@vyuhlabs/dxkit 2.4.8 → 2.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (319) hide show
  1. package/CHANGELOG.md +312 -0
  2. package/README.md +360 -439
  3. package/dist/analyzers/security/aggregator.d.ts.map +1 -1
  4. package/dist/analyzers/security/aggregator.js +4 -46
  5. package/dist/analyzers/security/aggregator.js.map +1 -1
  6. package/dist/analyzers/tools/fingerprint.d.ts +91 -26
  7. package/dist/analyzers/tools/fingerprint.d.ts.map +1 -1
  8. package/dist/analyzers/tools/fingerprint.js +111 -22
  9. package/dist/analyzers/tools/fingerprint.js.map +1 -1
  10. package/dist/analyzers/tools/generic.d.ts.map +1 -1
  11. package/dist/analyzers/tools/generic.js +6 -1
  12. package/dist/analyzers/tools/generic.js.map +1 -1
  13. package/dist/analyzers/tools/gitleaks.d.ts +24 -1
  14. package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
  15. package/dist/analyzers/tools/gitleaks.js +20 -11
  16. package/dist/analyzers/tools/gitleaks.js.map +1 -1
  17. package/dist/analyzers/tools/graphify.d.ts.map +1 -1
  18. package/dist/analyzers/tools/graphify.js +9 -5
  19. package/dist/analyzers/tools/graphify.js.map +1 -1
  20. package/dist/analyzers/tools/tool-registry.d.ts +19 -1
  21. package/dist/analyzers/tools/tool-registry.d.ts.map +1 -1
  22. package/dist/analyzers/tools/tool-registry.js +25 -0
  23. package/dist/analyzers/tools/tool-registry.js.map +1 -1
  24. package/dist/analyzers/types.d.ts +6 -4
  25. package/dist/analyzers/types.d.ts.map +1 -1
  26. package/dist/baseline/baseline-file.d.ts +104 -0
  27. package/dist/baseline/baseline-file.d.ts.map +1 -0
  28. package/dist/baseline/baseline-file.js +110 -0
  29. package/dist/baseline/baseline-file.js.map +1 -0
  30. package/dist/baseline/check-renderers.d.ts +108 -0
  31. package/dist/baseline/check-renderers.d.ts.map +1 -0
  32. package/dist/baseline/check-renderers.js +379 -0
  33. package/dist/baseline/check-renderers.js.map +1 -0
  34. package/dist/baseline/check.d.ts +127 -0
  35. package/dist/baseline/check.d.ts.map +1 -0
  36. package/dist/baseline/check.js +462 -0
  37. package/dist/baseline/check.js.map +1 -0
  38. package/dist/baseline/content-hash.d.ts +83 -0
  39. package/dist/baseline/content-hash.d.ts.map +1 -0
  40. package/dist/baseline/content-hash.js +131 -0
  41. package/dist/baseline/content-hash.js.map +1 -0
  42. package/dist/baseline/create.d.ts +96 -0
  43. package/dist/baseline/create.d.ts.map +1 -0
  44. package/dist/baseline/create.js +339 -0
  45. package/dist/baseline/create.js.map +1 -0
  46. package/dist/baseline/entry-to-located.d.ts +35 -0
  47. package/dist/baseline/entry-to-located.d.ts.map +1 -0
  48. package/dist/baseline/entry-to-located.js +72 -0
  49. package/dist/baseline/entry-to-located.js.map +1 -0
  50. package/dist/baseline/finding-identity.d.ts +47 -0
  51. package/dist/baseline/finding-identity.d.ts.map +1 -0
  52. package/dist/baseline/finding-identity.js +292 -0
  53. package/dist/baseline/finding-identity.js.map +1 -0
  54. package/dist/baseline/git-aware-match.d.ts +146 -0
  55. package/dist/baseline/git-aware-match.d.ts.map +1 -0
  56. package/dist/baseline/git-aware-match.js +439 -0
  57. package/dist/baseline/git-aware-match.js.map +1 -0
  58. package/dist/baseline/policy.d.ts +171 -0
  59. package/dist/baseline/policy.d.ts.map +1 -0
  60. package/dist/baseline/policy.js +206 -0
