id": "gitignore-and-dockerignore",
15
+ "label": "Git and Docker Ignore Files",
16
+ "stack": {
17
+ "exampleConfigFiles": [
18
+ ".gitignore",
19
+ ".dockerignore"
20
+ ],
21
+ "notes": "Use the official github/gitignore VisualStudio/.NET template. .dockerignore must exclude bin/, obj/, .vs/, *.user, and similar local/build artifacts.",
22
+ "optionalFiles": [
23
+ ".dockerignore"
24
+ ],
25
+ "requiredFiles": [
26
+ ".gitignore"
27
+ ],
28
+ "verification": ".gitignore must exist; .dockerignore is recommended when containerizing or using Docker workflows."
29
+ }
30
+ },
31
+ {
32
+ "ciHints": {
33
+ "azure-devops": {
34
+ "stage": "quality"
35
+ },
36
+ "github-actions": {
37
+ "job": "ci"
38
+ }
39
+ },
40
+ "description": "Run static code linting to enforce consistency and catch common issues early.",
41
+ "id": "linting",
42
+ "label": "Linting",
43
+ "stack": {
44
+ "exampleConfigFiles": [
45
+ ".editorconfig",
46
+ "Directory.Build.props"
47
+ ],
48
+ "exampleTools": [
49
+ "Roslyn analyzers",
50
+ "StyleCop"
51
+ ],
52
+ "notes": "Enable analyzers or style rules for the solution and review warnings regularly; enforce stricter rules on new code.",
53
+ "optionalFiles": [
54
+ "Directory.Build.props"
55
+ ],
56
+ "requiredFiles": [
57
+ ".editorconfig"
58
+ ],
59
+ "requiredScripts": [
60
+ "lint"
61
+ ],
62
+ "verification": ".editorconfig must exist to drive the .NET formatting and analysis tooling."
63
+ }
64
+ },
65
+ {
66
+ "ciHints": {
67
+ "azure-devops": {
68
+ "stage": "test"
69
+ },
70
+ "github-actions": {
71
+ "job": "ci"
72
+ }
73
+ },
74
+ "description": "Provide a deterministic unit test framework with a single command to run all tests.",
75
+ "id": "unit-test-runner",
76
+ "label": "Unit Test Runner",
77
+ "stack": {
78
+ "exampleConfigFiles": [
79
+ "*.Tests.csproj"
80
+ ],
81
+ "exampleTools": [
82
+ "xUnit",
83
+ "NUnit",
84
+ "MSTest"
85
+ ],
86
+ "notes": "Group unit tests into dedicated test projects and keep them independent from external services.",
87
+ "optionalFiles": [
88
+ "*.Tests.csproj"
89
+ ],
90
+ "verification": "Test projects are present in the solution; test configuration is defined."
91
+ }
92
+ },
93
+ {
94
+ "ciHints": {
95
+ "azure-devops": {
96
+ "stage": "build"
97
+ },
98
+ "github-actions": {
99
+ "job": "ci"
100
+ }
101
+ },
102
+ "description": "Provide a Dockerfile and, if applicable, a docker-compose file for local dev and CI parity.",
103
+ "id": "containerization",
104
+ "label": "Containerization (Docker / Docker Compose)",
105
+ "stack": {
106
+ "exampleConfigFiles": [
107
+ "Dockerfile",
108
+ "docker-compose.yml"
109
+ ],
110
+ "exampleTools": [],
111
+ "notes": "Use multi-stage builds for .NET publish output and pin the SDK/runtime image versions to match CI.",
112
+ "optionalFiles": [
113
+ "docker-compose.yml"
114
+ ],
115
+ "requiredFiles": [
116
+ "Dockerfile"
117
+ ],
118
+ "verification": "Dockerfile must be present; docker-compose.yml is optional and indicates orchestration usage."
119
+ }
120
+ },
121
+ {
122
+ "ciHints": {
123
+ "azure-devops": {
124
+ "stage": "release"
125
+ },
126
+ "github-actions": {
127
+ "job": "release"
128
+ }
129
+ },
130
+ "description": "Use MAJOR.MINOR.PATCH versioning with clear rules and automated changelog generation based on commit history.",
131
+ "id": "semantic-versioning",
132
+ "label": "Semantic Versioning",
133
+ "stack": {
134
+ "exampleConfigFiles": [
135
+ "GitVersion.yml",
136
+ "*.csproj",
137
+ "CHANGELOG.md"
138
+ ],
139
+ "exampleTools": [
140
+ "GitVersion"
141
+ ],
142
+ "notes": "Use GitVersion to automatically compute SemVer from git history and feed it into assembly/package versions. Configure CI to auto-generate or update CHANGELOG.md from commit messages and git tags. Integrate with release pipeline to automatically version assemblies, NuGet packages, and create release notes.",
143
+ "verification": "Check that versioning is driven by a SemVer-aware tool (for example, GitVersion) and verify that running the release/versioning step locally or in CI automatically produces the expected version metadata, updates project files, and generates changelog entries from commit history."
