@ryuenn3123/agentic-senior-core 2.0.5 → 2.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agent-context/blueprints/mobile-app.md +91 -21
- package/.agent-context/profiles/platform.md +13 -13
- package/.agent-context/profiles/regulated.md +13 -13
- package/.agent-context/profiles/startup.md +13 -13
- package/.agent-context/review-checklists/frontend-skill-parity.md +28 -28
- package/.agent-context/review-checklists/frontend-usability.md +33 -33
- package/.agent-context/review-checklists/release-operations.md +29 -29
- package/.agent-context/skills/README.md +62 -62
- package/.agent-context/skills/backend/README.md +67 -67
- package/.agent-context/skills/backend/architecture.md +360 -360
- package/.agent-context/skills/backend/compatibility-manifest.json +8 -8
- package/.agent-context/skills/backend/data-access.md +230 -230
- package/.agent-context/skills/backend/errors.md +137 -137
- package/.agent-context/skills/backend/validation.md +116 -116
- package/.agent-context/skills/backend.md +28 -28
- package/.agent-context/skills/cli/README.md +55 -49
- package/.agent-context/skills/cli/compatibility-manifest.json +8 -8
- package/.agent-context/skills/cli/init.md +37 -37
- package/.agent-context/skills/cli/output.md +35 -35
- package/.agent-context/skills/cli/safety-telemetry.md +39 -0
- package/.agent-context/skills/cli/upgrade.md +37 -37
- package/.agent-context/skills/cli.md +31 -28
- package/.agent-context/skills/distribution/.evidence/compatibility-manifest.json +9 -0
- package/.agent-context/skills/distribution/.evidence/sbom-excerpt.json +6 -0
- package/.agent-context/skills/distribution/.evidence/test-report.json +8 -0
- package/.agent-context/skills/distribution/CHANGELOG.md +7 -0
- package/.agent-context/skills/distribution/README.md +27 -19
- package/.agent-context/skills/distribution/compatibility-manifest.json +8 -8
- package/.agent-context/skills/distribution/compatibility.md +31 -31
- package/.agent-context/skills/distribution/package.json +5 -0
- package/.agent-context/skills/distribution/provenance-attestation.md +47 -0
- package/.agent-context/skills/distribution/publish.md +36 -36
- package/.agent-context/skills/distribution/rollback.md +31 -31
- package/.agent-context/skills/distribution/tests/.gitkeep +1 -0
- package/.agent-context/skills/distribution.md +31 -28
- package/.agent-context/skills/frontend/.evidence/compatibility-manifest.json +9 -0
- package/.agent-context/skills/frontend/.evidence/sbom-excerpt.json +6 -0
- package/.agent-context/skills/frontend/.evidence/test-report.json +8 -0
- package/.agent-context/skills/frontend/CHANGELOG.md +7 -0
- package/.agent-context/skills/frontend/README.md +49 -36
- package/.agent-context/skills/frontend/accessibility.md +107 -107
- package/.agent-context/skills/frontend/compatibility-manifest.json +8 -8
- package/.agent-context/skills/frontend/conversion-clarity.md +51 -0
- package/.agent-context/skills/frontend/motion.md +66 -66
- package/.agent-context/skills/frontend/package.json +5 -0
- package/.agent-context/skills/frontend/performance.md +62 -62
- package/.agent-context/skills/frontend/responsive-delivery.md +41 -0
- package/.agent-context/skills/frontend/tests/.gitkeep +1 -0
- package/.agent-context/skills/frontend/ui-architecture.md +128 -128
- package/.agent-context/skills/frontend.md +35 -29
- package/.agent-context/skills/fullstack/.evidence/compatibility-manifest.json +9 -0