  61. package/dist/baseline/policy.js.map +1 -0
  62. package/dist/baseline/producers/health.d.ts +30 -0
  63. package/dist/baseline/producers/health.d.ts.map +1 -0
  64. package/dist/baseline/producers/health.js +42 -0
  65. package/dist/baseline/producers/health.js.map +1 -0
  66. package/dist/baseline/producers/index.d.ts +164 -0
  67. package/dist/baseline/producers/index.d.ts.map +1 -0
  68. package/dist/baseline/producers/index.js +200 -0
  69. package/dist/baseline/producers/index.js.map +1 -0
  70. package/dist/baseline/producers/licenses.d.ts +23 -0
  71. package/dist/baseline/producers/licenses.d.ts.map +1 -0
  72. package/dist/baseline/producers/licenses.js +46 -0
  73. package/dist/baseline/producers/licenses.js.map +1 -0
  74. package/dist/baseline/producers/quality.d.ts +39 -0
  75. package/dist/baseline/producers/quality.d.ts.map +1 -0
  76. package/dist/baseline/producers/quality.js +84 -0
  77. package/dist/baseline/producers/quality.js.map +1 -0
  78. package/dist/baseline/producers/secret-hmac.d.ts +45 -0
  79. package/dist/baseline/producers/secret-hmac.d.ts.map +1 -0
  80. package/dist/baseline/producers/secret-hmac.js +70 -0
  81. package/dist/baseline/producers/secret-hmac.js.map +1 -0
  82. package/dist/baseline/producers/security.d.ts +59 -0
  83. package/dist/baseline/producers/security.d.ts.map +1 -0
  84. package/dist/baseline/producers/security.js +135 -0
  85. package/dist/baseline/producers/security.js.map +1 -0
  86. package/dist/baseline/producers/tests.d.ts +36 -0
  87. package/dist/baseline/producers/tests.d.ts.map +1 -0
  88. package/dist/baseline/producers/tests.js +69 -0
  89. package/dist/baseline/producers/tests.js.map +1 -0
  90. package/dist/baseline/salt.d.ts +45 -0
  91. package/dist/baseline/salt.d.ts.map +1 -0
  92. package/dist/baseline/salt.js +113 -0
  93. package/dist/baseline/salt.js.map +1 -0
  94. package/dist/baseline/show.d.ts +79 -0
  95. package/dist/baseline/show.d.ts.map +1 -0
  96. package/dist/baseline/show.js +233 -0
  97. package/dist/baseline/show.js.map +1 -0
  98. package/dist/baseline/types.d.ts +482 -0
  99. package/dist/baseline/types.d.ts.map +1 -0
  100. package/dist/baseline/types.js +53 -0
  101. package/dist/baseline/types.js.map +1 -0
  102. package/dist/cli.d.ts.map +1 -1
  103. package/dist/cli.js +398 -82
  104. package/dist/cli.js.map +1 -1
  105. package/dist/constants.d.ts.map +1 -1
  106. package/dist/constants.js +0 -4
  107. package/dist/constants.js.map +1 -1
  108. package/dist/doctor.d.ts.map +1 -1
  109. package/dist/doctor.js +39 -35
  110. package/dist/doctor.js.map +1 -1
  111. package/dist/fail-on.d.ts +84 -0
  112. package/dist/fail-on.d.ts.map +1 -0
  113. package/dist/fail-on.js +128 -0
  114. package/dist/fail-on.js.map +1 -0
  115. package/dist/generator.d.ts +1 -1
  116. package/dist/generator.d.ts.map +1 -1
  117. package/dist/generator.js +81 -274
  118. package/dist/generator.js.map +1 -1
  119. package/dist/hooks-cli.d.ts +20 -0
  120. package/dist/hooks-cli.d.ts.map +1 -0
  121. package/dist/hooks-cli.js +145 -0
  122. package/dist/hooks-cli.js.map +1 -0
  123. package/dist/languages/csharp.d.ts.map +1 -1
  124. package/dist/languages/csharp.js +4 -9
  125. package/dist/languages/csharp.js.map +1 -1
  126. package/dist/languages/go.d.ts.map +1 -1
  127. package/dist/languages/go.js +3 -14
  128. package/dist/languages/go.js.map +1 -1
