@sylphx/flow 2.28.3 → 2.28.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/assets/slash-commands/continue.md +87 -9
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# @sylphx/flow
|
|
2
2
|
|
|
3
|
+
## 2.28.4 (2026-01-04)
|
|
4
|
+
|
|
5
|
+
Rewrite continue command with SSOT principles and comprehensive system correctness guidelines
|
|
6
|
+
|
|
7
|
+
### 📚 Documentation
|
|
8
|
+
|
|
9
|
+
- **commands:** rewrite continue command with SSOT principles ([b3ca5e0](https://github.com/SylphxAI/flow/commit/b3ca5e048b7580ed2f723936297b015a03964932))
|
|
10
|
+
|
|
3
11
|
## 2.28.3 (2025-12-19)
|
|
4
12
|
|
|
5
13
|
### 🐛 Bug Fixes
|
|
@@ -5,17 +5,95 @@ description: Trigger autonomous product iteration - think, improve, ship
|
|
|
5
5
|
|
|
6
6
|
# Continue
|
|
7
7
|
|
|
8
|
-
|
|
8
|
+
Continuously commit.
|
|
9
9
|
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
- What would beat competitors?
|
|
10
|
+
The entire system — not limited to data — must strictly obey a Single Source of Truth (SSOT) principle.
|
|
11
|
+
Every state, behavior, flow, permission, architecture decision, UI behavior, and side effect
|
|
12
|
+
must have exactly one authoritative source, one interpretation, and one correct path.
|
|
14
13
|
|
|
15
|
-
|
|
14
|
+
The system must be fully reason-able end to end.
|
|
15
|
+
There must be no implicit behavior, hidden assumptions, magic defaults, or silent fallbacks.
|
|
16
16
|
|
|
17
|
-
|
|
17
|
+
Continuously and repeatedly review, validate, and correct the entire system:
|
|
18
|
+
- Membership and identity correctness and completeness
|
|
19
|
+
- Consistency across state, permissions, flows, and lifecycle
|
|
20
|
+
- Architectural boundaries, modularity, and separation of responsibilities
|
|
21
|
+
- UI behavior matching system intent, state, and permissions
|
|
22
|
+
- Alignment with modern industry standards and best practices
|
|
18
23
|
|
|
19
|
-
|
|
24
|
+
No workarounds.
|
|
25
|
+
No hacks.
|
|
26
|
+
No temporary solutions.
|
|
27
|
+
No backward compatibility.
|
|
28
|
+
No deprecated logic.
|
|
29
|
+
No TODOs.
|
|
30
|
+
No dead code.
|
|
31
|
+
No unused code.
|
|
32
|
+
No incorrect or misleading code.
|
|
20
33
|
|
|
21
|
-
|
|
34
|
+
Every feature must be built intent-first:
|
|
35
|
+
- The correct model must exist before implementation
|
|
36
|
+
- No duplicated concepts, parallel truths, or shadow logic
|
|
37
|
+
- Any feature must be removable or refactorable without destabilizing the system
|
|
38
|
+
|
|
39
|
+
Continuously perform:
|
|
40
|
+
- Deduplication
|
|
41
|
+
- Refactoring
|
|
42
|
+
- Polishing
|
|
43
|
+
- Modularity enforcement
|
|
44
|
+
- Responsibility separation
|
|
45
|
+
- Architectural correction
|
|
46
|
+
|
|
47
|
+
The system must remain:
|
|
48
|
+
- Stateless
|
|
49
|
+
- Serverless-friendly
|
|
50
|
+
- Scalable
|
|
51
|
+
- Reasonable
|
|
52
|
+
- Testable
|
|
53
|
+
- Observable
|
|
54
|
+
|
|
55
|
+
All technologies must be used correctly, consistently, and idiomatically:
|
|
56
|
+
tRPC, Next.js, Radix UI, next-intl, Drizzle,
|
|
57
|
+
Better Auth, Stripe, Upstash, Neon, Vercel,
|
|
58
|
+
Resend (email), Vercel Blob (storage),
|
|
59
|
+
AI SDK with OpenRouter provider,
|
|
60
|
+
Iconify, Bun, Biome, Bun test,
|
|
61
|
+
Responsive Web Design.
|
|
62
|
+
|
|
63
|
+
Any identity or permission bootstrap (e.g. super admin):
|
|
64
|
+
- Must be defined via environment configuration
|
|
65
|
+
- Must execute exactly once in the system's lifetime
|
|
66
|
+
- Must be non-reentrant
|
|
67
|
+
- Must not be bypassable
|
|
68
|
+
- Must not become a permanent logic dependency
|
|
69
|
+
|
|
70
|
+
All sensitive operations require explicit re-authentication:
|
|
71
|
+
Sensitive action triggered
|
|
72
|
+
↓
|
|
73
|
+
Check verified session
|
|
74
|
+
↓
|
|
75
|
+
Does the user have a password?
|
|
76
|
+
├─ Yes → Verify password
|
|
77
|
+
└─ No → Send email OTP (6 digits, 10-minute expiry)
|
|
78
|
+
↓
|
|
79
|
+
Verification succeeds
|
|
80
|
+
↓
|
|
81
|
+
Mark session as verified
|
|
82
|
+
↓
|
|
83
|
+
Allow scoped, time-bound sensitive actions
|
|
84
|
+
(2FA setup, email change, account deletion, etc.)
|
|
85
|
+
|
|
86
|
+
The verified state must:
|
|
87
|
+
- Have explicit scope
|
|
88
|
+
- Have explicit expiration
|
|
89
|
+
- Never be implicitly reused
|
|
90
|
+
- Never be shared across sessions or contexts
|
|
91
|
+
|
|
92
|
+
Any ambiguity, inconsistency, incompleteness, or undefined behavior
|
|
93
|
+
must be treated as a bug, not a feature.
|
|
94
|
+
|
|
95
|
+
The system must withstand repeated review, rejection, refactor, and redesign,
|
|
96
|
+
and after every correction,
|
|
97
|
+
become simpler, more consistent, and closer to the correct model.
|
|
98
|
+
|
|
99
|
+
Ultrathink.
|
package/package.json
CHANGED