- package/.agent-context/skills/fullstack/.evidence/sbom-excerpt.json +6 -0
- package/.agent-context/skills/fullstack/.evidence/test-report.json +8 -0
- package/.agent-context/skills/fullstack/CHANGELOG.md +7 -0
- package/.agent-context/skills/fullstack/README.md +27 -19
- package/.agent-context/skills/fullstack/compatibility-manifest.json +8 -8
- package/.agent-context/skills/fullstack/contracts.md +52 -52
- package/.agent-context/skills/fullstack/end-to-end.md +41 -41
- package/.agent-context/skills/fullstack/feature-slicing.md +64 -64
- package/.agent-context/skills/fullstack/package.json +5 -0
- package/.agent-context/skills/fullstack/release-coordination.md +51 -0
- package/.agent-context/skills/fullstack/tests/.gitkeep +1 -0
- package/.agent-context/skills/fullstack.md +29 -26
- package/.agent-context/skills/index.json +107 -107
- package/.agent-context/skills/review-quality/.evidence/compatibility-manifest.json +9 -0
- package/.agent-context/skills/review-quality/.evidence/sbom-excerpt.json +6 -0
- package/.agent-context/skills/review-quality/.evidence/test-report.json +8 -0
- package/.agent-context/skills/review-quality/CHANGELOG.md +7 -0
- package/.agent-context/skills/review-quality/README.md +27 -19
- package/.agent-context/skills/review-quality/benchmark.md +29 -29
- package/.agent-context/skills/review-quality/compatibility-manifest.json +8 -8
- package/.agent-context/skills/review-quality/package.json +5 -0
- package/.agent-context/skills/review-quality/planning.md +37 -37
- package/.agent-context/skills/review-quality/release-decision.md +49 -0
- package/.agent-context/skills/review-quality/security.md +33 -33
- package/.agent-context/skills/review-quality/tests/.gitkeep +1 -0
- package/.agent-context/skills/review-quality.md +30 -27
- package/.agent-context/stacks/flutter.md +16 -16
- package/.agent-context/stacks/react-native.md +16 -16
- package/.agent-context/state/architecture-map.md +25 -25
- package/.agent-context/state/benchmark-analysis.json +431 -431
- package/.agent-context/state/benchmark-thresholds.json +10 -10
- package/.agent-context/state/benchmark-watchlist.json +19 -19
- package/.agent-context/state/dependency-map.md +32 -32
- package/.agent-context/state/quality-trend-report.json +16 -6
- package/.agent-context/state/skill-platform.json +38 -38
- package/.agent-context/state/weekly-governance-report.json +126 -0
- package/.agent-override.md +36 -36
- package/.cursorrules +1 -1
- package/.gemini/instructions.md +20 -20
- package/.github/ISSUE_TEMPLATE/v1.7-frontend-work-item.yml +54 -54
- package/.github/copilot-instructions.md +20 -20
- package/.github/workflows/benchmark-detection.yml +38 -38
- package/.github/workflows/benchmark-intelligence.yml +50 -50
- package/.github/workflows/frontend-usability-gate.yml +36 -36
- package/.github/workflows/governance-weekly-report.yml +43 -0
- package/.github/workflows/release-gate.yml +32 -32
- package/.github/workflows/sbom-compliance.yml +32 -32
- package/.windsurfrules +1 -1
- package/AGENTS.md +27 -27
- package/README.md +383 -368
- package/lib/cli/commands/optimize.mjs +171 -171
- package/lib/cli/compatibility.mjs +124 -124
- package/lib/cli/constants.mjs +35 -0
- package/lib/cli/token-optimization.mjs +275 -275
- package/lib/cli/utils.mjs +4 -1
- package/mcp.json +92 -92
- package/package.json +2 -1
- package/scripts/benchmark-gate.mjs +121 -121
