npm - @torus-engineering/tas-kit - Versions diffs - 1.11.1 → 1.13.0 - Mend

@torus-engineering/tas-kit 1.11.1 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/.tas/README.md +334 -334
package/{.claude → .tas/_platform/claude-code}/settings.json +0 -12
package/{.claude → .tas/_platform}/hooks/code-quality.js +1 -1
package/{.claude → .tas/_platform}/hooks/session-end.js +20 -25
package/{.claude → .tas}/commands/ado-create.md +5 -4
package/{.claude → .tas}/commands/ado-delete.md +5 -4
package/{.claude → .tas}/commands/ado-update.md +5 -4
package/{.claude → .tas}/commands/tas-adr.md +3 -3
package/{.claude → .tas}/commands/tas-apitest-plan.md +2 -2
package/{.claude → .tas}/commands/tas-apitest.md +4 -4
package/{.claude → .tas}/commands/tas-bug.md +6 -6
package/{.claude → .tas}/commands/tas-design.md +3 -3
package/{.claude → .tas}/commands/tas-dev.md +11 -14
package/{.claude → .tas}/commands/tas-epic.md +3 -3
package/{.claude → .tas}/commands/tas-feature.md +4 -4
package/{.claude → .tas}/commands/tas-fix.md +5 -5
package/{.claude → .tas}/commands/tas-init.md +1 -1
package/{.claude → .tas}/commands/tas-plan.md +198 -198
package/{.claude → .tas}/commands/tas-prd.md +3 -3
package/{.claude → .tas}/commands/tas-review.md +17 -15
package/{.claude → .tas}/commands/tas-sad.md +3 -3
package/{.claude → .tas}/commands/tas-security.md +4 -4
package/{.claude → .tas}/commands/tas-story.md +3 -3
package/.tas/platforms.json +5 -0
package/.tas/project-status-example.yaml +17 -17
package/{.claude/skills/ado-integration/SKILL.md → .tas/rules/ado-integration.md} +5 -15
package/{.claude/skills/api-design/SKILL.md → .tas/rules/common/api-design.md} +517 -530
package/{.claude → .tas}/rules/common/code-review.md +30 -6
package/{.claude/rules/common/post-review-agent.md → .tas/rules/common/post-implementation-review.md} +51 -49
package/{.claude → .tas}/rules/common/project-status.md +80 -80
package/{.claude → .tas}/rules/common/stack-detection.md +29 -29
package/.tas/{checklists → rules/common}/story-done.md +12 -5
package/{.claude/skills/tas-tdd/SKILL.md → .tas/rules/common/tdd.md} +4 -38
package/{.claude → .tas}/rules/common/testing.md +3 -8
package/{.claude → .tas}/rules/common/token-logging.md +36 -27
package/{.claude → .tas}/rules/csharp/api-testing.md +171 -171
package/{.claude → .tas}/rules/csharp/coding-style.md +0 -2
package/{.claude → .tas}/rules/csharp/security.md +10 -0
package/{.claude → .tas}/rules/python/coding-style.md +0 -2
package/{.claude → .tas}/rules/typescript/coding-style.md +0 -2
package/.tas/rules/typescript/patterns.md +142 -0
package/.tas/rules/typescript/security.md +88 -0
package/{.claude → .tas}/rules/typescript/testing.md +0 -4
package/{.claude → .tas}/rules/web/coding-style.md +0 -2
package/.tas/tas-example.yaml +125 -126
package/.tas/templates/ADR.md +47 -47
package/.tas/templates/Bug.md +67 -67
package/.tas/templates/Design-Spec.md +36 -36
package/.tas/templates/Epic.md +46 -46
package/.tas/templates/Feature.md +1 -1
package/.tas/templates/Security-Report.md +27 -27
package/.tas/tools/tas-ado-readme.md +169 -169
package/.tas/tools/tas-ado.py +621 -621
package/README.md +334 -334
package/bin/cli.js +91 -73
package/lib/adapters/antigravity.js +131 -0
package/lib/adapters/claude-code.js +35 -0
package/lib/adapters/codex.js +157 -0
package/lib/adapters/cursor.js +80 -0
package/lib/adapters/index.js +20 -0
package/lib/adapters/utils.js +81 -0
package/lib/deleted-files.json +99 -0
package/lib/install.js +543 -327
package/package.json +5 -4
package/.claude/agents/code-reviewer.md +0 -41
