@synapta/skills 0.1.1 → 0.2.0

package/skills/repo-bootstrap/assets/scoped/frontend-typescript.md

@@ -0,0 +1,88 @@
+<!-- Managed by agent: keep sections and order; edit content, not structure. Last updated: {{TIMESTAMP}} -->
+
+# AGENTS.md — {{SCOPE_NAME}}
+
+<!-- AGENTS-GENERATED:START overview -->
+## Overview
+{{SCOPE_DESCRIPTION}}
+<!-- AGENTS-GENERATED:END overview -->
+
+<!-- AGENTS-GENERATED:START filemap -->
+## Key Files
+{{SCOPE_FILE_MAP}}
+<!-- AGENTS-GENERATED:END filemap -->
+
+<!-- AGENTS-GENERATED:START golden-samples -->
+## Golden Samples (follow these patterns)
+{{SCOPE_GOLDEN_SAMPLES}}
+<!-- AGENTS-GENERATED:END golden-samples -->
+
+<!-- AGENTS-GENERATED:START setup -->
+## Setup & environment
+{{NODE_VERSION_LINE}}
+{{FRAMEWORK_LINE}}
+{{PACKAGE_MANAGER_LINE}}
+{{ENV_VARS_LINE}}
+<!-- AGENTS-GENERATED:END setup -->
+
+<!-- AGENTS-GENERATED:START commands -->
+## Build & tests
+{{INSTALL_LINE}}
+{{TYPECHECK_LINE}}
+{{LINT_LINE}}
+{{FORMAT_LINE}}
+{{TEST_LINE}}
+{{BUILD_LINE}}
+{{DEV_LINE}}
+<!-- AGENTS-GENERATED:END commands -->
+
+<!-- AGENTS-GENERATED:START code-style -->
+## Code style & conventions
+{{TS_STRICT_LINE}}
+{{COMPONENT_STYLE_LINE}}
+- Naming: `camelCase` for variables/functions, `PascalCase` for components
+- File naming: `ComponentName.tsx`, `utilityName.ts`
+- Imports: group and sort (external, internal, types)
+{{CSS_APPROACH_LINE}}
+{{FRAMEWORK_CONVENTIONS}}
+<!-- AGENTS-GENERATED:END code-style -->
+
+<!-- AGENTS-GENERATED:START security -->
+## Security & safety
+- Sanitize user inputs before rendering
+- Raw HTML rendering only with sanitized content (use DOMPurify)
+- Validate environment variables at build time
+- Never expose secrets in client-side code
+- Use HTTPS for all API calls
+- Implement CSP headers
+- WCAG 2.2 AA accessibility compliance
+<!-- AGENTS-GENERATED:END security -->
+
+<!-- AGENTS-GENERATED:START checklist -->
+## PR/commit checklist
+{{TEST_CHECKLIST_LINE}}
+{{TYPECHECK_CHECKLIST_LINE}}
+{{LINT_CHECKLIST_LINE}}
+{{FORMAT_CHECKLIST_LINE}}
+- [ ] Accessibility: keyboard navigation works, ARIA labels present
+- [ ] Responsive: tested on mobile, tablet, desktop
+- [ ] Performance: no unnecessary re-renders
+<!-- AGENTS-GENERATED:END checklist -->
+
+<!-- AGENTS-GENERATED:START examples -->
+## Patterns to Follow
+> **Prefer looking at real code in this repo over generic examples.**
+> See **Golden Samples** section above for files that demonstrate correct patterns.