- package/scripts/benchmark-intelligence.mjs +140 -140
- package/scripts/detection-benchmark.mjs +138 -138
- package/scripts/frontend-usability-audit.mjs +87 -87
- package/scripts/generate-sbom.mjs +61 -61
- package/scripts/governance-weekly-report.mjs +293 -0
- package/scripts/init-project.ps1 +104 -104
- package/scripts/llm-judge.mjs +664 -664
- package/scripts/quality-trend-report.mjs +288 -288
- package/scripts/release-gate.mjs +261 -259
- package/scripts/skill-tier-policy.mjs +75 -75
- package/scripts/token-optimization-benchmark.mjs +252 -252
- package/scripts/validate.mjs +874 -865
|
@@ -1,38 +1,38 @@
|
|
|
1
|
-
name: Detection Benchmark
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
push:
|
|
5
|
-
branches:
|
|
6
|
-
- '**'
|
|
7
|
-
pull_request:
|
|
8
|
-
workflow_dispatch:
|
|
9
|
-
|
|
10
|
-
permissions:
|
|
11
|
-
contents: read
|
|
12
|
-
|
|
13
|
-
jobs:
|
|
14
|
-
benchmark-detection:
|
|
15
|
-
runs-on: ubuntu-latest
|
|
16
|
-
timeout-minutes: 10
|
|
17
|
-
env:
|
|
18
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
19
|
-
steps:
|
|
20
|
-
- name: Checkout repository
|
|
21
|
-
uses: actions/checkout@v4
|
|
22
|
-
|
|
23
|
-
- name: Setup Node.js
|
|
24
|
-
uses: actions/setup-node@v4
|
|
25
|
-
with:
|
|
26
|
-
node-version: '22'
|
|
27
|
-
|
|
28
|
-
- name: Run detection benchmark
|
|
29
|
-
run: |
|
|
30
|
-
node ./scripts/detection-benchmark.mjs > detection-benchmark-report.json
|
|
31
|
-
test -s detection-benchmark-report.json
|
|
32
|
-
|
|
33
|
-
- name: Upload benchmark artifact
|
|
34
|
-
if: always()
|
|
35
|
-
uses: actions/upload-artifact@v4
|
|
36
|
-
with:
|
|
37
|
-
name: detection-benchmark-report
|
|
38
|
-
path: detection-benchmark-report.json
|
|
1
|
+
name: Detection Benchmark
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- '**'
|
|
7
|
+
pull_request:
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
benchmark-detection:
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
timeout-minutes: 10
|
|
17
|
+
env:
|
|
18
|
+
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
19
|
+
steps:
|
|
20
|
+
- name: Checkout repository
|
|
21
|
+
uses: actions/checkout@v4
|
|
22
|
+
|
|
23
|
+
- name: Setup Node.js
|
|
24
|
+
uses: actions/setup-node@v4
|
|
25
|
+
with:
|
|
26
|
+
node-version: '22'
|
|
27
|
+
|
|
28
|
+
- name: Run detection benchmark
|
|
29
|
+
run: |
|
|
30
|
+
node ./scripts/detection-benchmark.mjs > detection-benchmark-report.json
|
|
31
|
+
test -s detection-benchmark-report.json
|
|
32
|
+
|
|
33
|
+
- name: Upload benchmark artifact
|
|
34
|
+
if: always()
|
|
35
|
+
uses: actions/upload-artifact@v4
|
|
36
|
+
with:
|
|
37
|
+
name: detection-benchmark-report
|
|
38
|
+
path: detection-benchmark-report.json
|
|
@@ -1,50 +1,50 @@
|
|
|
1
|
-
name: Benchmark Intelligence
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
schedule:
|
|
5
|
-
- cron: '0 2 * * 1'
|
|
6
|
-
pull_request:
|
|
7
|
-
workflow_dispatch:
|
|
8
|
-
|
|
9
|
-
permissions:
|
|
10
|
-
contents: read
|
|
11
|
-
|
|
12
|
-
jobs:
|
|
13
|
-
benchmark-intelligence:
|
|
14
|
-
runs-on: ubuntu-latest
|
|
15
|
-
timeout-minutes: 10
|
|
16
|
-
env:
|
|
17
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
18
|
-
steps:
|
|
19
|
-
- name: Checkout repository
|
|
20
|
-
uses: actions/checkout@v4
|
|
21
|
-
|
|
22
|
-
- name: Setup Node.js
|
|
23
|
-
uses: actions/setup-node@v4
|
|
24
|
-
