@oddessentials/repo-standards 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +202 -0
  3. package/dist/config/standards.csharp-dotnet.azure-devops.json +542 -0
  4. package/dist/config/standards.csharp-dotnet.github-actions.json +542 -0
  5. package/dist/config/standards.csharp-dotnet.json +603 -0
  6. package/dist/config/standards.json +1351 -0
  7. package/dist/config/standards.python.azure-devops.json +557 -0
  8. package/dist/config/standards.python.github-actions.json +557 -0
  9. package/dist/config/standards.python.json +618 -0
  10. package/dist/config/standards.typescript-js.azure-devops.json +555 -0
  11. package/dist/config/standards.typescript-js.github-actions.json +555 -0
  12. package/dist/config/standards.typescript-js.json +616 -0
  13. package/dist/index.d.ts +11 -0
  14. package/dist/index.d.ts.map +1 -0
  15. package/dist/index.js +42 -0
  16. package/dist/types.d.ts +21 -0
  17. package/dist/types.d.ts.map +1 -0
  18. package/dist/types.js +2 -0
  19. package/package.json +82 -0
package/dist/config/standards.json ADDED
@@ -0,0 +1,1351 @@
1
+ {
2
+ "checklist": {
3
+ "core": [
4
+ {
5
+ "appliesTo": {
6
+ "stacks": [
7
+ "typescript-js",
8
+ "csharp-dotnet",
9
+ "python"
10
+ ]
11
+ },
12
+ "ciHints": {
13
+ "azure-devops": {
14
+ "stage": "quality"
15
+ },
16
+ "github-actions": {
17
+ "job": "ci"
18
+ }
19
+ },
20
+ "description": "Maintain proper .gitignore and .dockerignore files to prevent committing secrets, build artifacts, or unnecessary files.",
21
+ "id": "gitignore-and-dockerignore",
22
+ "label": "Git and Docker Ignore Files",
23
+ "stackHints": {
24
+ "csharp-dotnet": {
25
+ "exampleConfigFiles": [
26
+ ".gitignore",
27
+ ".dockerignore"
28
+ ],
29
+ "notes": "Use the official github/gitignore VisualStudio/.NET template. .dockerignore must exclude bin/, obj/, .vs/, *.user, and similar local/build artifacts.",
30
+ "optionalFiles": [
31
+ ".dockerignore"
32
+ ],
33
+ "requiredFiles": [
34
+ ".gitignore"
35
+ ],
36
+ "verification": ".gitignore must exist; .dockerignore is recommended when containerizing or using Docker workflows."
37
+ },
38
+ "python": {
39
+ "exampleConfigFiles": [
40
+ ".gitignore",
41
+ ".dockerignore"
42
+ ],
43
+ "notes": "Use the official github/gitignore Python template. Include **pycache**, .venv/, .pytest_cache, .env, and similar local-only files. .dockerignore must exclude .git, virtual environments, and caches.",
44
+ "optionalFiles": [
45
+ ".dockerignore"
46
+ ],
47
+ "requiredFiles": [
48
+ ".gitignore"
49
+ ],
50
+ "verification": ".gitignore must exist; .dockerignore is recommended when containerizing or using Docker workflows."
51
+ },
52
+ "typescript-js": {
53
+ "exampleConfigFiles": [
54
+ ".gitignore",
55
+ ".dockerignore"
56
+ ],
57
+ "notes": "Use the official github/gitignore Node template as a base and add .env*, node_modules, dist/, coverage/, *.log, npm-debug.log*, etc. .dockerignore must exclude node_modules, .git, and local build output.",
58
+ "optionalFiles": [
59
+ ".dockerignore"
60
+ ],
61
+ "requiredFiles": [
62
+ ".gitignore"
63
+ ],
64
+ "verification": ".gitignore must exist; .dockerignore is recommended when containerizing or using Docker workflows."
65
+ }
66
+ }
67
+ },
68
+ {
69
+ "appliesTo": {
70
+ "stacks": [
71
+ "typescript-js",
72
+ "csharp-dotnet",
73
+ "python"
74
+ ]
75
+ },
76
+ "ciHints": {
77
+ "azure-devops": {
78
+ "stage": "quality"
79
+ },
80
+ "github-actions": {
81
+ "job": "ci"
82
+ }
83
+ },
84
+ "description": "Run static code linting to enforce consistency and catch common issues early.",
85
+ "id": "linting",
86
+ "label": "Linting",
87
+ "stackHints": {
88
+ "csharp-dotnet": {
89
+ "exampleConfigFiles": [
90
+ ".editorconfig",
91
+ "Directory.Build.props"
92
+ ],
93
+ "exampleTools": [
94
+ "Roslyn analyzers",
95
+ "StyleCop"
96
+ ],
97
+ "notes": "Enable analyzers or style rules for the solution and review warnings regularly; enforce stricter rules on new code.",
98
+ "optionalFiles": [
99
+ "Directory.Build.props"
100
+ ],
101
+ "requiredFiles": [
102
+ ".editorconfig"
103
+ ],
104
+ "requiredScripts": [
105
+ "lint"
106
+ ],
107
+ "verification": ".editorconfig must exist to drive the .NET formatting and analysis tooling."
108
+ },
109
+ "python": {
110
+ "exampleConfigFiles": [
111
+ "pyproject.toml",
112
+ ".flake8"
113
+ ],
114
+ "exampleTools": [
115
+ "ruff",
116
+ "flake8"
117
+ ],
118
+ "notes": "Configure a primary linter (such as ruff) and keep rules focused on catching real issues without overwhelming developers.",
119
+ "optionalFiles": [
120
+ "ruff.toml",
121
+ ".flake8"
122
+ ],
123
+ "requiredFiles": [
124
+ "pyproject.toml"
125
+ ],
126
+ "requiredScripts": [
127
+ "lint"
128
+ ],
129
+ "verification": "pyproject.toml (or ruff.toml / .flake8) signals that linting tools are configured for the repository."
130
+ },
131
+ "typescript-js": {
132
+ "exampleConfigFiles": [
133
+ ".eslintrc.*"
134
+ ],
135
+ "exampleTools": [
136
+ "eslint"
137
+ ],
138
+ "notes": "Treat new lint errors as CI failures; keep existing issues as warnings until addressed.",
139
+ "optionalFiles": [
140
+ ".eslintrc.js",
141
+ ".eslintrc.cjs",
142
+ ".eslintrc.json",
143
+ ".eslintrc.yaml",
144
+ ".prettierrc",
145
+ "prettier.config.js",
146
+ "prettier.config.cjs",
147
+ "prettier.config.json",
148
+ "prettier.config.yaml"
149
+ ],
150
+ "requiredFiles": [
151
+ "eslint.config.js"
152
+ ],
153
+ "requiredScripts": [
154
+ "lint"
155
+ ],
156
+ "verification": "Presence of eslint.config.js (or any .eslintrc* file) indicates linting is enforced for the repository."
