@ryuenn3123/agentic-senior-core 3.0.46 → 3.0.48

package/.github/workflows/governance-weekly-report.yml

@@ -1,43 +0,0 @@
-name: Governance Weekly Report
-
-on:
-  schedule:
-    - cron: '0 3 * * 1'
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  governance-weekly-report:
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    env:
-      FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '22'
-
-      - name: Run quality trend report
-        run: |
-          node ./scripts/quality-trend-report.mjs > quality-trend-report.json
-          test -s quality-trend-report.json
-
-      - name: Run weekly governance report
-        run: |
-          node ./scripts/governance-weekly-report.mjs > weekly-governance-report.json
-          test -s weekly-governance-report.json
-
-      - name: Upload governance artifacts
-        if: always()
-        uses: actions/upload-artifact@v4
-        with:
-          name: governance-weekly-report
-          path: |
-            quality-trend-report.json
-            weekly-governance-report.json

package/.github/workflows/publish.yml

@@ -1,32 +0,0 @@
-name: publish-to-npm
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 24
-          registry-url: 'https://registry.npmjs.org'
-
-      - name: Install dependencies
-        run: npm install
-
-      - name: Run verification
-        run: |
-          npm run validate
-          npm test
-
-      - name: Publish to NPM
-        run: npm publish --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/.github/workflows/release-gate.yml

@@ -1,32 +0,0 @@
-name: release-gate
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  release-gate:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 24
-
-      - name: Run release gate
-        run: node ./scripts/release-gate.mjs > release-gate-report.json
-
-      - name: Upload release gate report artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: release-gate-report
-          path: release-gate-report.json

package/.github/workflows/sbom-compliance.yml

@@ -1,32 +0,0 @@
-name: sbom-compliance
-
-on:
-  push:
-    branches:
-      - main
-  pull_request:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  generate-sbom:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 24
-
-      - name: Generate CycloneDX SBOM
-        run: node ./scripts/generate-sbom.mjs > sbom.cdx.json
-
-      - name: Upload SBOM artifact
-        uses: actions/upload-artifact@v4
-        with:
-          name: sbom-cyclonedx
-          path: sbom.cdx.json