144
+ }
145
+ },
146
+ {
147
+ "ciHints": {
148
+ "azure-devops": {
149
+ "stage": "quality"
150
+ },
151
+ "github-actions": {
152
+ "job": "ci"
153
+ }
154
+ },
155
+ "description": "Enforce structured commit messages such as Conventional Commits.",
156
+ "id": "commit-linting",
157
+ "label": "Commit Linting",
158
+ "stack": {
159
+ "exampleConfigFiles": [
160
+ "commitlint.config.*",
161
+ ".cz.toml"
162
+ ],
163
+ "exampleTools": [
164
+ "commitlint",
165
+ "commitizen"
166
+ ],
167
+ "notes": "Document your commit convention and wire up a helper tool so contributors can easily follow it.",
168
+ "verification": "Create a test commit following the documented commit convention and confirm that any configured commit message checks (local hooks or CI) accept the message."
169
+ }
170
+ },
171
+ {
172
+ "ciHints": {
173
+ "azure-devops": {
174
+ "stage": "test"
175
+ },
176
+ "github-actions": {
177
+ "job": "ci"
178
+ }
179
+ },
180
+ "description": "Generate readable unit test and coverage reports and enforce a minimum coverage threshold (around 80%) for new or changed code.",
181
+ "id": "unit-test-reporter",
182
+ "label": "Unit Test Reporter / Coverage",
183
+ "stack": {
184
+ "exampleConfigFiles": [
185
+ "*.csproj"
186
+ ],
187
+ "exampleTools": [
188
+ "coverlet",
189
+ "ReportGenerator"
190
+ ],
191
+ "notes": "Enable coverage collection for test projects and publish reports in a human-friendly format from CI.",
192
+ "verification": "Run the test suite with coverage enabled (for example, using coverlet or a similar tool) and verify that coverage reports are generated and used in CI to monitor thresholds."
193
+ }
194
+ },
195
+ {
196
+ "ciHints": {
197
+ "azure-devops": {
198
+ "stage": "ci"
199
+ },
200
+ "github-actions": {
201
+ "job": "ci"
202
+ }
203
+ },
204
+ "description": "Single CI pipeline that runs linting, formatting, type checking, tests, coverage, build, and containerization.",
205
+ "id": "ci-quality-gates",
206
+ "label": "CI Quality Gates",
207
+ "stack": {
208
+ "exampleConfigFiles": [
209
+ ".github/workflows/*",
210
+ "azure-pipelines.yml"
211
+ ],
212
+ "exampleTools": [],
213
+ "notes": "Ensure CI runs analyzers, tests, build, and packaging or container checks before changes can be merged.",
214
+ "verification": "Open the CI configuration and verify there is a job or stage that runs analyzers, tests, build, and any required packaging or container checks before merging to main."
215
+ }
216
+ },
217
+ {
218
+ "ciHints": {
219
+ "azure-devops": {
220
+ "stage": "quality"
221
+ },
222
+ "github-actions": {
223
+ "job": "ci"
224
+ }
225
+ },
226
+ "description": "Automatic code formatting to maintain a consistent style across all contributors.",
227
+ "id": "code-formatter",
228
+ "label": "Code Formatter",
229
+ "stack": {
230
+ "exampleConfigFiles": [
231
+ ".editorconfig"
232
+ ],
233
+ "exampleTools": [
234
+ "dotnet format"
235
+ ],
236
+ "notes": "Use .editorconfig and dotnet-format to keep C# style consistent across contributors.",
237
+ "verification": "Run the configured formatter or code style enforcement (for example, `dotnet format`) and confirm that code in the repository conforms to the defined rules."
238
+ }
239
+ },
240
+ {
241
+ "ciHints": {
242
+ "azure-devops": {
243
+ "stage": "quality"
244
+ },
245
+ "github-actions": {
246
+ "job": "ci"
247
+ }
248
+ },
249
+ "description": "Use git hooks to run linting, formatting, tests, and commit linting before changes are committed.",
250
+ "id": "pre-commit-hooks",
251
+ "label": "Pre-Commit Hooks",
252
+ "stack": {
253
+ "exampleConfigFiles": [
254
+ "lefthook.yml"
255
+ ],
256
+ "exampleTools": [
257
+ "Lefthook"
258
+ ],
259
+ "notes": "Configure Lefthook or similar to run formatting and basic checks on staged files before commits.",
260
+ "verification": "Inspect the hook configuration (for example, Lefthook or similar) and confirm it runs at least formatting and basic checks on staged changes before commits or pushes."