with:
|
|
25
|
-
node-version: '22'
|
|
26
|
-
|
|
27
|
-
- name: Run benchmark detection report
|
|
28
|
-
run: |
|
|
29
|
-
node ./scripts/detection-benchmark.mjs > detection-benchmark-report.json
|
|
30
|
-
test -s detection-benchmark-report.json
|
|
31
|
-
|
|
32
|
-
- name: Run benchmark anti-regression gate
|
|
33
|
-
run: |
|
|
34
|
-
node ./scripts/benchmark-gate.mjs > benchmark-gate-report.json
|
|
35
|
-
test -s benchmark-gate-report.json
|
|
36
|
-
|
|
37
|
-
- name: Run benchmark intelligence report
|
|
38
|
-
run: |
|
|
39
|
-
node ./scripts/benchmark-intelligence.mjs > benchmark-intelligence-report.json
|
|
40
|
-
test -s benchmark-intelligence-report.json
|
|
41
|
-
|
|
42
|
-
- name: Upload benchmark artifacts
|
|
43
|
-
if: always()
|
|
44
|
-
uses: actions/upload-artifact@v4
|
|
45
|
-
with:
|
|
46
|
-
name: benchmark-intelligence-report
|
|
47
|
-
path: |
|
|
48
|
-
detection-benchmark-report.json
|
|
49
|
-
benchmark-gate-report.json
|
|
50
|
-
benchmark-intelligence-report.json
|
|
1
|
+
name: Benchmark Intelligence
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
schedule:
|
|
5
|
+
- cron: '0 2 * * 1'
|
|
6
|
+
pull_request:
|
|
7
|
+
workflow_dispatch:
|
|
8
|
+
|
|
9
|
+
permissions:
|
|
10
|
+
contents: read
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
benchmark-intelligence:
|
|
14
|
+
runs-on: ubuntu-latest
|
|
15
|
+
timeout-minutes: 10
|
|
16
|
+
env:
|
|
17
|
+
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
18
|
+
steps:
|
|
19
|
+
- name: Checkout repository
|
|
20
|
+
uses: actions/checkout@v4
|
|
21
|
+
|
|
22
|
+
- name: Setup Node.js
|
|
23
|
+
uses: actions/setup-node@v4
|
|
24
|
+
with:
|
|
25
|
+
node-version: '22'
|
|
26
|
+
|
|
27
|
+
- name: Run benchmark detection report
|
|
28
|
+
run: |
|
|
29
|
+
node ./scripts/detection-benchmark.mjs > detection-benchmark-report.json
|
|
30
|
+
test -s detection-benchmark-report.json
|
|
31
|
+
|
|
32
|
+
- name: Run benchmark anti-regression gate
|
|
33
|
+
run: |
|
|
34
|
+
node ./scripts/benchmark-gate.mjs > benchmark-gate-report.json
|
|
35
|
+
test -s benchmark-gate-report.json
|
|
36
|
+
|
|
37
|
+
- name: Run benchmark intelligence report
|
|
38
|
+
run: |
|
|
39
|
+
node ./scripts/benchmark-intelligence.mjs > benchmark-intelligence-report.json
|
|
40
|
+
test -s benchmark-intelligence-report.json
|
|
41
|
+
|
|
42
|
+
- name: Upload benchmark artifacts
|
|
43
|
+
if: always()
|
|
44
|
+
uses: actions/upload-artifact@v4
|
|
45
|
+
with:
|
|
46
|
+
name: benchmark-intelligence-report
|
|
47
|
+
path: |
|
|
48
|
+
detection-benchmark-report.json
|
|
49
|
+
benchmark-gate-report.json
|
|
50
|
+
benchmark-intelligence-report.json
|
|
@@ -1,36 +1,36 @@
|
|
|
1
|
-
name: Frontend Usability Gate
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
push:
|
|
5
|
-
branches:
|
|
6
|
-
- '**'
|
|
7
|
-
pull_request:
|
|
8
|
-
workflow_dispatch:
|
|
9
|
-
|
|
10
|
-
permissions:
|
|
11
|
-
contents: read
|
|
12
|
-
|
|
13
|
-
jobs:
|
|
14
|
-
frontend-usability-audit:
|
|
15
|
-
runs-on: ubuntu-latest
|
|
16
|
-
timeout-minutes: 10
|
|
17
|
-
env:
|
|
18
|
-
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
19
|
-
steps:
|
|
20
|
-
- name: Checkout repository
|
|
21
|
-
uses: actions/checkout@v4
|
|
22
|
-
|
|
23
|
-
- name: Setup Node.js
|
|
24
|
-
uses: actions/setup-node@v4
|
|
25
|
-
with:
|
|
26
|
-
node-version: '22'
|
|
27
|
-
|
|