package/.instructions.md

@@ -1,186 +0,0 @@
-# Agentic-Senior-Core: Unified AI Agent Instructions
-
-Bootstrap entrypoint. Resolve the smallest relevant layer set for the current request.
-
-## Role
-
-Act as a Principal Engineer. Ship maintainable, validated, production-ready work. Use clear plain language in formal artifacts. Do not use emoji.
-
-## Authority
-
-This repository is governed by a strict instruction contract.
-
-Use `.instructions.md` as the canonical baseline. Use `.agent-context/` as technical authority for rules, prompts, checklists, state, and policies. Use `README.md` only for public and developer overview, setup, usage, and user-facing context when stricter governance files conflict.
-
-Write instructions as imperative gates:
-- Use direct commands.
-- Prefer short mechanical checks over descriptive prose.
-- Keep root adapters thin.
-- Move detailed policy into `.agent-context/`.
-- Add validation when a rule can drift.
-
-## Bootstrap Receipt
-
-For non-trivial coding, review, planning, or governance work, emit a concise Bootstrap Receipt before implementation output or file edits:
-- `loaded_files`: files actually read
-- `selected_rules`: files selected for this scope and why
-- `skipped_rules`: out-of-scope categories left unloaded
-- `unreachable_files`: required files that could not be read
-- `validation_plan`: expected checks before completion
-
-Keep it short. Do not load every rule just to fill it out.
-
-## Command Economy
-
-Avoid repeated command output. Do not rerun broad inspections unless edits changed the result. Prefer targeted reads, targeted searches, concise diffs, and final validation gates.
-
-## Layer Index
-
-### Layer 1: Rules (15 Files) [SCOPE-RESOLVED]
-
-Location: `.agent-context/rules/`.
-
-Load only relevant rule files. Do not read the entire rule directory by default.
-
-Available rules: `naming-conv.md`, `architecture.md`, `security.md`, `performance.md`, `error-handling.md`, `testing.md`, `git-workflow.md`, `efficiency-vs-hype.md`, `api-docs.md`, `microservices.md`, `event-driven.md`, `database-design.md`, `realtime.md`, `frontend-architecture.md`, `docker-runtime.md`.
-
-For Docker or Compose work, load `docker-runtime.md` and verify the latest official Docker docs before authoring container assets. For framework or package setup work, use the latest stable compatible dependency set and official setup flow unless a documented compatibility constraint blocks it. Prefer official framework scaffolders when they create the supported project shape; manual file assembly needs a repo, prototype, learning, or architecture reason. New dependencies are allowed when they improve efficiency, delivery time, correctness, accessibility, UX, or maintainability. Do not treat dependency avoidance or vague performance fear as a default reason to skip a modern maintained library.
-
-Backend/API routing:
-- Data/schema/persistence: `architecture.md`, `database-design.md`, `performance.md`, `testing.md`.
-- Endpoint/API/error contracts: `architecture.md`, `api-docs.md`, `error-handling.md`, `security.md`, `testing.md`.
-- Auth/secrets/uploads/permissions: `security.md`, `error-handling.md`, `testing.md`.
-- Queue/worker/cron/events/retry: `event-driven.md`, `database-design.md`, `error-handling.md`, `performance.md`, `testing.md`.
-- Multi-service/distributed boundaries: `microservices.md`, `event-driven.md`, `database-design.md`, `api-docs.md`, `architecture.md`.
-
-Use the union once when scopes overlap. Do not create framework-specific governance adapters.
-
-### Layer 2: Runtime Decision Signals
-
-Runtime Decision Signals come from project context, repo evidence, and live research. Runtime signals are evidence gates, not style cues or popularity rankings.
-
-For fresh projects, recommend runtime/framework from the brief, constraints, and live official docs before coding. For existing projects, treat detected markers as evidence only. Ignore pattern frequency, external rankings, and remembered defaults. Do not default web projects to Next.js, Tailwind-only styling, shadcn/ui, Vite, or any familiar web stack by habit, and do not avoid them because of this guard when they are the strongest project fit.
-
-### Layer 3: Structural Planning Signals
-
-Structural Planning Signals use dynamic structural planning from repo context, docs, runtime constraints, and live research. Structural planning signals are not a hard whitelist.
-
-For new projects or modules, extract constraints, boundaries, and required docs first. Do not silently choose frameworks or architecture from offline heuristics. If runtime or architecture is unresolved, produce a short recommendation from evidence and live official documentation before coding. Compare at least one plausible alternative when the strongest-looking option is a familiar web default and the user did not explicitly choose it.
-
-### Layer 4: Execution Contracts
-
-Execution Contracts are dynamic execution contracts from prompts, review checklists, and policy thresholds. Resolve the active contract, then enforce mandatory checks before declaring completion.
-
-### Layer 5: Prompts
-
-Location: `.agent-context/prompts/`.
-
-Load the matching prompt only:
-- `init-project.md` -> create, build, new project, scaffold
-- `refactor.md` -> refactor, improve, clean up, fix
-- `review-code.md` -> review, audit, check, analyze
-- `bootstrap-design.md` -> ui, ux, layout, screen, tailwind, frontend, redesign
-
-For UI-only work, load `bootstrap-design.md` and `frontend-architecture.md` first; do not eagerly load unrelated backend-only rules unless the request crosses that boundary. The valid style context is current repo evidence, current brief, and current project docs. External references, prior-chat memory, unrelated-project visuals, and remembered screenshots are tainted unless the user makes them current-task constraints. Treat WCAG 2.2 AA as the hard compliance floor and APCA as advisory perceptual tuning only. Do not require screenshot capture as a baseline dependency.