  129. package/dist/languages/index.d.ts +19 -1
  130. package/dist/languages/index.d.ts.map +1 -1
  131. package/dist/languages/index.js +32 -0
  132. package/dist/languages/index.js.map +1 -1
  133. package/dist/languages/java.d.ts.map +1 -1
  134. package/dist/languages/java.js +4 -6
  135. package/dist/languages/java.js.map +1 -1
  136. package/dist/languages/kotlin.d.ts.map +1 -1
  137. package/dist/languages/kotlin.js +9 -11
  138. package/dist/languages/kotlin.js.map +1 -1
  139. package/dist/languages/python.d.ts.map +1 -1
  140. package/dist/languages/python.js +4 -15
  141. package/dist/languages/python.js.map +1 -1
  142. package/dist/languages/ruby.d.ts.map +1 -1
  143. package/dist/languages/ruby.js +4 -6
  144. package/dist/languages/ruby.js.map +1 -1
  145. package/dist/languages/rust.d.ts.map +1 -1
  146. package/dist/languages/rust.js +4 -4
  147. package/dist/languages/rust.js.map +1 -1
  148. package/dist/languages/types.d.ts +29 -28
  149. package/dist/languages/types.d.ts.map +1 -1
  150. package/dist/languages/typescript.d.ts.map +1 -1
  151. package/dist/languages/typescript.js +31 -4
  152. package/dist/languages/typescript.js.map +1 -1
  153. package/dist/lib.d.ts +2 -3
  154. package/dist/lib.d.ts.map +1 -1
  155. package/dist/lib.js +3 -6
  156. package/dist/lib.js.map +1 -1
  157. package/dist/prompts.d.ts.map +1 -1
  158. package/dist/prompts.js +0 -10
  159. package/dist/prompts.js.map +1 -1
  160. package/dist/report-schema.d.ts +42 -0
  161. package/dist/report-schema.d.ts.map +1 -0
  162. package/dist/report-schema.js +54 -0
  163. package/dist/report-schema.js.map +1 -0
  164. package/dist/ship-installers.d.ts +112 -0
  165. package/dist/ship-installers.d.ts.map +1 -0
  166. package/dist/ship-installers.js +530 -0
  167. package/dist/ship-installers.js.map +1 -0
  168. package/dist/tools-cli.d.ts.map +1 -1
  169. package/dist/tools-cli.js +45 -9
  170. package/dist/tools-cli.js.map +1 -1
  171. package/dist/types.d.ts +0 -4
  172. package/dist/types.d.ts.map +1 -1
  173. package/dist/update.d.ts.map +1 -1
  174. package/dist/update.js +0 -4
  175. package/dist/update.js.map +1 -1
  176. package/package.json +17 -11
  177. package/templates/.claude/skills/dxkit-action/SKILL.md +150 -0
  178. package/templates/.claude/skills/dxkit-config/SKILL.md +124 -0
  179. package/templates/.claude/skills/dxkit-hooks/SKILL.md +109 -0
  180. package/templates/.claude/skills/dxkit-init/SKILL.md +93 -0
  181. package/templates/.claude/skills/dxkit-learn/SKILL.md +84 -0
  182. package/templates/.claude/skills/dxkit-reports/SKILL.md +111 -0
  183. package/templates/.devcontainer/devcontainer.json +55 -0
  184. package/templates/.devcontainer/install-agent-clis.sh +42 -0
  185. package/templates/.devcontainer/post-create.sh +81 -0
  186. package/templates/.githooks/pre-commit +55 -0
  187. package/templates/.githooks/pre-push +63 -0
  188. package/templates/.github/workflows/dxkit-baseline-refresh.yml +78 -0
  189. package/templates/.github/workflows/dxkit-guardrails.yml +98 -0
  190. package/templates/AGENTS.md.template +137 -0
  191. package/templates/CLAUDE.md.template +16 -245
  192. package/dist/codebase-scanner.d.ts +0 -36
  193. package/dist/codebase-scanner.d.ts.map +0 -1
  194. package/dist/codebase-scanner.js +0 -688
  195. package/dist/codebase-scanner.js.map +0 -1