157
+ }
158
+ }
159
+ },
160
+ {
161
+ "appliesTo": {
162
+ "stacks": [
163
+ "typescript-js",
164
+ "csharp-dotnet",
165
+ "python"
166
+ ]
167
+ },
168
+ "ciHints": {
169
+ "azure-devops": {
170
+ "stage": "test"
171
+ },
172
+ "github-actions": {
173
+ "job": "ci"
174
+ }
175
+ },
176
+ "description": "Provide a deterministic unit test framework with a single command to run all tests.",
177
+ "id": "unit-test-runner",
178
+ "label": "Unit Test Runner",
179
+ "stackHints": {
180
+ "csharp-dotnet": {
181
+ "exampleConfigFiles": [
182
+ "*.Tests.csproj"
183
+ ],
184
+ "exampleTools": [
185
+ "xUnit",
186
+ "NUnit",
187
+ "MSTest"
188
+ ],
189
+ "notes": "Group unit tests into dedicated test projects and keep them independent from external services.",
190
+ "optionalFiles": [
191
+ "*.Tests.csproj"
192
+ ],
193
+ "verification": "Test projects are present in the solution; test configuration is defined."
194
+ },
195
+ "python": {
196
+ "exampleConfigFiles": [
197
+ "pytest.ini",
198
+ "pyproject.toml"
199
+ ],
200
+ "exampleTools": [
201
+ "pytest"
202
+ ],
203
+ "notes": "Organize unit tests under a tests/ directory and avoid real network or database calls in this layer.",
204
+ "optionalFiles": [
205
+ "pytest.ini",
206
+ "pyproject.toml",
207
+ "tests/"
208
+ ],
209
+ "requiredScripts": [
210
+ "test"
211
+ ],
212
+ "verification": "Test framework configuration is present; tests/ directory or pytest configuration exists."
213
+ },
214
+ "typescript-js": {
215
+ "exampleConfigFiles": [
216
+ "jest.config.*"
217
+ ],
218
+ "exampleTools": [
219
+ "jest"
220
+ ],
221
+ "notes": "Keep unit tests fast and deterministic; move slow or flaky tests into integration or E2E suites.",
222
+ "optionalFiles": [
223
+ "jest.config.js",
224
+ "jest.config.ts",
225
+ "vitest.config.js",
226
+ "vitest.config.ts"
227
+ ],
228
+ "requiredScripts": [
229
+ "test"
230
+ ],
231
+ "verification": "Test framework configuration is present; test script is defined in package.json."
232
+ }
233
+ }
234
+ },
235
+ {
236
+ "appliesTo": {
237
+ "stacks": [
238
+ "typescript-js",
239
+ "csharp-dotnet",
240
+ "python"
241
+ ]
242
+ },
243
+ "ciHints": {
244
+ "azure-devops": {
245
+ "stage": "build"
246
+ },
247
+ "github-actions": {
248
+ "job": "ci"
249
+ }
250
+ },
251
+ "description": "Provide a Dockerfile and, if applicable, a docker-compose file for local dev and CI parity.",
252
+ "id": "containerization",
253
+ "label": "Containerization (Docker / Docker Compose)",
254
+ "stackHints": {
255
+ "csharp-dotnet": {
256
+ "exampleConfigFiles": [
257
+ "Dockerfile",
258
+ "docker-compose.yml"
259
+ ],
260
+ "exampleTools": [],
261
+ "notes": "Use multi-stage builds for .NET publish output and pin the SDK/runtime image versions to match CI.",
262
+ "optionalFiles": [
263
+ "docker-compose.yml"
264
+ ],
265
+ "requiredFiles": [
266
+ "Dockerfile"
267
+ ],
268
+ "verification": "Dockerfile must be present; docker-compose.yml is optional and indicates orchestration usage."
269
+ },
270
+ "python": {
271
+ "exampleConfigFiles": [
272
+ "Dockerfile",
273
+ "docker-compose.yml"
274
+ ],
275
+ "exampleTools": [],
276
+ "notes": "Choose a slim Python base image, pin the version, and clearly document how to start the service in a container.",
277
+ "optionalFiles": [
278
+ "docker-compose.yml"
279
+ ],
280
+ "requiredFiles": [
281
+ "Dockerfile"
282
+ ],
283
+ "verification": "Dockerfile must be present; docker-compose.yml is optional and indicates orchestration usage."
284
+ },
285
+ "typescript-js": {
286
+ "exampleConfigFiles": [
287
+ "Dockerfile",
288
+ "docker-compose.yml"
289
+ ],
290
+ "exampleTools": [],
291
+ "notes": "Use multi-stage builds and pin Node.js and base image versions in the Dockerfile to match CI (e.g., node:22-alpine).",
292
+ "optionalFiles": [
293
+ "docker-compose.yml"
294
+ ],
295
+ "requiredFiles": [
296
+ "Dockerfile"
297
+ ],
298
+ "verification": "Dockerfile must be present; docker-compose.yml is optional and indicates orchestration usage."
299
+ }
300
+ }
301
+ },
302
+ {
303
+ "appliesTo": {
304
+ "stacks": [
305
+ "typescript-js",
306
+ "csharp-dotnet",
307
+ "python"
308
+ ]
309
+ },
310
+ "ciHints": {
311
+ "azure-devops": {
312
+ "stage": "release"
313
+ },
314
+ "github-actions": {
315
+ "job": "release"
316
+ }
317
+ },
318
+ "description": "Use MAJOR.MINOR.PATCH versioning with clear rules and automated changelog generation based on commit history.",
319
+ "id": "semantic-versioning",
320
+ "label": "Semantic Versioning",
321
+ "stackHints": {
322
+ "csharp-dotnet": {
323
+ "exampleConfigFiles": [
324
+ "GitVersion.yml",
325
+ "*.csproj",
326
+ "CHANGELOG.md"
327
+ ],
328
+ "exampleTools": [
329
+ "GitVersion"
330
+ ],
331
+ "notes": "Use GitVersion to automatically compute SemVer from git history and feed it into assembly/package versions. Configure CI to auto-generate or update CHANGELOG.md from commit messages and git tags. Integrate with release pipeline to automatically version assemblies, NuGet packages, and create release notes.",
332
+ "verification": "Check that versioning is driven by a SemVer-aware tool (for example, GitVersion) and verify that running the release/versioning step locally or in CI automatically produces the expected version metadata, updates project files, and generates changelog entries from commit history."