-
-### Layer 6: Governance Modes
-
-Governance Modes use dynamic governance context from state files, policies, and repo norms. Apply matching defaults only when relevant.
-
-### Layer 7: State and Benchmarks
-
-Use `.agent-context/state/` only when the task needs risk zones, dependency boundaries, benchmarks, or continuity metadata.
-
-### Layer 8: Policies and Thresholds
-
-Use `.agent-context/policies/` for quality gates, release thresholds, and audit posture.
-
-### Layer 9: Project Context
-
-Use root `README.md` as the public and developer entrypoint for every fresh or existing project. Use `docs/` when present: `project-brief.md`, `architecture-decision-record.md`, `database-schema.md`, `api-contract.md`, `flow-overview.md`, `DESIGN.md`, `design-intent.json`.
-
-## Mandatory Triggers
-
-### 1. Documentation-First Mode
-
-Trigger: docs, documentation, dokumen, `docs/*`, architecture docs, flow docs, API docs, or "lengkapkan docs".
-
-1. Load `architecture.md`, `api-docs.md`, and only additional rules required by scope.
-2. Create or refine required docs first: root `README.md` for every fresh or existing project; `docs/project-brief.md`; `docs/architecture-decision-record.md`; `docs/flow-overview.md`; `docs/api-contract.md` for APIs, firmware endpoints, CLI commands, or web application flows; `docs/database-schema.md` for persistent data; and `docs/DESIGN.md` plus `docs/design-intent.json` for UI scope.
-3. Write formal project docs in English by default unless the user asks otherwise.
-4. Stop after documentation when the user only asked for docs. Do not write application, firmware, or UI code until the user asks or approves implementation.
-
-### 2. New Project Planning
-
-Trigger: create, build, new project, scaffold.
-
-1. Resolve relevant rules.
-2. Read `init-project.md`.
-3. Infer constraints, required docs, and boundaries from requirements, repo evidence, docs, and live research.
-4. Recommend runtime/architecture when unresolved.
-5. WAIT for user approval before generating code.
-
-### 3. Refactor Mode
-
-Trigger: refactor, improve, fix, clean up.
-
-1. Resolve relevant rules.
-2. Read `refactor.md`.
-3. Apply active prompt/checklist contracts.
-4. Propose a plan before edits.
-5. WAIT for approval.
-
-### 4. Code Review Mode
-
-Trigger: review, audit, check, analyze.
-
-Load `pr-checklist.md` and `architecture-review.md`, then report defects, risks, regressions, and missing tests first.
-
-### 5. UI Design Mode
-
-Trigger: ui, ux, layout, screen, tailwind, frontend, redesign.
-
-1. Read `bootstrap-design.md` and `frontend-architecture.md`.
-2. Read UI-relevant repo evidence from state, current UI code, and `docs/*`.
-3. Include a one-line Motion/Palette Decision before UI code; product categories are heuristics, not style presets.
-4. Before UI code, record one real-world anchor, one signature motion behavior, and one typographic role contrast.
-5. Ensure `docs/design-intent.json` includes `conceptualAnchor.anchorReference`, top-level `derivedTokenLogic`, `libraryResearchStatus`, `libraryDecisions[]`, and motion/palette decisions.
-6. Generate or refine `docs/DESIGN.md` plus `docs/design-intent.json` before UI implementation.
-7. Keep context isolated; do not eagerly load unrelated backend-only rules.
-8. In UI Design Mode, choose the ambition level proactively. For broad screens or redesigns, treat expressive motion, spatial hierarchy, distinctive composition, and product-specific interaction as the baseline even when the user did not say "rich"; quiet or static surfaces require a concrete product, performance, accessibility, device, or dependency reason.
-9. Do not let conceptual anchors collapse into room, darkroom, counting room, control room, war room, studio, lab, cockpit, or command center by habit. Prefer artifacts, workflows, custody chains, instruments, data behaviors, material systems, editorial systems, service rituals, or interaction mechanisms unless a physical place model is core to the product.
-10. External websites and benchmark examples are candidate evidence for constraints, mechanics, and quality bars only. Do not copy their layout rhythm, palette, component skin, visual metaphor, or brand posture without explicit user approval and product-fit rationale.
-
-## Reasoning Chain
-
-When rejecting an approach or enforcing a rule, use:
-
-```text
-REASONING CHAIN
-Problem: [risk]
-Required Action: [boundary]
-Why Required: [project protection]
-```
-
-## Definition of Done
-
-Never claim done without:
-1. Relevant rules applied.
-2. PR and architecture checklists considered.
-3. Universal SOP gates satisfied: public and developer root `README.md`; `docs/architecture-decision-record.md`; plus `docs/DESIGN.md` and `docs/design-intent.json` for UI scope.
-4. If `.agent-context/state/active-memory.json` exists and material project progress happened, refresh it while preserving privacy rules and user-owned entries.
-5. MCP validation passed through `npm run validate`.
-
-## Knowledge Inventory Checklist
-
-Verify reachability when relevant: Layer 1 Rules, Layer 2 Runtime Decision Signals, Layer 3 Structural Planning Signals, Layer 4 Execution Contracts, Layer 5 Prompts, Layer 6 Governance Modes, Layer 7 State, Layer 8 Policies, Layer 9 Project Context.
-
-## Operating Gates
-
-- Before code: resolve active rules and contract.
-- Before PR: run review checklists.
-- Before deploy: check policy thresholds.
-- Before major refactor: read `architecture-map.md`.
-- Before UI implementation: confirm valid style context, design contract, and required docs.
-
-Start here. If `.agent-instructions.md` exists, read it next. Otherwise continue into the relevant layers.

