npm - @sylix/coworker - Versions diffs - 2.0.11 → 2.0.12 - Mend

@sylix/coworker 2.0.11 → 2.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/dist/skills/defaults/devops/git-workflows.md ADDED Viewed

@@ -0,0 +1,205 @@
+---
+name: git-workflows
+description: Master Git workflows including branching strategies, PR best practices, and collaborative development.
+---
+# Git Workflows — CoWorker Edition
+Collaborate effectively with Git.
+## When to Use This Skill
+- Setting up project workflows
+- Managing branches
+- Code reviews
+- Release management
+## Core Concepts
+### 1. Branching Strategy
+```
+main (production)
+  │
+  ├── develop (integration)
+  │     │
+  │     ├── feature/user-auth
+  │     ├── feature/payments
+  │     └── bugfix/login-fix
+  │
+  └── release/v1.2.0
+        │
+        └── hotfix/security-patch
+```
+### 2. Commit Messages
+```bash
+# Good commit messages
+git commit -m "feat: add user authentication flow"
+# Conventional commits format
+# type(scope): description
+# Types:
+# feat:     New feature
+# fix:      Bug fix
+# docs:     Documentation
+# style:    Formatting
+# refactor: Code restructuring
+# test:     Tests
+# chore:    Maintenance
+# Examples:
+git commit -m "fix: resolve memory leak in data processor"
+git commit -m "docs: update API documentation"
+git commit -m "refactor(auth): extract token validation"
+git commit -m "test(api): add integration tests for users"
+```
+### 3. Working with Branches
+```bash
+# Create feature branch
+git checkout -b feature/user-dashboard
+# Keep branch updated with main
+git fetch origin
+git rebase origin/main
+# Interactive rebase to clean commits
+git rebase -i HEAD~3
+# Squash commits
+git rebase -i main
+# Change 'pick' to 'squash' for commits to combine
+```
+### 4. Pull Request Workflow
+```bash
+# Update branch before PR
+git fetch origin
+git rebase origin/main
+# Push branch
+git push -u origin feature/user-dashboard
+# Create PR with good description
+# - What does this PR do?
+# - Why is this change needed?
+# - How was it tested?
+# - Screenshots if UI changes
+# Update PR with additional commits
+git push
+# Squash merge on GitHub/GitLab
+```
+### 5. Code Review Practices
+```bash
+# Review own PR first
+git diff main...HEAD  # What changed since main
+git log --oneline main..HEAD  # Commit history
+# Good PR description
+"""
+## Summary
+Implements user dashboard with analytics.
+## Changes
+- Add Dashboard component
+- Add analytics API endpoints
+- Add chart visualizations
+## Testing
+- [ ] Unit tests pass
+- [ ] Manual testing on staging
+- [ ] Works on mobile
+## Screenshots
+[attach screenshots]
+"""
+```
+### 6. Git Hooks
+```bash
+# .git/hooks/pre-commit
+#!/bin/sh
+npm run lint
+npm run typecheck
+# .git/hooks/commit-msg
+#!/bin/sh
+COMMIT_MSG=$(cat "$1")
+PATTERN="^(feat|fix|docs|refactor|test|chore)(\(.+\))?: .{1,50}"
+if ! echo "$COMMIT_MSG" | grep -qE "$PATTERN"; then
+    echo "Invalid commit message format"
+    exit 1
+fi
+```
+```yaml
+# GitHub Actions - enforce conventional commits
+name: Enforce Conventional Commits
+on:
+  pull_request:
+    branches: [main]
+jobs:
+  commitlint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - run: npx commitlint --edit "${{ github.event.pull_request.title }}"
+```
+### 7. Undoing Changes
+```bash
+# Unstage files
+git reset HEAD file.txt
+# Undo last commit (keep changes)
+git reset --soft HEAD~1
+# Undo last commit (discard changes)
+git reset --hard HEAD~1
+# Revert a commit (creates new commit)
+git revert abc123
+# Reset to specific state
+git checkout -- file.txt  # Discard local changes
+git checkout HEAD -- file.txt  # Reset to last commit
+```
+## Best Practices
+1. **Atomic commits** - One logical change per commit
+2. **Descriptive messages** - Clear and concise
+3. **Small PRs** - Easier to review
+4. **Keep main clean** - Never commit to main directly
+5. **Rebase over merge** - Clean history
+6. **Squash feature branches** - Single commit per feature
+## Common Mistakes
+- Committing to main
+- Large PRs
+- Generic commit messages
+- Not testing before push
+- Force pushing to shared branches
+- Not cleaning up merged branches