333
+ },
334
+ "python": {
335
+ "exampleConfigFiles": [
336
+ "pyproject.toml",
337
+ "setup.cfg",
338
+ "CHANGELOG.md"
339
+ ],
340
+ "exampleTools": [
341
+ "bumpversion",
342
+ "setuptools_scm",
343
+ "towncrier"
344
+ ],
345
+ "notes": "Automate version bumping and changelog generation using setuptools_scm (git-tag based) or bumpversion with towncrier for changelog fragments. Configure CI to automatically update version in pyproject.toml, generate/update CHANGELOG.md from commit messages or changelog fragments, and create git tags. Maintain a single source of truth for versioning.",
346
+ "verification": "Check that the package version in pyproject or setup configuration follows SemVer and verify that the configured tool (for example, setuptools_scm or bumpversion) automatically computes or bumps the version and generates changelog entries from commit history or fragments."
347
+ },
348
+ "typescript-js": {
349
+ "exampleConfigFiles": [
350
+ ".releaserc",
351
+ "package.json",
352
+ "CHANGELOG.md"
353
+ ],
354
+ "exampleTools": [
355
+ "semantic-release",
356
+ "standard-version"
357
+ ],
358
+ "notes": "Automate version bumping and changelog generation from Conventional Commits using semantic-release or standard-version. Configure CI to automatically bump package.json version, generate/update CHANGELOG.md, create git tags, and publish release artifacts. Protect release branches and ensure release tooling only runs there.",
359
+ "verification": "Check that the version field follows SemVer, and trigger the configured release workflow (for example, a dry run of semantic-release or standard-version) to confirm it automatically generates the expected next version, updates package.json, and creates/updates CHANGELOG.md with commit-based entries."
360
+ }
361
+ }
362
+ },
363
+ {
364
+ "appliesTo": {
365
+ "stacks": [
366
+ "typescript-js",
367
+ "csharp-dotnet",
368
+ "python"
369
+ ]
370
+ },
371
+ "ciHints": {
372
+ "azure-devops": {
373
+ "stage": "quality"
374
+ },
375
+ "github-actions": {
376
+ "job": "ci"
377
+ }
378
+ },
379
+ "description": "Enforce structured commit messages such as Conventional Commits.",
380
+ "id": "commit-linting",
381
+ "label": "Commit Linting",
382
+ "stackHints": {
383
+ "csharp-dotnet": {
384
+ "exampleConfigFiles": [
385
+ "commitlint.config.*",
386
+ ".cz.toml"
387
+ ],
388
+ "exampleTools": [
389
+ "commitlint",
390
+ "commitizen"
391
+ ],
392
+ "notes": "Document your commit convention and wire up a helper tool so contributors can easily follow it.",
393
+ "verification": "Create a test commit following the documented commit convention and confirm that any configured commit message checks (local hooks or CI) accept the message."
394
+ },
395
+ "python": {
396
+ "exampleConfigFiles": [
397
+ ".cz.toml",
398
+ "pyproject.toml"
399
+ ],
400
+ "exampleTools": [
401
+ "commitizen"
402
+ ],
403
+ "notes": "Standardize commit messages using commitizen or a similar helper and document the required types and scopes.",
404
+ "verification": "Use the configured commit helper (for example, commitizen) or hooks to create a test commit and confirm that non-conforming messages are rejected while valid ones are accepted."
405
+ },
406
+ "typescript-js": {
407
+ "exampleConfigFiles": [
408
+ "commitlint.config.*"
409
+ ],
410
+ "exampleTools": [
411
+ "@commitlint/cli",
412
+ "@commitlint/config-conventional"
413
+ ],
414
+ "notes": "Enforce commit message format via commit-msg hooks (e.g., Husky) before CI.",
415
+ "verification": "Create a test commit using the documented convention and ensure the commit message passes the configured commit linting or wizard (for example, commitlint or commitizen)."
416
+ }
417
+ }
418
+ },
419
+ {
420
+ "appliesTo": {
421
+ "stacks": [
422
+ "typescript-js",
423
+ "csharp-dotnet",
424
+ "python"
425
+ ]
426
+ },
427
+ "ciHints": {
428
+ "azure-devops": {
429
+ "stage": "test"
430
+ },
431
+ "github-actions": {
432
+ "job": "ci"
433
+ }
434
+ },
435
+ "description": "Generate readable unit test and coverage reports and enforce a minimum coverage threshold (around 80%) for new or changed code.",
436
+ "id": "unit-test-reporter",
437
+ "label": "Unit Test Reporter / Coverage",
438
+ "stackHints": {
439
+ "csharp-dotnet": {
440
+ "exampleConfigFiles": [
441
+ "*.csproj"
442
+ ],
443
+ "exampleTools": [
444
+ "coverlet",
445
+ "ReportGenerator"
446
+ ],
447
+ "notes": "Enable coverage collection for test projects and publish reports in a human-friendly format from CI.",
448
+ "verification": "Run the test suite with coverage enabled (for example, using coverlet or a similar tool) and verify that coverage reports are generated and used in CI to monitor thresholds."
449
+ },
450
+ "python": {
451
+ "exampleConfigFiles": [
452
+ "pytest.ini",
453
+ "pyproject.toml"
454
+ ],
455
+ "exampleTools": [
456
+ "pytest",
457
+ "pytest-cov",
458
+ "coverage.py"
459
+ ],
460
+ "notes": "Configure coverage reporting for your test suite and surface summary metrics in CI.",
461
+ "verification": "Run the unit tests with coverage (for example, pytest with pytest-cov) and confirm that coverage reports are generated and referenced in CI to enforce or track thresholds."
462
+ },
463
+ "typescript-js": {
464
+ "exampleConfigFiles": [
465
+ "jest.config.*"
466
+ ],
467
+ "exampleTools": [
468
+ "jest",
469
+ "nyc"
470
+ ],
471
+ "notes": "Collect coverage in lcov or similar format; use diff coverage so legacy gaps are visible but non-blocking.",
472
+ "verification": "Run the unit tests with coverage enabled and confirm that a coverage report is produced and that the configured threshold (around 80%) is enforced for new changes."
473
+ }
474
+ }
475
+ },
476
+ {
477
+ "appliesTo": {
478
+ "stacks": [
479
+ "typescript-js",
480
+ "csharp-dotnet",
481
+ "python"
482
+ ]
483
+ },
484
+ "ciHints": {
485
+ "azure-devops": {
486
+ "stage": "ci"
487
+ },
488
+ "github-actions": {
489
+ "job": "ci"
490
+ }
491
+ },
492
+ "description": "Single CI pipeline that runs linting, formatting, type checking, tests, coverage, build, and containerization.",
493
+ "id": "ci-quality-gates",
494
+ "label": "CI Quality Gates",
495
+ "stackHints": {
496
+ "csharp-dotnet": {
497
+ "exampleConfigFiles": [
498
+ ".github/workflows/*",
499
+ "azure-pipelines.yml"
500
+ ],
501
+ "exampleTools": [],
502
+ "notes": "Ensure CI runs analyzers, tests, build, and packaging or container checks before changes can be merged.",
503
+ "verification": "Open the CI configuration and verify there is a job or stage that runs analyzers, tests, build, and any required packaging or container checks before merging to main."