package/.claude/agents/e2e-runner.md +0 -61
package/.claude/agents/planner.md +0 -82
package/.claude/agents/tdd-guide.md +0 -84
package/.claude/commands/tas-verify.md +0 -51
package/.claude/rules/typescript/patterns.md +0 -62
package/.claude/rules/typescript/security.md +0 -28
package/.claude/settings.local.json +0 -38
package/.claude/skills/ai-regression-testing/SKILL.md +0 -364
package/.claude/skills/architecture-decision-records/SKILL.md +0 -184
package/.claude/skills/benchmark/SKILL.md +0 -98
package/.claude/skills/browser-qa/SKILL.md +0 -92
package/.claude/skills/canary-watch/SKILL.md +0 -104
package/.claude/skills/js-backend-patterns/SKILL.md +0 -603
package/.claude/skills/tas-conventions/SKILL.md +0 -65
package/.claude/skills/tas-implementation-complete/SKILL.md +0 -100
package/.claude/skills/token-logger/SKILL.md +0 -19
package/.tas/checklists/code-review.md +0 -29
package/.tas/checklists/security.md +0 -21
/package/{.claude → .tas}/agents/architect.md +0 -0
/package/{.claude → .tas}/agents/aws-reviewer.md +0 -0
/package/{.claude → .tas}/agents/build-resolver.md +0 -0
/package/{.claude → .tas}/agents/code-explorer.md +0 -0
/package/{.claude → .tas}/agents/csharp-reviewer.md +0 -0
/package/{.claude → .tas}/agents/database-reviewer.md +0 -0
/package/{.claude → .tas}/agents/doc-updater.md +0 -0
/package/{.claude → .tas}/agents/python-reviewer.md +0 -0
/package/{.claude → .tas}/agents/security-reviewer.md +0 -0
/package/{.claude → .tas}/agents/typescript-reviewer.md +0 -0
/package/{.claude → .tas}/commands/ado-get.md +0 -0
/package/{.claude → .tas}/commands/ado-status.md +0 -0
/package/{.claude → .tas}/commands/tas-brainstorm.md +0 -0
/package/{.claude → .tas}/commands/tas-e2e-mobile.md +0 -0
/package/{.claude → .tas}/commands/tas-e2e-web.md +0 -0
/package/{.claude → .tas}/commands/tas-e2e.md +0 -0
/package/{.claude → .tas}/commands/tas-functest-mobile.md +0 -0
/package/{.claude → .tas}/commands/tas-functest-web.md +0 -0
/package/{.claude → .tas}/commands/tas-functest.md +0 -0
/package/{.claude → .tas}/commands/tas-spec.md +0 -0
/package/{.claude → .tas}/commands/tas-status.md +0 -0
/package/{.claude → .tas}/rules/.gitkeep +0 -0
/package/{.claude → .tas}/rules/common/hooks.md +0 -0
/package/{.claude → .tas}/rules/common/patterns.md +0 -0
/package/{.claude → .tas}/rules/common/security.md +0 -0
/package/{.claude → .tas}/rules/csharp/hooks.md +0 -0
/package/{.claude → .tas}/rules/csharp/patterns.md +0 -0
/package/{.claude → .tas}/rules/csharp/testing.md +0 -0
/package/{.claude → .tas}/rules/python/hooks.md +0 -0
/package/{.claude → .tas}/rules/python/patterns.md +0 -0
/package/{.claude → .tas}/rules/python/security.md +0 -0
/package/{.claude → .tas}/rules/python/testing.md +0 -0
/package/{.claude → .tas}/rules/typescript/hooks.md +0 -0
/package/{.claude → .tas}/rules/web/design-quality.md +0 -0
/package/{.claude → .tas}/rules/web/hooks.md +0 -0
/package/{.claude → .tas}/rules/web/patterns.md +0 -0
/package/{.claude → .tas}/rules/web/performance.md +0 -0
/package/{.claude → .tas}/rules/web/security.md +0 -0
/package/{.claude → .tas}/rules/web/testing.md +0 -0
/package/{CLAUDE-Example.md → .tas/templates/AGENTS.md} +0 -0

package/.claude/skills/js-backend-patterns/SKILL.md DELETED Viewed

@@ -1,603 +0,0 @@
----
-name: js-backend-patterns
-description: |
-  Auto-invoke when implementing repository, service, or controller layers on Node.js/Express/Next.js,
-  fixing N+1 query problems, setting up Redis caching, adding auth middleware, or structuring
-  background job processing. NOT for API contract design (use api-design instead).