+<!-- AGENTS-GENERATED:END examples -->
+
+<!-- AGENTS-GENERATED:START help -->
+## When stuck
+{{FRAMEWORK_DOCS_LINE}}
+- Review TypeScript handbook: https://www.typescriptlang.org/docs/
+- Check root AGENTS.md for project-wide conventions
+- Review existing components for patterns
+<!-- AGENTS-GENERATED:END help -->
+
+## House Rules (project-specific)
+<!-- This section is NOT auto-generated - add your project-specific rules here -->
+{{HOUSE_RULES}}

package/skills/repo-bootstrap/assets/scoped/github-actions.md

@@ -0,0 +1,174 @@
+<!-- Managed by agent: keep sections and order; edit content, not structure. Last updated: {{TIMESTAMP}} -->
+
+# AGENTS.md — {{SCOPE_NAME}}
+
+<!-- AGENTS-GENERATED:START overview -->
+## Overview
+{{SCOPE_DESCRIPTION}}
+<!-- AGENTS-GENERATED:END overview -->
+
+<!-- AGENTS-GENERATED:START filemap -->
+## Key Files
+{{SCOPE_FILE_MAP}}
+<!-- AGENTS-GENERATED:END filemap -->
+
+<!-- AGENTS-GENERATED:START golden-samples -->
+## Golden Samples (follow these patterns)
+{{SCOPE_GOLDEN_SAMPLES}}
+<!-- AGENTS-GENERATED:END golden-samples -->
+
+<!-- AGENTS-GENERATED:START setup -->
+## Workflow files
+{{WORKFLOW_COUNT_LINE}}
+{{REUSABLE_WORKFLOWS_LINE}}
+<!-- AGENTS-GENERATED:END setup -->
+
+<!-- AGENTS-GENERATED:START structure -->
+## Directory structure
+```
+.github/
+  workflows/
+    ci.yml              → Main CI workflow (lint, test, build)
+    release.yml         → Release/deploy workflow
+    dependabot.yml      → Dependency updates
+  actions/
+    <action-name>/      → Composite actions (reusable)
+      action.yml
+  CODEOWNERS            → Code ownership rules
+  pull_request_template.md
+```
+<!-- AGENTS-GENERATED:END structure -->
+
+<!-- AGENTS-GENERATED:START code-style -->
+## Workflow conventions
+- **Pin action versions** with full SHA, not tags (`uses: actions/checkout@abc123...`)
+- **Minimal permissions**: Use `permissions:` block, never use `permissions: write-all`
+- **Reusable workflows**: Extract common patterns to `.github/workflows/reusable-*.yml`
+- **Job dependencies**: Use `needs:` to express dependencies
+- **Caching**: Use `actions/cache` for dependencies (npm, composer, go)
+
+### Naming conventions
+| Type | Convention | Example |
+|------|------------|---------|
+| Workflow file | `<purpose>.yml` | `ci.yml`, `release.yml` |
+| Workflow name | Title Case | `CI Pipeline`, `Release` |
+| Job ID | kebab-case | `build-and-test`, `deploy-staging` |
+| Step name | Sentence case | `Install dependencies` |
+| Secret | SCREAMING_SNAKE | `DEPLOY_TOKEN`, `NPM_TOKEN` |
+<!-- AGENTS-GENERATED:END code-style -->
+
+<!-- AGENTS-GENERATED:START patterns -->
+## Common patterns
+
+### Basic CI workflow
+```yaml
+name: CI
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        with:
+          node-version: '20'
+          cache: 'npm'
+      - run: npm ci
+      - run: npm test
+```
+
+### Matrix builds
+```yaml
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+        node: ['18', '20', '22']
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        with:
+          node-version: ${{ matrix.node }}
+```
+
+### Reusable workflow
+```yaml
+# .github/workflows/reusable-test.yml
+on:
+  workflow_call:
+    inputs:
+      node-version:
+        type: string