504
+ },
505
+ "python": {
506
+ "exampleConfigFiles": [
507
+ ".github/workflows/*",
508
+ "azure-pipelines.yml"
509
+ ],
510
+ "exampleTools": [],
511
+ "notes": "Ensure CI runs linting, type checking (if used), tests, and packaging or container checks for Python services before merging.",
512
+ "verification": "Open the CI configuration and verify there is a job or stage that runs linting, type checking (if used), tests, and any packaging or container checks before merging to main."
513
+ },
514
+ "typescript-js": {
515
+ "exampleConfigFiles": [
516
+ ".github/workflows/*",
517
+ "azure-pipelines.yml"
518
+ ],
519
+ "exampleTools": [],
520
+ "notes": "Expose a single npm script (e.g., `npm run ci`) that mirrors the CI pipeline so contributors can reproduce failures locally.",
521
+ "verification": "Open the CI configuration and verify there is a job or stage that runs linting, type checking, tests, build, and any required container checks before merging to main."
522
+ }
523
+ }
524
+ },
525
+ {
526
+ "appliesTo": {
527
+ "stacks": [
528
+ "typescript-js",
529
+ "csharp-dotnet",
530
+ "python"
531
+ ]
532
+ },
533
+ "ciHints": {
534
+ "azure-devops": {
535
+ "stage": "quality"
536
+ },
537
+ "github-actions": {
538
+ "job": "ci"
539
+ }
540
+ },
541
+ "description": "Automatic code formatting to maintain a consistent style across all contributors.",
542
+ "id": "code-formatter",
543
+ "label": "Code Formatter",
544
+ "stackHints": {
545
+ "csharp-dotnet": {
546
+ "exampleConfigFiles": [
547
+ ".editorconfig"
548
+ ],
549
+ "exampleTools": [
550
+ "dotnet format"
551
+ ],
552
+ "notes": "Use .editorconfig and dotnet-format to keep C# style consistent across contributors.",
553
+ "verification": "Run the configured formatter or code style enforcement (for example, `dotnet format`) and confirm that code in the repository conforms to the defined rules."
554
+ },
555
+ "python": {
556
+ "exampleConfigFiles": [
557
+ "pyproject.toml"
558
+ ],
559
+ "exampleTools": [
560
+ "black"
561
+ ],
562
+ "notes": "Use black (or an equivalent opinionated formatter) and treat its output as the single source of truth for code style.",
563
+ "verification": "Run the configured formatter (for example, `black .` or `black --check .`) and confirm it reports clean formatting on committed code and auto-fixes as expected locally."
564
+ },
565
+ "typescript-js": {
566
+ "exampleConfigFiles": [
567
+ ".prettierrc.*",
568
+ ".prettierignore"
569
+ ],
570
+ "exampleTools": [
571
+ "prettier"
572
+ ],
573
+ "notes": "Run Prettier in check mode in CI; auto-fix locally via pre-commit hooks or editor integration.",
574
+ "verification": "Run the formatter in check mode (for example, `npm run format:check`) and confirm it reports clean formatting on committed code and auto-fixes as expected locally."
575
+ }
576
+ }
577
+ },
578
+ {
579
+ "appliesTo": {
580
+ "stacks": [
581
+ "typescript-js",
582
+ "csharp-dotnet",
583
+ "python"
584
+ ]
585
+ },
586
+ "ciHints": {
587
+ "azure-devops": {
588
+ "stage": "quality"
589
+ },
590
+ "github-actions": {
591
+ "job": "ci"
592
+ }
593
+ },
594
+ "description": "Use git hooks to run linting, formatting, tests, and commit linting before changes are committed.",
595
+ "id": "pre-commit-hooks",
596
+ "label": "Pre-Commit Hooks",
597
+ "stackHints": {
598
+ "csharp-dotnet": {
599
+ "exampleConfigFiles": [
600
+ "lefthook.yml"
601
+ ],
602
+ "exampleTools": [
603
+ "Lefthook"
604
+ ],
605
+ "notes": "Configure Lefthook or similar to run formatting and basic checks on staged files before commits.",
606
+ "verification": "Inspect the hook configuration (for example, Lefthook or similar) and confirm it runs at least formatting and basic checks on staged changes before commits or pushes."
607
+ },
608
+ "python": {
609
+ "exampleConfigFiles": [
610
+ ".pre-commit-config.yaml"
611
+ ],
612
+ "exampleTools": [
613
+ "pre-commit"
614
+ ],
615
+ "notes": "Use pre-commit to run ruff, black, and optionally mypy on staged files before committing.",
616
+ "verification": "Inspect .pre-commit-config.yaml and confirm that hooks for linting, formatting, and optionally type checking are enabled and run on changed files before commits."
617
+ },
618
+ "typescript-js": {
619
+ "exampleConfigFiles": [
620
+ ".husky/",
621
+ "package.json"
622
+ ],
623
+ "exampleTools": [
624
+ "husky",
625
+ "lint-staged"
626
+ ],
627
+ "notes": "Run ESLint and Prettier on staged files and enforce commit message format via commit-msg hooks.",
628
+ "verification": "Inspect the pre-commit and commit-msg hooks (for example, files under .husky or other hook tooling) and confirm they run linting/formatting and commit linting on staged changes."
629
+ }
630
+ }
631
+ },
632
+ {
633
+ "appliesTo": {
634
+ "stacks": [
635
+ "typescript-js",
636
+ "csharp-dotnet",
637
+ "python"
638
+ ]
639
+ },
640
+ "ciHints": {
641
+ "azure-devops": {
642
+ "stage": "quality"
643
+ },
644
+ "github-actions": {
645
+ "job": "ci"
646
+ }
647
+ },
648
+ "description": "Use static type checking to catch errors before runtime and enforce strictness on new code.",
649
+ "id": "type-checking",
650
+ "label": "Type Checking",
651
+ "stackHints": {
652
+ "csharp-dotnet": {
653
+ "exampleConfigFiles": [
654
+ ".editorconfig",
655
+ "Directory.Build.props",
656
+ "*.csproj"
657
+ ],
658
+ "exampleTools": [
659
+ "Roslyn analyzers"
660
+ ],
661
+ "notes": "Enable nullable reference types and relevant analyzers to catch type and nullability issues at compile time. C# project files (*.csproj) indicate the presence of projects that can be type-checked.",
662
+ "optionalFiles": [
663
+ "Directory.Build.props"
664
+ ],
665
+ "requiredFiles": [
666
+ ".editorconfig"
667
+ ],
668
+ "requiredScripts": [
669
+ "typecheck"
670
+ ],
671
+ "verification": ".editorconfig must exist; Directory.Build.props is optional for shared build configuration."