-  Specifically for Node.js/Express/Next.js stacks — not for .NET C# or Python.
-origin: ECC
-allowed-tools: Read, Grep, Glob
----
-# Backend Development Patterns
-Backend architecture patterns and best practices for scalable server-side applications.
-## When to Activate
-- Designing REST or GraphQL API endpoints
-- Implementing repository, service, or controller layers
-- Optimizing database queries (N+1, indexing, connection pooling)
-- Adding caching (Redis, in-memory, HTTP cache headers)
-- Setting up background jobs or async processing
-- Structuring error handling and validation for APIs
-- Building middleware (auth, logging, rate limiting)
-## API Design Patterns
-### RESTful API Structure
-```typescript
-// PASS: Resource-based URLs
-GET    /api/markets                 # List resources
-GET    /api/markets/:id             # Get single resource
-POST   /api/markets                 # Create resource
-PUT    /api/markets/:id             # Replace resource
-PATCH  /api/markets/:id             # Update resource
-DELETE /api/markets/:id             # Delete resource
-// PASS: Query parameters for filtering, sorting, pagination
-GET /api/markets?status=active&sort=volume&limit=20&offset=0
-```
-### Repository Pattern
-```typescript
-// Abstract data access logic
-interface MarketRepository {
-  findAll(filters?: MarketFilters): Promise<Market[]>
-  findById(id: string): Promise<Market | null>
-  create(data: CreateMarketDto): Promise<Market>
-  update(id: string, data: UpdateMarketDto): Promise<Market>
-  delete(id: string): Promise<void>
-}
-class SupabaseMarketRepository implements MarketRepository {
-  async findAll(filters?: MarketFilters): Promise<Market[]> {
-    let query = supabase.from('markets').select('*')
-    if (filters?.status) {
-      query = query.eq('status', filters.status)
-    }
-    if (filters?.limit) {
-      query = query.limit(filters.limit)
-    }
-    const { data, error } = await query
-    if (error) throw new Error(error.message)
-    return data
-  }
-  // Other methods...
-}
-```
-### Service Layer Pattern
-```typescript
-// Business logic separated from data access
-class MarketService {
-  constructor(private marketRepo: MarketRepository) {}
-  async searchMarkets(query: string, limit: number = 10): Promise<Market[]> {
-    // Business logic
-    const embedding = await generateEmbedding(query)
-    const results = await this.vectorSearch(embedding, limit)
-    // Fetch full data
-    const markets = await this.marketRepo.findByIds(results.map(r => r.id))
-    // Sort by similarity
-    return markets.sort((a, b) => {
-      const scoreA = results.find(r => r.id === a.id)?.score || 0
-      const scoreB = results.find(r => r.id === b.id)?.score || 0
-      return scoreA - scoreB
-    })
-  }
-  private async vectorSearch(embedding: number[], limit: number) {
-    // Vector search implementation
-  }
-}
-```
-### Middleware Pattern
-```typescript
-// Request/response processing pipeline
-export function withAuth(handler: NextApiHandler): NextApiHandler {
-  return async (req, res) => {
-    const token = req.headers.authorization?.replace('Bearer ', '')
-    if (!token) {
-      return res.status(401).json({ error: 'Unauthorized' })
-    }
-    try {
-      const user = await verifyToken(token)
-      req.user = user
-      return handler(req, res)
-    } catch (error) {
-      return res.status(401).json({ error: 'Invalid token' })
-    }
-  }
-}
-// Usage
-export default withAuth(async (req, res) => {
-  // Handler has access to req.user
-})
-```
-## Database Patterns
-### Query Optimization
-```typescript
-// PASS: GOOD: Select only needed columns
-const { data } = await supabase
-  .from('markets')
-  .select('id, name, status, volume')
-  .eq('status', 'active')
-  .order('volume', { ascending: false })
-  .limit(10)
-// FAIL: BAD: Select everything
-const { data } = await supabase
-  .from('markets')
-  .select('*')
-```
-### N+1 Query Prevention
-```typescript
-// FAIL: BAD: N+1 query problem
-const markets = await getMarkets()
-for (const market of markets) {
-  market.creator = await getUser(market.creator_id)  // N queries
-}
-// PASS: GOOD: Batch fetch