  196. package/dist/project-yaml.d.ts +0 -13
  197. package/dist/project-yaml.d.ts.map +0 -1
  198. package/dist/project-yaml.js +0 -188
  199. package/dist/project-yaml.js.map +0 -1
  200. package/templates/.ai/README.md +0 -117
  201. package/templates/.ai/prompts/execution-prompt.md +0 -9
  202. package/templates/.ai/prompts/planning-prompt.md +0 -18
  203. package/templates/.ai/prompts/session-end-template.md +0 -182
  204. package/templates/.ai/prompts/session-end.md +0 -132
  205. package/templates/.ai/prompts/session-start.md +0 -109
  206. package/templates/.ai/prompts/step-by-step.md +0 -113
  207. package/templates/.ai/sessions/.gitkeep +0 -0
  208. package/templates/.claude/agents/doc-writer.md +0 -107
  209. package/templates/.claude/agents/knowledge-bot.md +0 -64
  210. package/templates/.claude/agents/onboarding.md +0 -61
  211. package/templates/.claude/agents/quality-reviewer.md +0 -85
  212. package/templates/.claude/agents-available/code-reviewer.md +0 -29
  213. package/templates/.claude/agents-available/codebase-explorer.md +0 -100
  214. package/templates/.claude/agents-available/dashboard-builder.md +0 -433
  215. package/templates/.claude/agents-available/debugger.md +0 -29
  216. package/templates/.claude/agents-available/dependency-mapper.md +0 -80
  217. package/templates/.claude/agents-available/dev-report.md +0 -108
  218. package/templates/.claude/agents-available/doc-writer.md +0 -107
  219. package/templates/.claude/agents-available/feature-builder.md +0 -163
  220. package/templates/.claude/agents-available/feature-planner.md +0 -185
  221. package/templates/.claude/agents-available/health-auditor.md +0 -95
  222. package/templates/.claude/agents-available/hooks-configurator.md +0 -211
  223. package/templates/.claude/agents-available/knowledge-bot.md +0 -62
  224. package/templates/.claude/agents-available/plan-executor.md +0 -133
  225. package/templates/.claude/agents-available/strategic-planner.md +0 -141
  226. package/templates/.claude/agents-available/test-gap-finder.md +0 -67
  227. package/templates/.claude/agents-available/test-writer.md +0 -34
  228. package/templates/.claude/agents-available/vulnerability-scanner.md +0 -173
  229. package/templates/.claude/commands/ask.md +0 -7
  230. package/templates/.claude/commands/build-feature.md +0 -26
  231. package/templates/.claude/commands/build.md.template +0 -30
  232. package/templates/.claude/commands/check.md.template +0 -43
  233. package/templates/.claude/commands/dashboard.md +0 -28
  234. package/templates/.claude/commands/deps.md +0 -15
  235. package/templates/.claude/commands/dev-report.md +0 -50
  236. package/templates/.claude/commands/docs.md +0 -21
  237. package/templates/.claude/commands/doctor.md +0 -21
  238. package/templates/.claude/commands/enable-agent.md +0 -12
  239. package/templates/.claude/commands/execute-plan.md +0 -25
  240. package/templates/.claude/commands/explore-codebase.md +0 -12
  241. package/templates/.claude/commands/export-pdf.md +0 -30
  242. package/templates/.claude/commands/feature.md +0 -25
  243. package/templates/.claude/commands/fix-issue.md +0 -12
  244. package/templates/.claude/commands/fix.md.template +0 -32
  245. package/templates/.claude/commands/health.md +0 -58
  246. package/templates/.claude/commands/help.md +0 -36
  247. package/templates/.claude/commands/learn.md +0 -48