672
+ },
673
+ "python": {
674
+ "exampleConfigFiles": [
675
+ "mypy.ini",
676
+ "pyproject.toml"
677
+ ],
678
+ "exampleTools": [
679
+ "mypy"
680
+ ],
681
+ "notes": "Adopt gradual typing with type hints and mypy, focusing first on critical modules and new code paths.",
682
+ "optionalFiles": [
683
+ "mypy.ini"
684
+ ],
685
+ "requiredFiles": [
686
+ "pyproject.toml"
687
+ ],
688
+ "requiredScripts": [
689
+ "typecheck"
690
+ ],
691
+ "verification": "pyproject.toml (or mypy.ini) signals that mypy configuration is available for the repository."
692
+ },
693
+ "typescript-js": {
694
+ "exampleConfigFiles": [
695
+ "tsconfig.json"
696
+ ],
697
+ "exampleTools": [
698
+ "TypeScript compiler (tsc)"
699
+ ],
700
+ "notes": "Enable strict mode ('strict': true) and treat type-check failures as CI failures for new code; gradually expand strictness into legacy modules.",
701
+ "requiredFiles": [
702
+ "tsconfig.json"
703
+ ],
704
+ "requiredScripts": [
705
+ "typecheck"
706
+ ],
707
+ "verification": "Presence of tsconfig.json indicates type-checking is configured for the repository."
708
+ }
709
+ }
710
+ },
711
+ {
712
+ "appliesTo": {
713
+ "stacks": [
714
+ "typescript-js",
715
+ "csharp-dotnet",
716
+ "python"
717
+ ]
718
+ },
719
+ "ciHints": {
720
+ "azure-devops": {
721
+ "stage": "quality"
722
+ },
723
+ "github-actions": {
724
+ "job": "ci"
725
+ }
726
+ },
727
+ "description": "Lock dependencies and scan regularly for known vulnerabilities; fail CI on newly introduced high-severity issues.",
728
+ "id": "dependency-security",
729
+ "label": "Dependency Management & Vulnerability Scanning",
730
+ "stackHints": {
731
+ "csharp-dotnet": {
732
+ "exampleConfigFiles": [
733
+ "packages.lock.json",
734
+ "*.csproj"
735
+ ],
736
+ "exampleTools": [
737
+ "dotnet list package --vulnerable"
738
+ ],
739
+ "notes": "Enable package lock files and use vulnerability scanning to track and remediate high-risk dependencies.",
740
+ "optionalFiles": [
741
+ "packages.lock.json"
742
+ ],
743
+ "verification": "Dependency lockfile or package reference is present; security scanning is configured."
744
+ },
745
+ "python": {
746
+ "exampleConfigFiles": [
747
+ "requirements.txt",
748
+ "Pipfile.lock",
749
+ "poetry.lock"
750
+ ],
751
+ "exampleTools": [
752
+ "pip-audit",
753
+ "safety"
754
+ ],
755
+ "notes": "Pin dependency versions and routinely scan for vulnerabilities, prioritizing fixes for critical and high-severity issues.",
756
+ "optionalFiles": [
757
+ "requirements.txt",
758
+ "Pipfile.lock",
759
+ "poetry.lock"
760
+ ],
761
+ "verification": "Dependency lockfile is present; security scanning is configured in CI or project tooling."
762
+ },
763
+ "typescript-js": {
764
+ "exampleConfigFiles": [
765
+ "package-lock.json",
766
+ "pnpm-lock.yaml",
767
+ "yarn.lock"
768
+ ],
769
+ "exampleTools": [
770
+ "npm audit",
771
+ "Snyk"
772
+ ],
773
+ "notes": "Require a lockfile for reproducible installs and pin Node.js/tooling versions; block merges on new high-severity vulnerabilities.",
774
+ "optionalFiles": [
775
+ "package-lock.json",
776
+ "pnpm-lock.yaml",
777
+ "yarn.lock"
778
+ ],
779
+ "verification": "Dependency lockfile is present; security scanning is configured in CI or project tooling."
780
+ }
781
+ }
782
+ },
783
+ {
784
+ "appliesTo": {
785
+ "stacks": [
786
+ "typescript-js",
787
+ "csharp-dotnet",
788
+ "python"
789
+ ]
790
+ },
791
+ "ciHints": {
792
+ "azure-devops": {
793
+ "stage": "quality"
794
+ },
795
+ "github-actions": {
796
+ "job": "ci"
797
+ }
798
+ },
799
+ "description": "Specify required runtime/engine versions in package manifests to ensure environment stability and prevent version-related issues across development teams.",
800
+ "id": "runtime-version",
801
+ "label": "Runtime Version Specification",
802
+ "stackHints": {
803
+ "csharp-dotnet": {
804
+ "exampleConfigFiles": [
805
+ "*.csproj",
806
+ "global.json"
807
+ ],
808
+ "exampleTools": [],
809
+ "notes": "Specify TargetFramework in .csproj files (e.g., <TargetFramework>net8.0</TargetFramework>) and optionally use global.json to pin the SDK version (e.g., { \"sdk\": { \"version\": \"8.0.100\" } }) for consistent builds across the team.",
810
+ "optionalFiles": [
811
+ "global.json"
812
+ ],
813
+ "verification": ".csproj files must specify TargetFramework; global.json is recommended to pin SDK version."
814
+ },
815
+ "python": {
816
+ "exampleConfigFiles": [
817
+ "pyproject.toml",
818
+ "setup.py",
819
+ ".python-version"
820
+ ],
821
+ "exampleTools": [],
822
+ "notes": "Specify python_requires in pyproject.toml (e.g., requires-python = \">=3.9\") or setup.py (e.g., python_requires='>=3.9'). Consider adding .python-version for pyenv users to automatically switch to the correct Python version.",
823
+ "optionalFiles": [
824
+ ".python-version"
825
+ ],
826
+ "requiredFiles": [
827
+ "pyproject.toml"
828
+ ],
829
+ "verification": "pyproject.toml or setup.py must specify python_requires; .python-version is recommended for local development."
830
+ },
831
+ "typescript-js": {
832
+ "exampleConfigFiles": [
833
+ "package.json"
834
+ ],
835
+ "exampleTools": [],
836
+ "notes": "Specify the 'engines' field in package.json to define the required Node.js version (e.g., \"engines\": { \"node\": \">=18.0.0\" }). This helps prevent environment-related bugs and ensures all developers use compatible Node.js versions.",
837
+ "requiredFiles": [
838
+ "package.json"
839
+ ],
840
+ "verification": "package.json must contain an 'engines' field specifying the required Node.js version."