-const markets = await getMarkets()
-const creatorIds = markets.map(m => m.creator_id)
-const creators = await getUsers(creatorIds)  // 1 query
-const creatorMap = new Map(creators.map(c => [c.id, c]))
-markets.forEach(market => {
-  market.creator = creatorMap.get(market.creator_id)
-})
-```
-### Transaction Pattern
-```typescript
-async function createMarketWithPosition(
-  marketData: CreateMarketDto,
-  positionData: CreatePositionDto
-) {
-  // Use Supabase transaction
-  const { data, error } = await supabase.rpc('create_market_with_position', {
-    market_data: marketData,
-    position_data: positionData
-  })
-  if (error) throw new Error('Transaction failed')
-  return data
-}
-// SQL function in Supabase
-CREATE OR REPLACE FUNCTION create_market_with_position(
-  market_data jsonb,
-  position_data jsonb
-)
-RETURNS jsonb
-LANGUAGE plpgsql
-AS $$
-BEGIN
-  -- Start transaction automatically
-  INSERT INTO markets VALUES (market_data);
-  INSERT INTO positions VALUES (position_data);
-  RETURN jsonb_build_object('success', true);
-EXCEPTION
-  WHEN OTHERS THEN
-    -- Rollback happens automatically
-    RETURN jsonb_build_object('success', false, 'error', SQLERRM);
-END;
-$$;
-```
-## Caching Strategies
-### Redis Caching Layer
-```typescript
-class CachedMarketRepository implements MarketRepository {
-  constructor(
-    private baseRepo: MarketRepository,
-    private redis: RedisClient
-  ) {}
-  async findById(id: string): Promise<Market | null> {
-    // Check cache first
-    const cached = await this.redis.get(`market:${id}`)
-    if (cached) {
-      return JSON.parse(cached)
-    }
-    // Cache miss - fetch from database
-    const market = await this.baseRepo.findById(id)
-    if (market) {
-      // Cache for 5 minutes
-      await this.redis.setex(`market:${id}`, 300, JSON.stringify(market))
-    }
-    return market
-  }
-  async invalidateCache(id: string): Promise<void> {
-    await this.redis.del(`market:${id}`)
-  }
-}
-```
-### Cache-Aside Pattern
-```typescript
-async function getMarketWithCache(id: string): Promise<Market> {
-  const cacheKey = `market:${id}`
-  // Try cache
-  const cached = await redis.get(cacheKey)
-  if (cached) return JSON.parse(cached)
-  // Cache miss - fetch from DB
-  const market = await db.markets.findUnique({ where: { id } })
-  if (!market) throw new Error('Market not found')
-  // Update cache
-  await redis.setex(cacheKey, 300, JSON.stringify(market))
-  return market
-}
-```
-## Error Handling Patterns
-### Centralized Error Handler
-```typescript
-class ApiError extends Error {
-  constructor(
-    public statusCode: number,
-    public message: string,
-    public isOperational = true
-  ) {
-    super(message)
-    Object.setPrototypeOf(this, ApiError.prototype)
-  }
-}
-export function errorHandler(error: unknown, req: Request): Response {
-  if (error instanceof ApiError) {
-    return NextResponse.json({
-      success: false,
-      error: error.message
-    }, { status: error.statusCode })
-  }
-  if (error instanceof z.ZodError) {
-    return NextResponse.json({
-      success: false,
-      error: 'Validation failed',
-      details: error.errors
-    }, { status: 400 })
-  }
-  // Log unexpected errors
-  console.error('Unexpected error:', error)
-  return NextResponse.json({
-    success: false,
-    error: 'Internal server error'
-  }, { status: 500 })
-}
-// Usage
-export async function GET(request: Request) {
-  try {
-    const data = await fetchData()
-    return NextResponse.json({ success: true, data })
-  } catch (error) {
-    return errorHandler(error, request)
-  }
-}
-```
-### Retry with Exponential Backoff
-```typescript
-async function fetchWithRetry<T>(
-  fn: () => Promise<T>,
-  maxRetries = 3
-): Promise<T> {
-  let lastError: Error
-  for (let i = 0; i < maxRetries; i++) {
-    try {
-      return await fn()
-    } catch (error) {
-      lastError = error as Error
-      if (i < maxRetries - 1) {
-        // Exponential backoff: 1s, 2s, 4s
-        const delay = Math.pow(2, i) * 1000
-        await new Promise(resolve => setTimeout(resolve, delay))
-      }
-    }
-  }
-  throw lastError!