  248. package/templates/.claude/commands/onboarding.md +0 -21
  249. package/templates/.claude/commands/plan.md +0 -20
  250. package/templates/.claude/commands/quality.md.template +0 -65
  251. package/templates/.claude/commands/session-end.md +0 -40
  252. package/templates/.claude/commands/session-start.md +0 -30
  253. package/templates/.claude/commands/setup-hooks.md +0 -18
  254. package/templates/.claude/commands/setup-pr-review.md +0 -72
  255. package/templates/.claude/commands/stealth-mode.md +0 -17
  256. package/templates/.claude/commands/test-gaps.md +0 -49
  257. package/templates/.claude/commands/test.md.template +0 -40
  258. package/templates/.claude/commands/vulnerabilities.md +0 -49
  259. package/templates/.claude/skills/build/SKILL.md.template +0 -98
  260. package/templates/.claude/skills/deploy/SKILL.md.template +0 -131
  261. package/templates/.claude/skills/deploy/references/gotchas.md +0 -5
  262. package/templates/.claude/skills/doctor/SKILL.md +0 -54
  263. package/templates/.claude/skills/gcloud/SKILL.md +0 -66
  264. package/templates/.claude/skills/gcloud/references/gotchas.md +0 -5
  265. package/templates/.claude/skills/learned/SKILL.md +0 -55
  266. package/templates/.claude/skills/learned/references/conventions.md +0 -11
  267. package/templates/.claude/skills/learned/references/deny-recommendations.md +0 -18
  268. package/templates/.claude/skills/learned/references/gotchas.md +0 -11
  269. package/templates/.claude/skills/pulumi/SKILL.md +0 -73
  270. package/templates/.claude/skills/quality/SKILL.md.template +0 -108
  271. package/templates/.claude/skills/quality/references/gotchas.md +0 -5
  272. package/templates/.claude/skills/review/SKILL.md.template +0 -73
  273. package/templates/.claude/skills/scaffold/SKILL.md.template +0 -123
  274. package/templates/.claude/skills/secrets/SKILL.md +0 -52
  275. package/templates/.claude/skills/session/SKILL.md +0 -43
  276. package/templates/.claude/skills/test/SKILL.md.template +0 -122
  277. package/templates/.claude/skills/test/references/gotchas.md +0 -5
  278. package/templates/.devcontainer/Dockerfile.dev.template +0 -89
  279. package/templates/.devcontainer/devcontainer.json.template +0 -184
  280. package/templates/.devcontainer/docker-compose.yml.template +0 -105
  281. package/templates/.devcontainer/init-scripts/01-init.sql.template +0 -12
  282. package/templates/.devcontainer/post-create.sh.template +0 -298
  283. package/templates/.github/workflows/ci.yml.template +0 -399
  284. package/templates/.github/workflows/quality.yml.template +0 -376
  285. package/templates/.pre-commit-config.yaml.template +0 -106
  286. package/templates/.project/config/edit_config.py +0 -275
  287. package/templates/.project/config/project_config.py +0 -894
  288. package/templates/.project/scripts/codegen/generate-all.sh +0 -20
  289. package/templates/.project/scripts/codegen/validate-all.sh +0 -17
  290. package/templates/.project/scripts/docs/generate-all.sh +0 -30
  291. package/templates/.project/scripts/docs/serve.sh +0 -20
  292. package/templates/.project/scripts/quality/fix-all.sh +0 -138
  293. package/templates/.project/scripts/quality/lint-go.sh +0 -34
  294. package/templates/.project/scripts/quality/lint-python.sh +0 -54
  295. package/templates/.project/scripts/quality/run-all.sh +0 -497
  296. package/templates/.project/scripts/session/commit.sh +0 -70