+        default: '20'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.node-version }}
+```
+
+### Conditional deployment
+```yaml
+jobs:
+  deploy:
+    if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+    needs: [test, build]
+    environment: production
+    steps:
+      - name: Deploy
+        run: ./deploy.sh
+```
+<!-- AGENTS-GENERATED:END patterns -->
+
+<!-- AGENTS-GENERATED:START security -->
+## Security & safety
+- **NEVER** expose secrets in logs: use `::add-mask::` for dynamic secrets
+- **Pin actions** to full commit SHA, not mutable tags
+- **Minimal permissions**: Start with `contents: read`, add only what's needed
+- **Environment protection**: Use environments with required reviewers for deploys
+- **Secret scanning**: Enable in repository settings
+- **Dependency review**: Use `actions/dependency-review-action` for PRs
+- **OIDC**: Prefer OIDC over long-lived secrets for cloud providers
+<!-- AGENTS-GENERATED:END security -->
+
+<!-- AGENTS-GENERATED:START checklist -->
+## PR/commit checklist
+- [ ] Actions pinned to full SHA (not tags)
+- [ ] Permissions block uses minimal required permissions
+- [ ] Secrets are not exposed in logs
+- [ ] Workflow syntax valid: `actionlint` or GitHub UI validation
+- [ ] Matrix strategy covers required versions/platforms
+- [ ] Caching configured for dependencies
+<!-- AGENTS-GENERATED:END checklist -->
+
+<!-- AGENTS-GENERATED:START examples -->
+## Patterns to Follow
+> **Prefer looking at real code in this repo over generic examples.**
+> See **Golden Samples** section above for files that demonstrate correct patterns.
+<!-- AGENTS-GENERATED:END examples -->
+
+<!-- AGENTS-GENERATED:START help -->
+## When stuck
+- GitHub Actions docs: https://docs.github.com/en/actions
+- Workflow syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
+- Action marketplace: https://github.com/marketplace?type=actions
+- Use `act` for local testing: https://github.com/nektos/act
+- Check existing workflows in this repo for patterns
+<!-- AGENTS-GENERATED:END help -->
+
+## House Rules (project-specific)
+<!-- This section is NOT auto-generated - add your project-specific rules here -->
+{{HOUSE_RULES}}

package/skills/repo-bootstrap/assets/scoped/gitlab-ci.md

@@ -0,0 +1,174 @@
+<!-- Managed by agent: keep sections and order; edit content, not structure. Last updated: {{TIMESTAMP}} -->
+
+# AGENTS.md — {{SCOPE_NAME}}
+
+<!-- AGENTS-GENERATED:START overview -->
+## Overview
+{{SCOPE_DESCRIPTION}}
+<!-- AGENTS-GENERATED:END overview -->
+
+<!-- AGENTS-GENERATED:START filemap -->
+## Key Files
+{{SCOPE_FILE_MAP}}
+<!-- AGENTS-GENERATED:END filemap -->
+
+<!-- AGENTS-GENERATED:START golden-samples -->
+## Golden Samples (follow these patterns)
+{{SCOPE_GOLDEN_SAMPLES}}
+<!-- AGENTS-GENERATED:END golden-samples -->
+
+<!-- AGENTS-GENERATED:START setup -->
+## Pipeline configuration
+{{JOB_COUNT_LINE}}
+{{INCLUDES_LINE}}
+<!-- AGENTS-GENERATED:END setup -->
+
+<!-- AGENTS-GENERATED:START structure -->
+## File structure
+```
+.gitlab-ci.yml          → Main pipeline configuration
+.gitlab/
+  ci/
+    templates/          → Reusable job templates
+    jobs/               → Job definitions (included)
+  CODEOWNERS            → Code ownership
+```