841
+ }
842
+ }
843
+ },
844
+ {
845
+ "appliesTo": {
846
+ "stacks": [
847
+ "typescript-js",
848
+ "csharp-dotnet",
849
+ "python"
850
+ ]
851
+ },
852
+ "ciHints": {
853
+ "azure-devops": {
854
+ "stage": "docs"
855
+ },
856
+ "github-actions": {
857
+ "job": "ci"
858
+ }
859
+ },
860
+ "description": "Maintain a comprehensive README and, where applicable, auto-generated API docs to support onboarding and maintainability.",
861
+ "id": "documentation",
862
+ "label": "Documentation Standards",
863
+ "stackHints": {
864
+ "csharp-dotnet": {
865
+ "exampleConfigFiles": [
866
+ "README.md",
867
+ "docfx.json"
868
+ ],
869
+ "exampleTools": [
870
+ "DocFX"
871
+ ],
872
+ "notes": "Keep README and API docs in sync with the solution structure and public surface area.",
873
+ "optionalFiles": [
874
+ "docs/",
875
+ "docfx.json"
876
+ ],
877
+ "requiredFiles": [
878
+ "README.md"
879
+ ],
880
+ "verification": "README.md is present in the repository root; docs/ directory or DocFX configuration exists if applicable."
881
+ },
882
+ "python": {
883
+ "exampleConfigFiles": [
884
+ "README.md",
885
+ "docs/"
886
+ ],
887
+ "exampleTools": [
888
+ "Sphinx",
889
+ "MkDocs"
890
+ ],
891
+ "notes": "Ensure README explains environment setup and core commands, and generate API docs from docstrings where appropriate.",
892
+ "optionalFiles": [
893
+ "docs/",
894
+ "mkdocs.yml"
895
+ ],
896
+ "requiredFiles": [
897
+ "README.md"
898
+ ],
899
+ "verification": "README.md is present in the repository root; docs/ directory or documentation tooling configuration exists if applicable."
900
+ },
901
+ "typescript-js": {
902
+ "exampleConfigFiles": [
903
+ "README.md",
904
+ "docs/"
905
+ ],
906
+ "exampleTools": [
907
+ "JSDoc",
908
+ "TypeDoc"
909
+ ],
910
+ "notes": "README should describe setup, scripts, and architecture; generate API docs from TypeScript types and JSDoc where helpful.",
911
+ "optionalFiles": [
912
+ "docs/",
913
+ "typedoc.json"
914
+ ],
915
+ "requiredFiles": [
916
+ "README.md"
917
+ ],
918
+ "verification": "README.md is present in the repository root; docs/ directory or documentation tooling configuration exists if applicable."
919
+ }
920
+ }
921
+ },
922
+ {
923
+ "appliesTo": {
924
+ "stacks": [
925
+ "typescript-js",
926
+ "csharp-dotnet",
927
+ "python"
928
+ ]
929
+ },
930
+ "ciHints": {
931
+ "azure-devops": {
932
+ "stage": "governance"
933
+ },
934
+ "github-actions": {
935
+ "job": "ci"
936
+ }
937
+ },
938
+ "description": "Include standard governance files (LICENSE, CODE_OF_CONDUCT.md, CONTRIBUTING.md), branch protection rules, and review standards to define legal, ethical, and workflow expectations.",
939
+ "id": "repository-governance",
940
+ "label": "Repository Governance",
941
+ "stackHints": {
942
+ "csharp-dotnet": {
943
+ "exampleConfigFiles": [
944
+ "LICENSE",
945
+ "CODE_OF_CONDUCT.md",
946
+ "CONTRIBUTING.md"
947
+ ],
948
+ "exampleTools": [],
949
+ "notes": "Document contribution expectations and ensure legal and code-of-conduct policies are easy to find.",
950
+ "optionalFiles": [
951
+ "CODE_OF_CONDUCT.md",
952
+ "CONTRIBUTING.md"
953
+ ],
954
+ "requiredFiles": [
955
+ "LICENSE"
956
+ ],
957
+ "verification": "LICENSE file is present in the repository root; CODE_OF_CONDUCT.md and CONTRIBUTING.md are present for contribution guidance."
958
+ },
959
+ "python": {
960
+ "exampleConfigFiles": [
961
+ "LICENSE",
962
+ "CODE_OF_CONDUCT.md",
963
+ "CONTRIBUTING.md"
964
+ ],
965
+ "exampleTools": [],
966
+ "notes": "Spell out contributor responsibilities for tests, documentation, and review so expectations are clear for Python-focused teams.",
967
+ "optionalFiles": [
968
+ "CODE_OF_CONDUCT.md",
969
+ "CONTRIBUTING.md"
970
+ ],
971
+ "requiredFiles": [
972
+ "LICENSE"
973
+ ],
974
+ "verification": "LICENSE file is present in the repository root; CODE_OF_CONDUCT.md and CONTRIBUTING.md are present for contribution guidance."
975
+ },
976
+ "typescript-js": {
977
+ "exampleConfigFiles": [
978
+ "LICENSE",
979
+ "CODE_OF_CONDUCT.md",
980
+ "CONTRIBUTING.md"
981
+ ],
982
+ "exampleTools": [],
983
+ "notes": "Use an SPDX license identifier in package.json and describe review expectations, tests, and docs requirements in CONTRIBUTING.md.",
984
+ "optionalFiles": [
985
+ "CODE_OF_CONDUCT.md",
986
+ "CONTRIBUTING.md"
987
+ ],
988
+ "requiredFiles": [
989
+ "LICENSE"
990
+ ],
991
+ "verification": "LICENSE file is present in the repository root; CODE_OF_CONDUCT.md and CONTRIBUTING.md are present for contribution guidance."
992
+ }
993
+ }
994
+ }
995
+ ],
996
+ "optionalEnhancements": [
997
+ {
998
+ "appliesTo": {
999
+ "stacks": [
1000
+ "typescript-js",
1001
+ "csharp-dotnet",
1002
+ "python"
1003
+ ]
1004
+ },
1005
+ "ciHints": {
1006
+ "azure-devops": {
1007
+ "stage": "observability"
1008
+ },
1009
+ "github-actions": {
1010
+ "job": "ci"
1011
+ }
1012
+ },
1013
+ "description": "Standardize error handling and structured logging to make debugging and production monitoring easier.",
1014
+ "id": "observability",
1015
+ "label": "Observability (Logging & Error Handling)",
1016
+ "stackHints": {
1017
+ "csharp-dotnet": {
1018
+ "exampleConfigFiles": [
1019
+ "appsettings.json"
1020
+ ],
1021
+ "exampleTools": [
1022
+ "Serilog",
1023
+ "NLog"
1024
+ ],
1025
+ "notes": "Configure structured logging for your .NET services and ensure exceptions and key events are logged with useful context.",
1026
+ "verification": "Confirm that a structured logging library (such as Serilog or NLog) is configured with an agreed sink and format, and that the application logs meaningful context for errors and key events."
1027
+ },
1028
+ "python": {
1029
+ "exampleConfigFiles": [
1030
+ "logging configuration files",
1031
+ "pyproject.toml"
1032
+ ],
1033
+ "exampleTools": [
1034
+ "structlog",
1035
+ "loguru"
1036
+ ],
1037
+ "notes": "Use structured logging for Python services and ensure critical paths record enough context to debug issues after the fact.",
1038
+ "verification": "Confirm that a structured logging setup (such as structlog or configured logging with JSON formatting) is in place and that critical paths log enough information to debug failures in production."