28
|
-
- name: Run frontend usability audit
|
|
29
|
-
run: node ./scripts/frontend-usability-audit.mjs > frontend-usability-audit-report.json
|
|
30
|
-
|
|
31
|
-
- name: Upload frontend audit artifact
|
|
32
|
-
if: always()
|
|
33
|
-
uses: actions/upload-artifact@v4
|
|
34
|
-
with:
|
|
35
|
-
name: frontend-usability-audit-report
|
|
36
|
-
path: frontend-usability-audit-report.json
|
|
1
|
+
name: Frontend Usability Gate
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- '**'
|
|
7
|
+
pull_request:
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
frontend-usability-audit:
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
timeout-minutes: 10
|
|
17
|
+
env:
|
|
18
|
+
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
19
|
+
steps:
|
|
20
|
+
- name: Checkout repository
|
|
21
|
+
uses: actions/checkout@v4
|
|
22
|
+
|
|
23
|
+
- name: Setup Node.js
|
|
24
|
+
uses: actions/setup-node@v4
|
|
25
|
+
with:
|
|
26
|
+
node-version: '22'
|
|
27
|
+
|
|
28
|
+
- name: Run frontend usability audit
|
|
29
|
+
run: node ./scripts/frontend-usability-audit.mjs > frontend-usability-audit-report.json
|
|
30
|
+
|
|
31
|
+
- name: Upload frontend audit artifact
|
|
32
|
+
if: always()
|
|
33
|
+
uses: actions/upload-artifact@v4
|
|
34
|
+
with:
|
|
35
|
+
name: frontend-usability-audit-report
|
|
36
|
+
path: frontend-usability-audit-report.json
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
name: Governance Weekly Report
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
schedule:
|
|
5
|
+
- cron: '0 3 * * 1'
|
|
6
|
+
workflow_dispatch:
|
|
7
|
+
|
|
8
|
+
permissions:
|
|
9
|
+
contents: read
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
governance-weekly-report:
|
|
13
|
+
runs-on: ubuntu-latest
|
|
14
|
+
timeout-minutes: 15
|
|
15
|
+
env:
|
|
16
|
+
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
|
|
17
|
+
steps:
|
|
18
|
+
- name: Checkout repository
|
|
19
|
+
uses: actions/checkout@v4
|
|
20
|
+
|
|
21
|
+
- name: Setup Node.js
|
|
22
|
+
uses: actions/setup-node@v4
|
|
23
|
+
with:
|
|
24
|
+
node-version: '22'
|
|
25
|
+
|
|
26
|
+
- name: Run quality trend report
|
|
27
|
+
run: |
|
|
28
|
+
node ./scripts/quality-trend-report.mjs > quality-trend-report.json
|
|
29
|
+
test -s quality-trend-report.json
|
|
30
|
+
|
|
31
|
+
- name: Run weekly governance report
|
|
32
|
+
run: |
|
|
33
|
+
node ./scripts/governance-weekly-report.mjs > weekly-governance-report.json
|
|
34
|
+
test -s weekly-governance-report.json
|
|
35
|
+
|
|
36
|
+
- name: Upload governance artifacts
|
|
37
|
+
if: always()
|
|
38
|
+
uses: actions/upload-artifact@v4
|
|
39
|
+
with:
|
|
40
|
+
name: governance-weekly-report
|
|
41
|
+
path: |
|
|
42
|
+
quality-trend-report.json
|
|
43
|
+
weekly-governance-report.json
|
|
@@ -1,32 +1,32 @@
|
|
|
1
|
-
name: release-gate
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
push:
|
|
5
|
-
branches:
|
|
6
|
-
- main
|
|
7
|
-
pull_request:
|
|
8
|
-
workflow_dispatch:
|
|
9
|
-
|
|
10
|
-
permissions:
|
|
11
|
-
contents: read
|
|
12
|
-
|
|
13
|
-
jobs:
|
|
14
|
-
release-gate:
|
|
15
|
-
runs-on: ubuntu-latest
|
|
16
|
-
steps:
|
|
17
|
-
- name: Checkout repository
|
|
18
|
-
uses: actions/checkout@v4
|
|
19
|
-
|
|
20
|
-
- name: Setup Node.js
|
|
21
|
-
uses: actions/setup-node@v4
|
|
22
|
-
with:
|
|
23
|
-
node-version: 24
|
|
24
|
-
|
|
25
|
-
- name: Run release gate