+<!-- AGENTS-GENERATED:END structure -->
+
+<!-- AGENTS-GENERATED:START code-style -->
+## Pipeline conventions
+- Use **stages** to organize job execution order
+- **Extend templates** with `extends:` for DRY jobs
+- Use **rules:** instead of `only:/except:` (deprecated)
+- **Cache dependencies** between jobs
+- Use **artifacts** to pass files between stages
+
+### Naming conventions
+| Type | Convention | Example |
+|------|------------|---------|
+| Stage | lowercase | `build`, `test`, `deploy` |
+| Job | kebab-case with stage prefix | `build-app`, `test-unit` |
+| Variable | SCREAMING_SNAKE | `DEPLOY_ENV`, `CI_TOKEN` |
+| Template | `.template-name` (dot prefix) | `.build-template` |
+<!-- AGENTS-GENERATED:END code-style -->
+
+<!-- AGENTS-GENERATED:START patterns -->
+## Common patterns
+
+### Basic pipeline structure
+```yaml
+stages:
+  - build
+  - test
+  - deploy
+
+variables:
+  NODE_VERSION: "20"
+
+build-app:
+  stage: build
+  image: node:${NODE_VERSION}
+  script:
+    - npm ci
+    - npm run build
+  artifacts:
+    paths:
+      - dist/
+    expire_in: 1 hour
+
+test-unit:
+  stage: test
+  needs: [build-app]
+  script:
+    - npm test
+```
+
+### Reusable job template
+```yaml
+.deploy-template:
+  stage: deploy
+  image: alpine:latest
+  before_script:
+    - apk add --no-cache curl
+  script:
+    - ./deploy.sh $ENVIRONMENT
+
+deploy-staging:
+  extends: .deploy-template
+  variables:
+    ENVIRONMENT: staging
+  rules:
+    - if: $CI_COMMIT_BRANCH == "main"
+
+deploy-production:
+  extends: .deploy-template
+  variables:
+    ENVIRONMENT: production
+  rules:
+    - if: $CI_COMMIT_TAG
+  when: manual
+```
+
+### Matrix builds (parallel)
+```yaml
+test:
+  stage: test
+  parallel:
+    matrix:
+      - NODE_VERSION: ["18", "20", "22"]
+        OS: ["alpine", "debian"]
+  image: node:${NODE_VERSION}-${OS}
+  script:
+    - npm test
+```
+
+### Include external files
+```yaml
+include:
+  - local: '.gitlab/ci/templates.yml'
+  - project: 'company/ci-templates'
+    ref: main
+    file: '/templates/docker.yml'
+  - template: Security/SAST.gitlab-ci.yml
+```
+<!-- AGENTS-GENERATED:END patterns -->
+
+<!-- AGENTS-GENERATED:START security -->
+## Security & safety
+- Use **protected variables** for secrets (Settings > CI/CD > Variables)
+- **Mask variables** to prevent log exposure
+- Use **protected branches** for deployment jobs
+- Enable **SAST/DAST** scanning templates
+- **Pin Docker images** to specific versions/digests
+- Use `rules:` with `$CI_COMMIT_TAG` for release workflows
+- Review **merge request pipelines** before merging
+<!-- AGENTS-GENERATED:END security -->
+
+<!-- AGENTS-GENERATED:START checklist -->
+## PR/commit checklist
+- [ ] Pipeline syntax valid: use CI/CD > Editor > Validate
+- [ ] Jobs use appropriate stages
+- [ ] Sensitive variables are masked and protected
+- [ ] Artifacts have reasonable `expire_in` values
+- [ ] Cache keys are appropriate for the content
+- [ ] Rules conditions are correct (not using deprecated only/except)
+<!-- AGENTS-GENERATED:END checklist -->
+
+<!-- AGENTS-GENERATED:START examples -->
+## Patterns to Follow
+> **Prefer looking at real code in this repo over generic examples.**
+> See **Golden Samples** section above for files that demonstrate correct patterns.