  297. package/templates/.project/scripts/session/create-pr.sh +0 -165
  298. package/templates/.project/scripts/session/end.sh +0 -207
  299. package/templates/.project/scripts/session/start.sh +0 -233
  300. package/templates/.project/scripts/setup/doctor.sh +0 -404
  301. package/templates/.project/scripts/setup/interactive-setup.sh +0 -585
  302. package/templates/.project/scripts/sync/sync-template.sh +0 -328
  303. package/templates/.project/scripts/test/run-all.sh +0 -179
  304. package/templates/.project/scripts/test/run-quick.sh +0 -25
  305. package/templates/Makefile +0 -514
  306. package/templates/config/versions.yaml +0 -57
  307. package/templates/configs/go/.golangci.yml.template +0 -172
  308. package/templates/configs/go/go.mod.template +0 -15
  309. package/templates/configs/java/README.md +0 -6
  310. package/templates/configs/kotlin/README.md +0 -6
  311. package/templates/configs/node/package.json.template +0 -67
  312. package/templates/configs/node/tsconfig.json.template +0 -53
  313. package/templates/configs/python/pyproject.toml.template +0 -92
  314. package/templates/configs/python/pytest.ini.template +0 -64
  315. package/templates/configs/python/ruff.toml.template +0 -79
  316. package/templates/configs/ruby/README.md +0 -6
  317. package/templates/configs/rust/Cargo.toml.template +0 -51
  318. package/templates/configs/shared/.editorconfig +0 -67
  319. package/templates/scripts/validate-templates.sh +0 -449
@@ -1,131 +0,0 @@
1
- ---
2
- name: deploy
3
- description: Deploy services, release to production, push to cloud. Use when asked about deployment, releases, shipping to production, or CI/CD.
4
- ---
5
-
6
- # Deployment
7
-
8
- ## Commands
9
- - `make deploy` - Deploy services (configure deployment target first)
10
- - `make build` - Build before deploying
11
- - `make check` - Run full validation before deploying
12
-
13
- ## Pre-Deployment Checklist
14
- - [ ] `make check` passes (quality + tests + validation)
15
- - [ ] All changes committed and pushed
16
- - [ ] PR reviewed and approved
17
- {{#IF_INFISICAL}}
18
- - [ ] Secrets pulled: `make secrets-pull`
19
- {{/IF_INFISICAL}}
20
- - [ ] No hardcoded secrets in code or config
21
-
22
- ## Deployment Safety
23
-
24
- **CRITICAL: Never auto-approve destructive deployment operations.**
25
-
26
- - Always preview/dry-run before applying changes
27
- - Require explicit user confirmation for production deployments
28
- - Never force-push or skip CI checks before deploying
29
- {{#IF_INFISICAL}}
30
-
31
- ## Secrets for Deployment
32
-
33
- Pull secrets before deploying:
34
- ```bash
35
- make secrets-pull # fetch from Infisical to .env
36
- make secrets-show # verify configuration (masked values)
37
- ```
38
-
39
- **Never pass secrets as CLI arguments** — use environment variables or secret managers.
40
- {{/IF_INFISICAL}}
41
-
42
- {{#IF_GCLOUD}}
43
- ## Google Cloud Deployment
44
-
45
- ### Cloud Run
46
- ```bash
47
- # Build and push container
48
- gcloud builds submit --tag gcr.io/$PROJECT_ID/<service-name>
49
-
50
- # Deploy (ALWAYS review before confirming)
51
- gcloud run deploy <service-name> \
52
- --image gcr.io/$PROJECT_ID/<service-name> \
53
- --region <region> \
54
- --platform managed
55
- ```
56
-
57
- ### GKE
58
- ```bash
59
- # Build image
60
- docker build -t gcr.io/$PROJECT_ID/<service-name> .