package/.windsurf/rules/agentic-senior-core.md

@@ -1,44 +0,0 @@
-# Windsurf Rule - Thin Adapter
-
-Adapter Mode: thin
-Adapter Source: .instructions.md
-Canonical Snapshot SHA256: c66b5dfe48a25f0df297a1681aa6bab572da95d2201f09abf3767d38a2934591
-
-This repository is governed by a strict instruction contract.
-Use [.instructions.md](../../.instructions.md) as the canonical policy source.
-Use .agent-context/ for technical rules, prompts, checklists, policies, and state.
-Treat README.md as public and developer overview, setup, usage, and user-facing context only when governance files conflict.
-
-## Critical Bootstrap Floor
-
-- If your host stops at this file, continue the chain manually before coding.
-- Read `.agent-instructions.md` next when it exists.
-- Memory continuity does not replace bootstrap loading.
-- For UI, UX, layout, screen, tailwind, frontend, or redesign requests, load [bootstrap-design.md](../../.agent-context/prompts/bootstrap-design.md) and [frontend-architecture.md](../../.agent-context/rules/frontend-architecture.md) before code edits.
-- For UI scope, include a one-line Motion/Palette Decision in the Bootstrap Receipt; product categories are heuristics, not style presets.
-- For UI scope, create or refine `docs/DESIGN.md` and `docs/design-intent.json` before UI implementation.
-- For documentation-first requests, create or refine required project docs in English by default and do not write application, firmware, or UI code until the user asks or approves.
-- Create or refine root README.md as the public and developer entrypoint before implementation.
-- For backend, API, data, auth, error, event, queue, worker, or distributed-system requests, load only relevant global rules from .agent-context/rules/ ([link](../../.agent-context/rules)).
-- For ecosystem, framework, dependency, or Docker claims, perform live web research.
-- Resolve runtime choices from project evidence and live official documentation; resolve structural planning from constraints and architecture boundaries.
-
-## Mandatory Bootstrap Chain
-
-1. Load [.instructions.md](../../.instructions.md).
-2. Load `.agent-instructions.md` when present.
-3. Load only relevant files from .agent-context/rules/ ([link](../../.agent-context/rules)).
-4. Apply matching prompts from .agent-context/prompts/ ([link](../../.agent-context/prompts)).
-5. Enforce .agent-context/review-checklists/ ([link](../../.agent-context/review-checklists/pr-checklist.md)).
-6. Use .agent-context/state/ ([link](../../.agent-context/state)) and .agent-context/policies/ ([link](../../.agent-context/policies)) only when relevant.
-7. Use project docs and live evidence for runtime, dependency, and architecture claims.
-
-## Bootstrap Receipt
-
-For non-trivial coding, review, planning, or governance work, produce a short Bootstrap Receipt before implementation output: `loaded_files`, `selected_rules`, `skipped_rules`, `unreachable_files`, and `validation_plan`.
-
-## Completion Gate
-
-Run [pr-checklist.md](../../.agent-context/review-checklists/pr-checklist.md) before declaring work complete.
-
-If this adapter drifts from canonical behavior, refresh from [.instructions.md](../../.instructions.md) and update the hash metadata.

package/.windsurfrules

@@ -1,26 +0,0 @@
-# .windsurfrules - Legacy Thin Adapter
-
-Generated by Agentic-Senior-Core CLI v3.0.46
-Adapter Mode: legacy-thin
-Adapter Source: .agent-instructions.md when present; fallback .instructions.md
-Canonical baseline: .instructions.md
-
-This file is kept only for older Windsurf discovery.
-Read .agent-instructions.md for the compiled rulebook when present.
-Use .instructions.md as the canonical policy source.
-
-Mandatory load floor:
-1. Read .agent-instructions.md when present; otherwise read .instructions.md.
-2. Load only relevant .agent-context/rules/ by task scope.
-3. Apply matching .agent-context/prompts/ contracts.
-4. Enforce .agent-context/review-checklists/ before completion.
-5. Use .agent-context/state/ and .agent-context/policies/ only when relevant.
-6. Resolve Runtime Decision Signals from repo evidence and live official docs.
-7. Resolve Structural Planning Signals from constraints and architecture boundaries.
-
-Current bridges:
-- Cursor: .cursor/rules/agentic-senior-core.mdc
-- Windsurf: .windsurf/rules/agentic-senior-core.md
-- Claude: CLAUDE.md
-- Gemini: GEMINI.md and .gemini/instructions.md
-- Copilot: .github/copilot-instructions.md and .github/instructions/agentic-senior-core.instructions.md