1039
+ },
1040
+ "typescript-js": {
1041
+ "exampleConfigFiles": [],
1042
+ "exampleTools": [
1043
+ "Winston",
1044
+ "Pino"
1045
+ ],
1046
+ "notes": "Adopt structured JSON logging with correlation IDs and send logs to a centralized sink in production.",
1047
+ "verification": "Confirm that a structured logging library (such as Winston or Pino) is configured to emit JSON or key-value logs and that error handling routes important failures through this logger."
1048
+ }
1049
+ }
1050
+ }
1051
+ ],
1052
+ "recommended": [
1053
+ {
1054
+ "appliesTo": {
1055
+ "stacks": [
1056
+ "typescript-js",
1057
+ "csharp-dotnet",
1058
+ "python"
1059
+ ]
1060
+ },
1061
+ "ciHints": {
1062
+ "azure-devops": {
1063
+ "stage": "test"
1064
+ },
1065
+ "github-actions": {
1066
+ "job": "ci"
1067
+ }
1068
+ },
1069
+ "description": "Test how components interact with each other and external systems, running after unit tests with more relaxed coverage thresholds.",
1070
+ "id": "integration-testing",
1071
+ "label": "Integration Testing",
1072
+ "stackHints": {
1073
+ "csharp-dotnet": {
1074
+ "exampleConfigFiles": [
1075
+ "*.IntegrationTests.csproj"
1076
+ ],
1077
+ "exampleTools": [
1078
+ "xUnit",
1079
+ "NUnit",
1080
+ "MSTest"
1081
+ ],
1082
+ "notes": "Create dedicated integration test projects that exercise real infrastructure or service boundaries where appropriate.",
1083
+ "verification": "Confirm there is a test project or configuration dedicated to integration or API tests and run it to verify external or cross-service interactions behave as expected."
1084
+ },
1085
+ "python": {
1086
+ "exampleConfigFiles": [
1087
+ "tests/integration/"
1088
+ ],
1089
+ "exampleTools": [
1090
+ "pytest"
1091
+ ],
1092
+ "notes": "Separate integration tests from unit tests, using fixtures to handle databases, services, or other external systems.",
1093
+ "verification": "Confirm there is a separate integration or API test suite (for example, a dedicated tests/integration directory) and run it to verify interactions with databases, services, or external systems."
1094
+ },
1095
+ "typescript-js": {
1096
+ "exampleConfigFiles": [
1097
+ "jest.config.*",
1098
+ "playwright.config.*"
1099
+ ],
1100
+ "exampleTools": [
1101
+ "Jest",
1102
+ "Supertest",
1103
+ "Playwright"
1104
+ ],
1105
+ "notes": "Use Supertest for HTTP APIs and Playwright or similar tools for end-to-end flows; keep integration suites slower but reliable.",
1106
+ "verification": "Confirm there is a separate integration or end-to-end test command or configuration and run it to verify that cross-component flows behave as expected."
1107
+ }
1108
+ }
1109
+ },
1110
+ {
1111
+ "appliesTo": {
1112
+ "stacks": [
1113
+ "typescript-js",
1114
+ "csharp-dotnet",
1115
+ "python"
1116
+ ]
1117
+ },
1118
+ "ciHints": {
1119
+ "azure-devops": {
1120
+ "stage": "performance"
1121
+ },
1122
+ "github-actions": {
1123
+ "job": "performance"
1124
+ }
1125
+ },
1126
+ "description": "Establish performance baselines and monitor for regressions using lightweight benchmarks or audits in CI.",
1127
+ "id": "performance-baselining",
1128
+ "label": "Performance Baselines",
1129
+ "stackHints": {
1130
+ "csharp-dotnet": {
1131
+ "exampleConfigFiles": [
1132
+ "*.csproj"
1133
+ ],
1134
+ "exampleTools": [
1135
+ "BenchmarkDotNet"
1136
+ ],
1137
+ "notes": "Use BenchmarkDotNet or similar to track performance of critical methods or endpoints over time.",
1138
+ "verification": "Identify and run the configured performance or benchmarking suite (for example, BenchmarkDotNet) and review the output to ensure it is tracked against historical or target values."
1139
+ },
1140
+ "python": {
1141
+ "exampleConfigFiles": [
1142
+ "pytest.ini",
1143
+ "pyproject.toml"
1144
+ ],
1145
+ "exampleTools": [
1146
+ "pytest-benchmark",
1147
+ "cProfile"
1148
+ ],
1149
+ "notes": "Use simple benchmarks or profiling runs to characterize bottlenecks and watch for regressions in critical workflows.",
1150
+ "verification": "Identify and run the configured performance checks or benchmarks (for example, pytest-benchmark or cProfile-based scripts) and confirm that their results are recorded and compared over time."
1151
+ },
1152
+ "typescript-js": {
1153
+ "exampleConfigFiles": [
1154
+ "lighthouserc.json"
1155
+ ],
1156
+ "exampleTools": [
1157
+ "Lighthouse CI",
1158
+ "custom Node.js benchmarks"
1159
+ ],
1160
+ "notes": "Run Lighthouse CI for web apps and basic Node benchmarks on critical endpoints; schedule runs or limit to key branches to keep CI fast.",
1161
+ "verification": "Identify and run the configured performance or Lighthouse-style checks and verify that key metrics are captured and compared to documented baselines."
1162
+ }
1163
+ }
1164
+ },
1165
+ {
1166
+ "appliesTo": {
1167
+ "stacks": [
1168
+ "typescript-js",
1169
+ "csharp-dotnet",
1170
+ "python"
1171
+ ]
1172
+ },
1173
+ "ciHints": {
1174
+ "azure-devops": {
1175
+ "stage": "quality"
1176
+ },
1177
+ "github-actions": {
1178
+ "job": "ci"
1179
+ }
1180
+ },
1181
+ "description": "Measure cyclomatic complexity or similar metrics to keep code maintainable, starting as a warning-only check.",
1182
+ "id": "complexity-analysis",
1183
+ "label": "Complexity Analysis",
1184
+ "stackHints": {
1185
+ "csharp-dotnet": {
1186
+ "exampleConfigFiles": [
1187
+ "sonar-project.properties"
1188
+ ],
1189
+ "exampleTools": [
1190
+ "SonarQube",
1191
+ "Visual Studio code metrics"
1192
+ ],
1193
+ "notes": "Use code metrics or Sonar analysis to flag overly complex methods and refactor them over time.",
1194
+ "verification": "Run the configured code metrics or Sonar analysis and review complexity reports for key modules, ensuring that new or changed code stays within acceptable limits."