261
+ }
262
+ },
263
+ {
264
+ "ciHints": {
265
+ "azure-devops": {
266
+ "stage": "quality"
267
+ },
268
+ "github-actions": {
269
+ "job": "ci"
270
+ }
271
+ },
272
+ "description": "Use static type checking to catch errors before runtime and enforce strictness on new code.",
273
+ "id": "type-checking",
274
+ "label": "Type Checking",
275
+ "stack": {
276
+ "exampleConfigFiles": [
277
+ ".editorconfig",
278
+ "Directory.Build.props",
279
+ "*.csproj"
280
+ ],
281
+ "exampleTools": [
282
+ "Roslyn analyzers"
283
+ ],
284
+ "notes": "Enable nullable reference types and relevant analyzers to catch type and nullability issues at compile time. C# project files (*.csproj) indicate the presence of projects that can be type-checked.",
285
+ "optionalFiles": [
286
+ "Directory.Build.props"
287
+ ],
288
+ "requiredFiles": [
289
+ ".editorconfig"
290
+ ],
291
+ "requiredScripts": [
292
+ "typecheck"
293
+ ],
294
+ "verification": ".editorconfig must exist; Directory.Build.props is optional for shared build configuration."
295
+ }
296
+ },
297
+ {
298
+ "ciHints": {
299
+ "azure-devops": {
300
+ "stage": "quality"
301
+ },
302
+ "github-actions": {
303
+ "job": "ci"
304
+ }
305
+ },
306
+ "description": "Lock dependencies and scan regularly for known vulnerabilities; fail CI on newly introduced high-severity issues.",
307
+ "id": "dependency-security",
308
+ "label": "Dependency Management & Vulnerability Scanning",
309
+ "stack": {
310
+ "exampleConfigFiles": [
311
+ "packages.lock.json",
312
+ "*.csproj"
313
+ ],
314
+ "exampleTools": [
315
+ "dotnet list package --vulnerable"
316
+ ],
317
+ "notes": "Enable package lock files and use vulnerability scanning to track and remediate high-risk dependencies.",
318
+ "optionalFiles": [
319
+ "packages.lock.json"
320
+ ],
321
+ "verification": "Dependency lockfile or package reference is present; security scanning is configured."
322
+ }
323
+ },
324
+ {
325
+ "ciHints": {
326
+ "azure-devops": {
327
+ "stage": "quality"
328
+ },
329
+ "github-actions": {
330
+ "job": "ci"
331
+ }
332
+ },
333
+ "description": "Specify required runtime/engine versions in package manifests to ensure environment stability and prevent version-related issues across development teams.",
334
+ "id": "runtime-version",
335
+ "label": "Runtime Version Specification",
336
+ "stack": {
337
+ "exampleConfigFiles": [
338
+ "*.csproj",
339
+ "global.json"
340
+ ],
341
+ "exampleTools": [],
342
+ "notes": "Specify TargetFramework in .csproj files (e.g., <TargetFramework>net8.0</TargetFramework>) and optionally use global.json to pin the SDK version (e.g., { \"sdk\": { \"version\": \"8.0.100\" } }) for consistent builds across the team.",
343
+ "optionalFiles": [
344
+ "global.json"
345
+ ],
346
+ "verification": ".csproj files must specify TargetFramework; global.json is recommended to pin SDK version."
347
+ }
348
+ },
349
+ {
350
+ "ciHints": {
351
+ "azure-devops": {
352
+ "stage": "docs"
353
+ },
354
+ "github-actions": {
355
+ "job": "ci"
356
+ }
357
+ },
358
+ "description": "Maintain a comprehensive README and, where applicable, auto-generated API docs to support onboarding and maintainability.",
359
+ "id": "documentation",
360
+ "label": "Documentation Standards",
361
+ "stack": {
362
+ "exampleConfigFiles": [
363
+ "README.md",
364
+ "docfx.json"
365
+ ],
366
+ "exampleTools": [
367
+ "DocFX"
368
+ ],
369
+ "notes": "Keep README and API docs in sync with the solution structure and public surface area.",
370
+ "optionalFiles": [
371
+ "docs/",
372
+ "docfx.json"
373
+ ],
374
+ "requiredFiles": [
375
+ "README.md"
376
+ ],
377
+ "verification": "README.md is present in the repository root; docs/ directory or DocFX configuration exists if applicable."