package/dist/skills/defaults/devops/github-actions.md ADDED Viewed

@@ -0,0 +1,311 @@
+---
+name: github-actions-templates
+description: Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or creating reusable workflow templates.
+---
+# GitHub Actions Templates
+Production-ready GitHub Actions workflow patterns for testing, building, and deploying applications.
+## When to Use This Skill
+- Automate testing and deployment
+- Build Docker images and push to registries
+- Deploy to Kubernetes clusters
+- Run security scans
+- Implement matrix builds for multiple environments
+## Common Workflow Patterns
+### Pattern 1: Test Workflow
+```yaml
+name: Test
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [18.x, 20.x]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: "npm"
+      - name: Install dependencies
+        run: npm ci
+      - name: Run linter
+        run: npm run lint
+      - name: Run tests
+        run: npm test
+      - name: Upload coverage
+        uses: codecov/codecov-action@v3
+        with:
+          files: ./coverage/lcov.info
+```
+### Pattern 2: Build and Push Docker Image
+```yaml
+name: Build and Push
+on:
+  push:
+    branches: [main]
+    tags: ["v*"]
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Log in to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+```
+### Pattern 3: Deploy to Kubernetes
+```yaml
+name: Deploy to Kubernetes
+on:
+  push:
+    branches: [main]
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-west-2
+      - name: Update kubeconfig
+        run: |
+          aws eks update-kubeconfig --name production-cluster --region us-west-2
+      - name: Deploy to Kubernetes
+        run: |
+          kubectl apply -f k8s/
+          kubectl rollout status deployment/my-app -n production
+          kubectl get services -n production
+      - name: Verify deployment
+        run: |
+          kubectl get pods -n production
+          kubectl describe deployment my-app -n production
+```
+### Pattern 4: Matrix Build
+```yaml
+name: Matrix Build
+on: [push, pull_request]
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+      - name: Run tests
+        run: pytest
+```
+## Workflow Best Practices
+1. **Use specific action versions** (@v4, not @latest)
+2. **Cache dependencies** to speed up builds
+3. **Use secrets** for sensitive data
+4. **Implement status checks** on PRs
+5. **Use matrix builds** for multi-version testing
+6. **Set appropriate permissions**
+7. **Use reusable workflows** for common patterns
+8. **Implement approval gates** for production
+9. **Add notification steps** for failures
+10. **Use self-hosted runners** for sensitive workloads
+## Reusable Workflows
+```yaml
+# .github/workflows/reusable-test.yml
+name: Reusable Test Workflow
+on:
+  workflow_call:
+    inputs:
+      node-version:
+        required: true
+        type: string
+    secrets:
+      NPM_TOKEN:
+        required: true
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.node-version }}
+      - run: npm ci
+      - run: npm test
+```
+**Use reusable workflow:**
+```yaml
+jobs:
+  call-test:
+    uses: ./.github/workflows/reusable-test.yml
+    with:
+      node-version: "20.x"
+    secrets:
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+```
+## Security Scanning
+```yaml
+name: Security Scan
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: "fs"
+          scan-ref: "."
+          format: "sarif"
+          output: "trivy-results.sarif"
+      - name: Upload Trivy results to GitHub Security
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-results.sarif"
+      - name: Run Snyk Security Scan
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+```
+## Deployment with Approvals
+```yaml
+name: Deploy to Production
+on:
+  push:
+    tags: ["v*"]
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: production
+      url: https://app.example.com
+    steps:
+      - uses: actions/checkout@v4
+      - name: Deploy application
+        run: |
+          echo "Deploying to production..."
+          # Deployment commands here
+      - name: Notify Slack
+        if: success()
+        uses: slackapi/slack-github-action@v1
+        with:
+          webhook-url: ${{ secrets.SLACK_WEBHOOK }}
+          payload: |
+            {
+              "text": "Deployment to production completed successfully!"
+            }
+```