-}
-// Usage
-const data = await fetchWithRetry(() => fetchFromAPI())
-```
-## Authentication & Authorization
-### JWT Token Validation
-```typescript
-import jwt from 'jsonwebtoken'
-interface JWTPayload {
-  userId: string
-  email: string
-  role: 'admin' | 'user'
-}
-export function verifyToken(token: string): JWTPayload {
-  try {
-    const payload = jwt.verify(token, process.env.JWT_SECRET!) as JWTPayload
-    return payload
-  } catch (error) {
-    throw new ApiError(401, 'Invalid token')
-  }
-}
-export async function requireAuth(request: Request) {
-  const token = request.headers.get('authorization')?.replace('Bearer ', '')
-  if (!token) {
-    throw new ApiError(401, 'Missing authorization token')
-  }
-  return verifyToken(token)
-}
-// Usage in API route
-export async function GET(request: Request) {
-  const user = await requireAuth(request)
-  const data = await getDataForUser(user.userId)
-  return NextResponse.json({ success: true, data })
-}
-```
-### Role-Based Access Control
-```typescript
-type Permission = 'read' | 'write' | 'delete' | 'admin'
-interface User {
-  id: string
-  role: 'admin' | 'moderator' | 'user'
-}
-const rolePermissions: Record<User['role'], Permission[]> = {
-  admin: ['read', 'write', 'delete', 'admin'],
-  moderator: ['read', 'write', 'delete'],
-  user: ['read', 'write']
-}
-export function hasPermission(user: User, permission: Permission): boolean {
-  return rolePermissions[user.role].includes(permission)
-}
-export function requirePermission(permission: Permission) {
-  return (handler: (request: Request, user: User) => Promise<Response>) => {
-    return async (request: Request) => {
-      const user = await requireAuth(request)
-      if (!hasPermission(user, permission)) {
-        throw new ApiError(403, 'Insufficient permissions')
-      }
-      return handler(request, user)
-    }
-  }
-}
-// Usage - HOF wraps the handler
-export const DELETE = requirePermission('delete')(
-  async (request: Request, user: User) => {
-    // Handler receives authenticated user with verified permission
-    return new Response('Deleted', { status: 200 })
-  }
-)
-```
-## Rate Limiting
-### Simple In-Memory Rate Limiter
-```typescript
-class RateLimiter {
-  private requests = new Map<string, number[]>()
-  async checkLimit(
-    identifier: string,
-    maxRequests: number,
-    windowMs: number
-  ): Promise<boolean> {
-    const now = Date.now()
-    const requests = this.requests.get(identifier) || []
-    // Remove old requests outside window
-    const recentRequests = requests.filter(time => now - time < windowMs)
-    if (recentRequests.length >= maxRequests) {
-      return false  // Rate limit exceeded
-    }
-    // Add current request
-    recentRequests.push(now)
-    this.requests.set(identifier, recentRequests)
-    return true
-  }
-}
-const limiter = new RateLimiter()
-export async function GET(request: Request) {
-  const ip = request.headers.get('x-forwarded-for') || 'unknown'
-  const allowed = await limiter.checkLimit(ip, 100, 60000)  // 100 req/min
-  if (!allowed) {
-    return NextResponse.json({
-      error: 'Rate limit exceeded'
-    }, { status: 429 })
-  }
-  // Continue with request
-}
-```
-## Background Jobs & Queues
-### Simple Queue Pattern
-```typescript
-class JobQueue<T> {
-  private queue: T[] = []
-  private processing = false
-  async add(job: T): Promise<void> {
-    this.queue.push(job)
-    if (!this.processing) {
-      this.process()
-    }
-  }
-  private async process(): Promise<void> {
-    this.processing = true
-    while (this.queue.length > 0) {
-      const job = this.queue.shift()!