|
|
26
|
-
run: node ./scripts/release-gate.mjs > release-gate-report.json
|
|
27
|
-
|
|
28
|
-
- name: Upload release gate report artifact
|
|
29
|
-
uses: actions/upload-artifact@v4
|
|
30
|
-
with:
|
|
31
|
-
name: release-gate-report
|
|
32
|
-
path: release-gate-report.json
|
|
1
|
+
name: release-gate
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
pull_request:
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
release-gate:
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
steps:
|
|
17
|
+
- name: Checkout repository
|
|
18
|
+
uses: actions/checkout@v4
|
|
19
|
+
|
|
20
|
+
- name: Setup Node.js
|
|
21
|
+
uses: actions/setup-node@v4
|
|
22
|
+
with:
|
|
23
|
+
node-version: 24
|
|
24
|
+
|
|
25
|
+
- name: Run release gate
|
|
26
|
+
run: node ./scripts/release-gate.mjs > release-gate-report.json
|
|
27
|
+
|
|
28
|
+
- name: Upload release gate report artifact
|
|
29
|
+
uses: actions/upload-artifact@v4
|
|
30
|
+
with:
|
|
31
|
+
name: release-gate-report
|
|
32
|
+
path: release-gate-report.json
|
|
@@ -1,32 +1,32 @@
|
|
|
1
|
-
name: sbom-compliance
|
|
2
|
-
|
|
3
|
-
on:
|
|
4
|
-
push:
|
|
5
|
-
branches:
|
|
6
|
-
- main
|
|
7
|
-
pull_request:
|
|
8
|
-
workflow_dispatch:
|
|
9
|
-
|
|
10
|
-
permissions:
|
|
11
|
-
contents: read
|
|
12
|
-
|
|
13
|
-
jobs:
|
|
14
|
-
generate-sbom:
|
|
15
|
-
runs-on: ubuntu-latest
|
|
16
|
-
steps:
|
|
17
|
-
- name: Checkout repository
|
|
18
|
-
uses: actions/checkout@v4
|
|
19
|
-
|
|
20
|
-
- name: Setup Node.js
|
|
21
|
-
uses: actions/setup-node@v4
|
|
22
|
-
with:
|
|
23
|
-
node-version: 24
|
|
24
|
-
|
|
25
|
-
- name: Generate CycloneDX SBOM
|
|
26
|
-
run: node ./scripts/generate-sbom.mjs > sbom.cdx.json
|
|
27
|
-
|
|
28
|
-
- name: Upload SBOM artifact
|
|
29
|
-
uses: actions/upload-artifact@v4
|
|
30
|
-
with:
|
|
31
|
-
name: sbom-cyclonedx
|
|
32
|
-
path: sbom.cdx.json
|
|
1
|
+
name: sbom-compliance
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
pull_request:
|
|
8
|
+
workflow_dispatch:
|
|
9
|
+
|
|
10
|
+
permissions:
|
|
11
|
+
contents: read
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
generate-sbom:
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
steps:
|
|
17
|
+
- name: Checkout repository
|
|
18
|
+
uses: actions/checkout@v4
|
|
19
|
+
|
|
20
|
+
- name: Setup Node.js
|
|
21
|
+
uses: actions/setup-node@v4
|
|
22
|
+
with:
|
|
23
|
+
node-version: 24
|
|
24
|
+
|
|
25
|
+
- name: Generate CycloneDX SBOM
|
|
26
|
+
run: node ./scripts/generate-sbom.mjs > sbom.cdx.json
|
|
27
|
+
|
|
28
|
+
- name: Upload SBOM artifact
|
|
29
|
+
uses: actions/upload-artifact@v4
|
|
30
|
+
with:
|
|
31
|
+
name: sbom-cyclonedx
|
|
32
|
+
path: sbom.cdx.json
|
package/.windsurfrules
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# AGENTIC-SENIOR-CORE DYNAMIC GOVERNANCE RULESET
|
|
2
2
|
|
|
3
|
-
Generated by Agentic-Senior-Core CLI v2.0.
|
|
3
|
+
Generated by Agentic-Senior-Core CLI v2.0.7
|
|
4
4
|
Timestamp: 2026-04-08T14:58:53.570Z
|
|
5
5
|
Selected profile: beginner
|
|
6
6
|
Selected policy file: .agent-context/policies/llm-judge-threshold.json
|
package/AGENTS.md
CHANGED
|
@@ -1,28 +1,28 @@
|
|
|
1
|
-
# AGENTS.md - Thin Adapter
|
|
2
|
-
|
|
3
|
-
Adapter Mode: thin
|
|
4
|
-
Adapter Source: .instructions.md
|
|
5
|
-
Canonical Snapshot SHA256:
|
|
6
|
-
|
|
7
|
-
This file is an adapter entrypoint for agent discovery.