1195
+ },
1196
+ "python": {
1197
+ "exampleConfigFiles": [
1198
+ "radon.cfg"
1199
+ ],
1200
+ "exampleTools": [
1201
+ "radon"
1202
+ ],
1203
+ "notes": "Use radon or similar tools to track complexity of Python functions and keep new code within acceptable limits.",
1204
+ "verification": "Run the configured complexity tool (for example, radon) on the codebase and review the report to ensure new or heavily changed functions are not excessively complex."
1205
+ },
1206
+ "typescript-js": {
1207
+ "exampleConfigFiles": [
1208
+ ".eslintrc.*",
1209
+ "sonar-project.properties"
1210
+ ],
1211
+ "exampleTools": [
1212
+ "ESLint complexity rules",
1213
+ "SonarQube"
1214
+ ],
1215
+ "notes": "Warn on overly complex functions and methods; fail CI only when new or modified code exceeds thresholds.",
1216
+ "verification": "Run the configured complexity tooling or rules (for example, ESLint complexity rules or Sonar analysis) and review any hot spots, ensuring new code does not exceed agreed thresholds."
1217
+ }
1218
+ }
1219
+ },
1220
+ {
1221
+ "appliesTo": {
1222
+ "stacks": [
1223
+ "typescript-js",
1224
+ "csharp-dotnet",
1225
+ "python"
1226
+ ]
1227
+ },
1228
+ "ciHints": {
1229
+ "azure-devops": {
1230
+ "stage": "quality"
1231
+ },
1232
+ "github-actions": {
1233
+ "job": "ci"
1234
+ }
1235
+ },
1236
+ "description": "Run accessibility checks on web-facing components to detect critical issues and improve inclusive UX.",
1237
+ "id": "accessibility-auditing",
1238
+ "label": "Accessibility Auditing",
1239
+ "stackHints": {
1240
+ "csharp-dotnet": {
1241
+ "exampleConfigFiles": [],
1242
+ "exampleTools": [
1243
+ "axe-core",
1244
+ "Accessibility Insights"
1245
+ ],
1246
+ "notes": "Apply accessibility tooling to ASP.NET or Blazor front-ends and review issues alongside functional testing.",
1247
+ "verification": "For web-facing apps, run the configured accessibility checks or tools against your main UI endpoints and confirm that blocking accessibility issues are addressed."
1248
+ },
1249
+ "python": {
1250
+ "exampleConfigFiles": [],
1251
+ "exampleTools": [
1252
+ "pa11y"
1253
+ ],
1254
+ "notes": "Use headless browser-based tools to scan Python-backed web UIs for accessibility issues on high-traffic routes.",
1255
+ "verification": "For Python-backed web UIs, run the configured accessibility tooling (for example, pa11y or axe via a headless browser) against key routes and verify that critical issues are fixed or tracked."
1256
+ },
1257
+ "typescript-js": {
1258
+ "exampleConfigFiles": [],
1259
+ "exampleTools": [
1260
+ "axe-core",
1261
+ "Lighthouse accessibility audits"
1262
+ ],
1263
+ "notes": "Run accessibility checks against key pages or components in CI; fail on critical violations while treating minor issues as warnings initially.",
1264
+ "verification": "For web-facing apps, run the configured accessibility tooling (for example, axe, pa11y, or Lighthouse accessibility audits) against key pages and confirm that critical issues are resolved."
1265
+ }
1266
+ }
1267
+ }
1268
+ ]
1269
+ },
1270
+ "ciSystems": [
1271
+ "azure-devops",
1272
+ "github-actions"
1273
+ ],
1274
+ "meta": {
1275
+ "complexityChecks": {
1276
+ "description": "When supported by the stack, run cyclomatic complexity or similar metrics in CI as a warning-only check initially.",
1277
+ "enabledByDefault": true
1278
+ },
1279
+ "defaultCoverageThreshold": 0.8,
1280
+ "migrationGuide": [
1281
+ {
1282
+ "description": "Start by adding pre-commit hooks and core formatting/linting so developers get fast feedback without touching CI.",
1283
+ "focusIds": [
1284
+ "pre-commit-hooks",
1285
+ "linting",
1286
+ "code-formatter"
1287
+ ],
1288
+ "notes": "Keep hooks fast and focused on changed files to avoid slowing down day-to-day work.",
1289
+ "step": 1,
1290
+ "title": "Establish Local Safety Nets First"
1291
+ },
1292
+ {
1293
+ "description": "Introduce CI quality gates that mirror local checks, but treat existing violations as warnings wherever possible.",
1294
+ "focusIds": [
1295
+ "ci-quality-gates",
1296
+ "linting",
1297
+ "code-formatter",
1298
+ "commit-linting"
1299
+ ],
1300
+ "notes": "Use diff-based tools or baselines so only new violations break builds; legacy issues remain visible but non-blocking.",
1301
+ "step": 2,
1302
+ "title": "Mirror Local Checks in CI (Soft-Fail on Legacy)"
1303
+ },
1304
+ {
1305
+ "description": "Enable type-checking, coverage thresholds, and dependency/vulnerability scanning with gradual enforcement.",
1306
+ "focusIds": [
1307
+ "type-checking",
1308
+ "unit-test-runner",
1309
+ "unit-test-reporter",
1310
+ "dependency-security"
1311
+ ],
1312
+ "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
1313
+ "step": 3,
1314
+ "title": "Add Type Safety, Coverage, and Dependency Security"
1315
+ },
1316
+ {
1317
+ "description": "Add documentation standards, governance files, integration testing, performance baselines, complexity analysis, accessibility auditing, and (optionally) ML-specific practices for data-heavy Python repos.",
1318
+ "focusIds": [
1319
+ "documentation",
1320
+ "repository-governance",
1321
+ "integration-testing",
1322
+ "performance-baselining",
1323
+ "complexity-analysis",
1324
+ "accessibility-auditing"
1325
+ ],
1326
+ "notes": "Tackle recommended items in order of business value; backend-only repos can skip web-focused checks like accessibility. For AI/ML-heavy Python teams, consider extending containerization with data versioning (DVC) and unit tests with data quality checks (e.g., Great Expectations) as part of this step.",
1327
+ "step": 4,
1328
+ "title": "Layer in Docs, Governance, and Recommended Checks"
1329
+ }
1330
+ ],
1331
+ "qualityGatePolicy": {
1332
+ "description": "New quality checks should warn on existing code and fail CI only for violations introduced in new or changed code, to reduce friction on legacy codebases.",
1333
+ "preferSoftFailOnLegacy": true
1334
+ }
1335
+ },
1336
+ "stacks": {
1337
+ "csharp-dotnet": {
1338
+ "label": "C# / .NET",
1339
+ "languageFamily": "dotnet"
1340
+ },
1341
+ "python": {
1342
+ "label": "Python",
1343
+ "languageFamily": "python"
1344
+ },
1345
+ "typescript-js": {
1346
+ "label": "TypeScript / JavaScript",
1347
+ "languageFamily": "js"
1348
+ }
1349
+ },
1350
+ "version": 1
1351
+ }