-      try {
-        await this.execute(job)
-      } catch (error) {
-        console.error('Job failed:', error)
-      }
-    }
-    this.processing = false
-  }
-  private async execute(job: T): Promise<void> {
-    // Job execution logic
-  }
-}
-// Usage for indexing markets
-interface IndexJob {
-  marketId: string
-}
-const indexQueue = new JobQueue<IndexJob>()
-export async function POST(request: Request) {
-  const { marketId } = await request.json()
-  // Add to queue instead of blocking
-  await indexQueue.add({ marketId })
-  return NextResponse.json({ success: true, message: 'Job queued' })
-}
-```
-## Logging & Monitoring
-### Structured Logging
-```typescript
-interface LogContext {
-  userId?: string
-  requestId?: string
-  method?: string
-  path?: string
-  [key: string]: unknown
-}
-class Logger {
-  log(level: 'info' | 'warn' | 'error', message: string, context?: LogContext) {
-    const entry = {
-      timestamp: new Date().toISOString(),
-      level,
-      message,
-      ...context
-    }
-    console.log(JSON.stringify(entry))
-  }
-  info(message: string, context?: LogContext) {
-    this.log('info', message, context)
-  }
-  warn(message: string, context?: LogContext) {
-    this.log('warn', message, context)
-  }
-  error(message: string, error: Error, context?: LogContext) {
-    this.log('error', message, {
-      ...context,
-      error: error.message,
-      stack: error.stack
-    })
-  }
-}
-const logger = new Logger()
-// Usage
-export async function GET(request: Request) {
-  const requestId = crypto.randomUUID()
-  logger.info('Fetching markets', {
-    requestId,
-    method: 'GET',
-    path: '/api/markets'
-  })
-  try {
-    const markets = await fetchMarkets()
-    return NextResponse.json({ success: true, data: markets })
-  } catch (error) {
-    logger.error('Failed to fetch markets', error as Error, { requestId })
-    return NextResponse.json({ error: 'Internal error' }, { status: 500 })
-  }
-}
-```
-**Remember**: Backend patterns enable scalable, maintainable server-side applications. Choose patterns that fit your complexity level.

package/.claude/skills/tas-conventions/SKILL.md DELETED Viewed

@@ -1,65 +0,0 @@
----
-name: tas-conventions
-description: |
-  Coding conventions and naming rules for Torus projects.
-  Auto-invoke when writing new code, reviewing code, refactoring,
-  or when user asks about coding standards.
-allowed-tools: Read, Grep, Glob
----
-# TAS Conventions
-When generating or reviewing code, MUST follow conventions defined in project's `CLAUDE.md`.
-## When to Use
-- Before generating new code (check conventions)
-- When reviewing user's code (verify compliance)
-- When user asks "what to name?", "what format?"
-- DO NOT invoke when: reading files only, not related to code output
-## Always / Ask / Never
-| | Action |
-|---|---|
-| **Always** | Read `CLAUDE.md` before applying convention |
-| **Always** | Point to specific file:line when detecting violation |
-| **Ask** | When convention in CLAUDE.md is vague or has conflict |
-| **Never** | Hardcode convention (naming, format) without reading CLAUDE.md first |
-| **Never** | Apply convention from other project to current project |
-## Checklist
-- Read `CLAUDE.md` to get naming conventions, branching, commit format, stack rules
-- Enforce those conventions in code output
-- If code violates conventions, point specifically: file:line + violated convention + how to fix
-## Common Conventions (Default — override by CLAUDE.md)
-These default conventions only apply when `CLAUDE.md` doesn't define otherwise:
-- Variables/functions: `camelCase`
-- Types/Interfaces/Components: `PascalCase`
-- Constants: `UPPER_SNAKE_CASE`
-- Boolean vars: prefix `is`, `has`, `should`, `can`
-- File naming: kebab-case for files, PascalCase for components
-- Commit format: `<type>: <description>` (feat, fix, refactor, docs, test, chore)
-## Red Flags
-- Magic numbers in code (e.g., `if (count > 50)`) → must use named constant
-- Deep nesting >4 levels → use early return or extract method
-- Function >50 lines → extract to smaller functions
-- File >800 lines → extract to modules
-- Variable with 1-2 char name (`x`, `t`, `d`) in production code → use descriptive name
-- `any` type in TypeScript → use specific type or generic
-- Large commented-out code block → delete if not needed, use git history instead
-## Verification
-- [ ] CLAUDE.md has been read before reviewing/generating code
-- [ ] Naming follows conventions in CLAUDE.md
-- [ ] No magic numbers
-- [ ] No deep nesting (>4 levels)
-- [ ] Functions < 50 lines, files < 800 lines
-- [ ] Commit message follows defined format