378
+ }
379
+ },
380
+ {
381
+ "ciHints": {
382
+ "azure-devops": {
383
+ "stage": "governance"
384
+ },
385
+ "github-actions": {
386
+ "job": "ci"
387
+ }
388
+ },
389
+ "description": "Include standard governance files (LICENSE, CODE_OF_CONDUCT.md, CONTRIBUTING.md), branch protection rules, and review standards to define legal, ethical, and workflow expectations.",
390
+ "id": "repository-governance",
391
+ "label": "Repository Governance",
392
+ "stack": {
393
+ "exampleConfigFiles": [
394
+ "LICENSE",
395
+ "CODE_OF_CONDUCT.md",
396
+ "CONTRIBUTING.md"
397
+ ],
398
+ "exampleTools": [],
399
+ "notes": "Document contribution expectations and ensure legal and code-of-conduct policies are easy to find.",
400
+ "optionalFiles": [
401
+ "CODE_OF_CONDUCT.md",
402
+ "CONTRIBUTING.md"
403
+ ],
404
+ "requiredFiles": [
405
+ "LICENSE"
406
+ ],
407
+ "verification": "LICENSE file is present in the repository root; CODE_OF_CONDUCT.md and CONTRIBUTING.md are present for contribution guidance."
408
+ }
409
+ }
410
+ ],
411
+ "optionalEnhancements": [
412
+ {
413
+ "ciHints": {
414
+ "azure-devops": {
415
+ "stage": "observability"
416
+ },
417
+ "github-actions": {
418
+ "job": "ci"
419
+ }
420
+ },
421
+ "description": "Standardize error handling and structured logging to make debugging and production monitoring easier.",
422
+ "id": "observability",
423
+ "label": "Observability (Logging & Error Handling)",
424
+ "stack": {
425
+ "exampleConfigFiles": [
426
+ "appsettings.json"
427
+ ],
428
+ "exampleTools": [
429
+ "Serilog",
430
+ "NLog"
431
+ ],
432
+ "notes": "Configure structured logging for your .NET services and ensure exceptions and key events are logged with useful context.",
433
+ "verification": "Confirm that a structured logging library (such as Serilog or NLog) is configured with an agreed sink and format, and that the application logs meaningful context for errors and key events."
434
+ }
435
+ }
436
+ ],
437
+ "recommended": [
438
+ {
439
+ "ciHints": {
440
+ "azure-devops": {
441
+ "stage": "test"
442
+ },
443
+ "github-actions": {
444
+ "job": "ci"
445
+ }
446
+ },
447
+ "description": "Test how components interact with each other and external systems, running after unit tests with more relaxed coverage thresholds.",
448
+ "id": "integration-testing",
449
+ "label": "Integration Testing",
450
+ "stack": {
451
+ "exampleConfigFiles": [
452
+ "*.IntegrationTests.csproj"
453
+ ],
454
+ "exampleTools": [
455
+ "xUnit",
456
+ "NUnit",
457
+ "MSTest"
458
+ ],
459
+ "notes": "Create dedicated integration test projects that exercise real infrastructure or service boundaries where appropriate.",
460
+ "verification": "Confirm there is a test project or configuration dedicated to integration or API tests and run it to verify external or cross-service interactions behave as expected."
461
+ }
462
+ },
463
+ {
464
+ "ciHints": {
465
+ "azure-devops": {
466
+ "stage": "performance"
467
+ },
468
+ "github-actions": {
469
+ "job": "performance"
470
+ }
471
+ },
472
+ "description": "Establish performance baselines and monitor for regressions using lightweight benchmarks or audits in CI.",
473
+ "id": "performance-baselining",
474
+ "label": "Performance Baselines",
475
+ "stack": {
476
+ "exampleConfigFiles": [
477
+ "*.csproj"
478
+ ],
479
+ "exampleTools": [
480
+ "BenchmarkDotNet"
481
+ ],
482
+ "notes": "Use BenchmarkDotNet or similar to track performance of critical methods or endpoints over time.",
483
+ "verification": "Identify and run the configured performance or benchmarking suite (for example, BenchmarkDotNet) and review the output to ensure it is tracked against historical or target values."