|
|
8
|
-
The canonical policy source is [.instructions.md](.instructions.md).
|
|
9
|
-
|
|
10
|
-
## Mandatory Bootstrap Chain
|
|
11
|
-
|
|
12
|
-
1. Load [.instructions.md](.instructions.md) first as the single source of truth.
|
|
13
|
-
2. Read baseline governance from [.agent-context/rules/](.agent-context/rules).
|
|
14
|
-
3. Load language conventions from [.agent-context/stacks/](.agent-context/stacks).
|
|
15
|
-
4. Load scaffolding references from [.agent-context/blueprints/](.agent-context/blueprints) when creating modules/projects.
|
|
16
|
-
5. Load domain packs from [.agent-context/skills/](.agent-context/skills).
|
|
17
|
-
6. Apply request templates from [.agent-context/prompts/](.agent-context/prompts).
|
|
18
|
-
7. Apply team governance defaults from [.agent-context/profiles/](.agent-context/profiles).
|
|
19
|
-
8. Read change-risk maps from [.agent-context/state/](.agent-context/state).
|
|
20
|
-
9. Enforce policy thresholds from [.agent-context/policies/](.agent-context/policies).
|
|
21
|
-
|
|
22
|
-
## Trigger Rules
|
|
23
|
-
|
|
24
|
-
- New project or module requests: propose architecture first and wait for approval.
|
|
25
|
-
- Refactor or fix requests: propose plan first, then execute safely.
|
|
26
|
-
- Completion: run [.agent-context/review-checklists/pr-checklist.md](.agent-context/review-checklists/pr-checklist.md) before declaring done.
|
|
27
|
-
|
|
1
|
+
# AGENTS.md - Thin Adapter
|
|
2
|
+
|
|
3
|
+
Adapter Mode: thin
|
|
4
|
+
Adapter Source: .instructions.md
|
|
5
|
+
Canonical Snapshot SHA256: 361ac86172268a2f20d4f7a1e407c7dd122f1b0c265d085e872254718b078d22
|
|
6
|
+
|
|
7
|
+
This file is an adapter entrypoint for agent discovery.
|
|
8
|
+
The canonical policy source is [.instructions.md](.instructions.md).
|
|
9
|
+
|
|
10
|
+
## Mandatory Bootstrap Chain
|
|
11
|
+
|
|
12
|
+
1. Load [.instructions.md](.instructions.md) first as the single source of truth.
|
|
13
|
+
2. Read baseline governance from [.agent-context/rules/](.agent-context/rules).
|
|
14
|
+
3. Load language conventions from [.agent-context/stacks/](.agent-context/stacks).
|
|
15
|
+
4. Load scaffolding references from [.agent-context/blueprints/](.agent-context/blueprints) when creating modules/projects.
|
|
16
|
+
5. Load domain packs from [.agent-context/skills/](.agent-context/skills).
|
|
17
|
+
6. Apply request templates from [.agent-context/prompts/](.agent-context/prompts).
|
|
18
|
+
7. Apply team governance defaults from [.agent-context/profiles/](.agent-context/profiles).
|
|
19
|
+
8. Read change-risk maps from [.agent-context/state/](.agent-context/state).
|
|
20
|
+
9. Enforce policy thresholds from [.agent-context/policies/](.agent-context/policies).
|
|
21
|
+
|
|
22
|
+
## Trigger Rules
|
|
23
|
+
|
|
24
|
+
- New project or module requests: propose architecture first and wait for approval.
|
|
25
|
+
- Refactor or fix requests: propose plan first, then execute safely.
|
|
26
|
+
- Completion: run [.agent-context/review-checklists/pr-checklist.md](.agent-context/review-checklists/pr-checklist.md) before declaring done.
|
|
27
|
+
|
|
28
28
|
If this adapter drifts from canonical behavior, refresh from [.instructions.md](.instructions.md) and update the hash metadata.
|