+<!-- AGENTS-GENERATED:END examples -->
+
+<!-- AGENTS-GENERATED:START help -->
+## When stuck
+- GitLab CI docs: https://docs.gitlab.com/ee/ci/
+- CI/CD YAML syntax: https://docs.gitlab.com/ee/ci/yaml/
+- Predefined variables: https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
+- Use the pipeline editor for validation: CI/CD > Editor
+- Check existing `.gitlab-ci.yml` patterns in this repo
+<!-- AGENTS-GENERATED:END help -->
+
+## House Rules (project-specific)
+<!-- This section is NOT auto-generated - add your project-specific rules here -->
+{{HOUSE_RULES}}

package/skills/repo-bootstrap/assets/scoped/oro-bundle.md

@@ -0,0 +1,209 @@
+<!-- Managed by agent: keep sections and order; edit content, not structure. Last updated: {{TIMESTAMP}} -->
+
+# AGENTS.md — {{SCOPE_NAME}}
+
+<!-- AGENTS-GENERATED:START overview -->
+## Overview
+{{SCOPE_DESCRIPTION}}
+<!-- AGENTS-GENERATED:END overview -->
+
+<!-- AGENTS-GENERATED:START filemap -->
+## Key Files
+{{SCOPE_FILE_MAP}}
+<!-- AGENTS-GENERATED:END filemap -->
+
+<!-- AGENTS-GENERATED:START golden-samples -->
+## Golden Samples (follow these patterns)
+{{SCOPE_GOLDEN_SAMPLES}}
+<!-- AGENTS-GENERATED:END golden-samples -->
+
+<!-- AGENTS-GENERATED:START setup -->
+## Setup & environment
+{{INSTALL_LINE}}
+{{PHP_VERSION_LINE}}
+{{ORO_VERSION_LINE}}
+{{DATABASE_LINE}}
+{{SETUP_COMMANDS}}
+<!-- AGENTS-GENERATED:END setup -->
+
+<!-- AGENTS-GENERATED:START structure -->
+## Directory structure
+```
+src/
+  Acme/
+    Bundle/
+      MyBundle/
+        AcmeMyBundle.php        → Bundle class
+        Controller/             → Web and API controllers
+        Entity/                 → Doctrine entities
+        Form/                   → Form types
+        Resources/
+          config/
+            oro/                → Oro-specific configs
+              workflows.yml     → Workflow definitions
+              datagrids.yml     → Datagrid definitions
+              navigation.yml    → Menu/navigation
+              acl.yml           → ACL definitions
+            services.yml        → Service definitions
+          views/                → Twig templates
+          translations/         → Translation files
+        Migrations/
+          Schema/               → Doctrine schema migrations
+          Data/                 → Data migrations (fixtures)
+        Api/                    → API processors
+        Async/                  → Message queue processors
+        EventListener/          → Event subscribers/listeners
+        ImportExport/           → Import/export processors
+```
+<!-- AGENTS-GENERATED:END structure -->
+
+<!-- AGENTS-GENERATED:START commands -->
+## Build & tests
+{{COMMANDS_TABLE}}
+<!-- AGENTS-GENERATED:END commands -->
+
+<!-- AGENTS-GENERATED:START code-style -->
+## Code style & conventions
+- **PSR-12** coding standard
+- Strict types: `declare(strict_types=1);`
+- Symfony best practices + Oro conventions
+- Use Oro's **config-based** approach (YAML over annotations when possible)
+- Dependency injection via `services.yml`
+- Entities extend Oro base classes when applicable
+
+### Naming conventions
+| Type | Convention | Example |
+|------|------------|---------|
+| Bundle | `VendorNameBundle` | `AcmeCrmBundle` |
+| Entity | `PascalCase` | `CustomerOrder` |
+| Datagrid | `vendor-entity-grid` | `acme-orders-grid` |
+| Workflow | `vendor_entity_flow` | `acme_order_flow` |
+| API resource | `vendor_entity` | `acme_orders` |
+<!-- AGENTS-GENERATED:END code-style -->
+
+<!-- AGENTS-GENERATED:START patterns -->
+## Oro-specific patterns
+
+### Datagrids (datagrids.yml)
+```yaml
+datagrids:
+    acme-orders-grid:
+        source:
+            type: orm
+            query:
+                select:
+                    - o.id