484
+ }
485
+ },
486
+ {
487
+ "ciHints": {
488
+ "azure-devops": {
489
+ "stage": "quality"
490
+ },
491
+ "github-actions": {
492
+ "job": "ci"
493
+ }
494
+ },
495
+ "description": "Measure cyclomatic complexity or similar metrics to keep code maintainable, starting as a warning-only check.",
496
+ "id": "complexity-analysis",
497
+ "label": "Complexity Analysis",
498
+ "stack": {
499
+ "exampleConfigFiles": [
500
+ "sonar-project.properties"
501
+ ],
502
+ "exampleTools": [
503
+ "SonarQube",
504
+ "Visual Studio code metrics"
505
+ ],
506
+ "notes": "Use code metrics or Sonar analysis to flag overly complex methods and refactor them over time.",
507
+ "verification": "Run the configured code metrics or Sonar analysis and review complexity reports for key modules, ensuring that new or changed code stays within acceptable limits."
508
+ }
509
+ },
510
+ {
511
+ "ciHints": {
512
+ "azure-devops": {
513
+ "stage": "quality"
514
+ },
515
+ "github-actions": {
516
+ "job": "ci"
517
+ }
518
+ },
519
+ "description": "Run accessibility checks on web-facing components to detect critical issues and improve inclusive UX.",
520
+ "id": "accessibility-auditing",
521
+ "label": "Accessibility Auditing",
522
+ "stack": {
523
+ "exampleConfigFiles": [],
524
+ "exampleTools": [
525
+ "axe-core",
526
+ "Accessibility Insights"
527
+ ],
528
+ "notes": "Apply accessibility tooling to ASP.NET or Blazor front-ends and review issues alongside functional testing.",
529
+ "verification": "For web-facing apps, run the configured accessibility checks or tools against your main UI endpoints and confirm that blocking accessibility issues are addressed."
530
+ }
531
+ }
532
+ ]
533
+ },
534
+ "ciSystems": [
535
+ "azure-devops",
536
+ "github-actions"
537
+ ],
538
+ "meta": {
539
+ "complexityChecks": {
540
+ "description": "When supported by the stack, run cyclomatic complexity or similar metrics in CI as a warning-only check initially.",
541
+ "enabledByDefault": true
542
+ },
543
+ "defaultCoverageThreshold": 0.8,
544
+ "migrationGuide": [
545
+ {
546
+ "description": "Start by adding pre-commit hooks and core formatting/linting so developers get fast feedback without touching CI.",
547
+ "focusIds": [
548
+ "pre-commit-hooks",
549
+ "linting",
550
+ "code-formatter"
551
+ ],
552
+ "notes": "Keep hooks fast and focused on changed files to avoid slowing down day-to-day work.",
553
+ "step": 1,
554
+ "title": "Establish Local Safety Nets First"
555
+ },
556
+ {
557
+ "description": "Introduce CI quality gates that mirror local checks, but treat existing violations as warnings wherever possible.",
558
+ "focusIds": [
559
+ "ci-quality-gates",
560
+ "linting",
561
+ "code-formatter",
562
+ "commit-linting"
563
+ ],
564
+ "notes": "Use diff-based tools or baselines so only new violations break builds; legacy issues remain visible but non-blocking.",
565
+ "step": 2,
566
+ "title": "Mirror Local Checks in CI (Soft-Fail on Legacy)"
567
+ },
568
+ {
569
+ "description": "Enable type-checking, coverage thresholds, and dependency/vulnerability scanning with gradual enforcement.",
570
+ "focusIds": [
571
+ "type-checking",
572
+ "unit-test-runner",
573
+ "unit-test-reporter",
574
+ "dependency-security"
575
+ ],
576
+ "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
577
+ "step": 3,
578
+ "title": "Add Type Safety, Coverage, and Dependency Security"
579
+ },
580
+ {
581
+ "description": "Add documentation standards, governance files, integration testing, performance baselines, complexity analysis, accessibility auditing, and (optionally) ML-specific practices for data-heavy Python repos.",
582
+ "focusIds": [
583
+ "documentation",
584
+ "repository-governance",
585
+ "integration-testing",
586
+ "performance-baselining",
587
+ "complexity-analysis",
588
+ "accessibility-auditing"
589
+ ],
590
+ "notes": "Tackle recommended items in order of business value; backend-only repos can skip web-focused checks like accessibility. For AI/ML-heavy Python teams, consider extending containerization with data versioning (DVC) and unit tests with data quality checks (e.g., Great Expectations) as part of this step.",
591
+ "step": 4,
592
+ "title": "Layer in Docs, Governance, and Recommended Checks"
593
+ }
594
+ ],
595
+ "qualityGatePolicy": {
596
+ "description": "New quality checks should warn on existing code and fail CI only for violations introduced in new or changed code, to reduce friction on legacy codebases.",
597
+ "preferSoftFailOnLegacy": true
598
+ }
599
+ },
600
+ "stack": "csharp-dotnet",
601
+ "stackLabel": "C# / .NET",
602
+ "version": 1
603
+ }