+                    - o.orderNumber
+                from:
+                    - { table: Acme\Bundle\OrderBundle\Entity\Order, alias: o }
+        columns:
+            orderNumber:
+                label: acme.order.order_number.label
+        sorters:
+            columns:
+                orderNumber:
+                    data_name: o.orderNumber
+        filters:
+            columns:
+                orderNumber:
+                    type: string
+                    data_name: o.orderNumber
+```
+
+### Workflows (workflows.yml)
+```yaml
+workflows:
+    acme_order_flow:
+        entity: Acme\Bundle\OrderBundle\Entity\Order
+        entity_attribute: order
+        start_step: draft
+        steps:
+            draft:
+                allowed_transitions:
+                    - submit
+            submitted:
+                allowed_transitions:
+                    - approve
+                    - reject
+        transitions:
+            submit:
+                step_to: submitted
+```
+
+### ACL (acl.yml)
+```yaml
+acl:
+    acme_order_view:
+        type: entity
+        class: Acme\Bundle\OrderBundle\Entity\Order
+        permission: VIEW
+    acme_order_edit:
+        type: entity
+        class: Acme\Bundle\OrderBundle\Entity\Order
+        permission: EDIT
+```
+<!-- AGENTS-GENERATED:END patterns -->
+
+<!-- AGENTS-GENERATED:START security -->
+## Security & safety
+- **ACL**: Define permissions in `acl.yml`, check with `isGranted()`
+- **CSRF**: Oro handles automatically for forms
+- **API auth**: OAuth2 or WSSE authentication
+- **Input validation**: Use Symfony validators + Oro constraints
+- **Sensitive data**: Use Oro's `ConfigManager` for encrypted values
+- **SQL**: Always use Doctrine ORM/DBAL, never raw queries
+<!-- AGENTS-GENERATED:END security -->
+
+<!-- AGENTS-GENERATED:START checklist -->
+## PR/commit checklist
+{{CACHE_CHECKLIST_LINE}}
+{{PHPSTAN_CHECKLIST_LINE}}
+{{UNIT_TEST_CHECKLIST_LINE}}
+- [ ] Schema migrations are reversible
+- [ ] Data migrations use `DependentFixtureInterface` for ordering
+- [ ] Datagrids tested in browser
+- [ ] Workflows tested end-to-end
+- [ ] ACL permissions defined for new entities
+- [ ] Translation keys added to `messages.en.yml`
+- [ ] API resources documented with NelmioApiDocBundle annotations
+<!-- AGENTS-GENERATED:END checklist -->
+
+<!-- AGENTS-GENERATED:START examples -->
+## Patterns to Follow
+> **Prefer looking at real code in this repo over generic examples.**
+> See **Golden Samples** section above for files that demonstrate correct patterns.
+<!-- AGENTS-GENERATED:END examples -->
+
+<!-- AGENTS-GENERATED:START messaging -->
+## Message Queue patterns
+```php
+// Async processor
+class ProcessOrderProcessor implements MessageProcessorInterface
+{
+    public function process(MessageInterface $message, SessionInterface $session): string
+    {
+        $data = JSON::decode($message->getBody());
+        // Process order...
+        return self::ACK;
+    }
+}
+
+// Producer usage
+$this->messageProducer->send(ProcessOrderTopic::NAME, ['orderId' => $order->getId()]);
+```
+<!-- AGENTS-GENERATED:END messaging -->
+
+<!-- AGENTS-GENERATED:START help -->
+## When stuck
+- Oro Documentation: https://doc.oroinc.com
+- Backend Architecture: https://doc.oroinc.com/backend/architecture/
+- Datagrids: https://doc.oroinc.com/backend/entities/data-grids/
+- Workflows: https://doc.oroinc.com/backend/entities/workflows/
+- API: https://doc.oroinc.com/api/
+- Check existing bundles in `vendor/oro/` for patterns
+- Review root AGENTS.md for project-wide conventions
+<!-- AGENTS-GENERATED:END help -->
+
+## House Rules (project-specific)
+<!-- This section is NOT auto-generated - add your project-specific rules here -->
+{{HOUSE_RULES}}