61
- docker push gcr.io/$PROJECT_ID/<service-name>
62
-
63
- # Apply manifests (review first)
64
- kubectl apply -f k8s/ --dry-run=client # preview
65
- kubectl apply -f k8s/ # apply
66
- ```
67
-
68
- **Security:** Use Workload Identity for GCP auth in production — never embed service account keys.
69
- {{/IF_GCLOUD}}
70
-
71
- {{#IF_PULUMI}}
72
- ## Pulumi Deployment
73
-
74
- ```bash
75
- # ALWAYS preview first
76
- pulumi preview
77
-
78
- # Review the diff carefully, then apply
79
- pulumi up
80
-
81
- # Check outputs
82
- pulumi stack output
83
- ```
84
-
85
- **Security:** Use `pulumi config set --secret` for sensitive config — never plain-text.
86
-
87
- **Never run `pulumi destroy` without explicit confirmation** — it deletes all resources.
88
- {{/IF_PULUMI}}
89
-
90
- {{#IF_DOCKER}}
91
- ## Docker Deployment
92
-
93
- ```bash
94
- # Build images
95
- docker-compose build
96
-
97
- # Push to registry
98
- docker-compose push
99
-
100
- # Deploy (depends on orchestration platform)
101
- docker-compose -f docker-compose.prod.yml up -d
102
- ```
103
-
104
- **Security:** Never copy `.env` files into Docker images. Use runtime environment variables.
105
- {{/IF_DOCKER}}
106
-
107
- {{#IF_CSHARP}}
108
- ## C# Deployment
109
-
110
- ```bash
111
- # Framework-dependent (requires .NET runtime on target)
112
- dotnet publish -c Release -o out/ --self-contained false
113
-
114
- # Self-contained (no runtime needed on target)
115
- dotnet publish -c Release -r linux-x64 --self-contained true
116
- ```
117
-
118
- For Docker, use multi-stage builds:
119
- - Build stage: `mcr.microsoft.com/dotnet/sdk:{{CSHARP_VERSION}}`
120
- - Runtime stage: `mcr.microsoft.com/dotnet/aspnet:{{CSHARP_VERSION}}`
121
- {{/IF_CSHARP}}
122
-
123
- ## CI/CD
124
-
125
- CI pipeline (`.github/workflows/ci.yml`) runs automatically on PR:
126
- - Validation, quality checks, tests per enabled language
127
- - Coverage enforcement at {{COVERAGE_THRESHOLD}}%
128
-
129
- ## Gotchas
130
-
131
- See [references/gotchas.md](references/gotchas.md) for known deployment issues.
@@ -1,5 +0,0 @@
1
- # Deployment Gotchas
2
-
3
- <!-- This file grows over time. Each entry is added during session-end. -->
4
- <!-- Format: date, category, description, resolution -->
5
- <!-- NEVER include secret values, tokens, or credentials here -->
@@ -1,54 +0,0 @@
1
- ---
2
- name: doctor
3
- description: Diagnose and fix development environment issues. Use when setup fails, tools are missing, the environment is broken, or something is misconfigured.
4
- ---
5
-
6
- # Doctor & Setup
7
-
8
- ## Commands
9
- - `make doctor` - Diagnose common setup issues (checks files, toolchains, config)
10
- - `make setup` - Interactive setup for new developers
11
- - `make info` - Show project configuration dashboard
12
- - `make config` - Interactive configuration editor
13
-
14
- ## What Doctor Checks
15
- 1. Core files (`.project.yaml`, `Makefile`, `.project/`)
16
- 2. YAML syntax validation
17
- 3. Language toolchain versions (Python, Go, Node, Rust)
18
- 4. Quality tools installation (linters, formatters)
19
- 5. Pre-commit hook configuration
20
- 6. Git configuration
21
- 7. Docker/Docker Compose availability
22
- 8. Service health (if infrastructure enabled)
23
-
24
- ## Common Issues & Fixes
25
-
26
- ### Missing tools
27
- ```bash
28
- make doctor # identify what's missing
29
- make setup # re-run interactive setup
30
- ```
31
-
32
- ### Config out of sync
33
- ```bash
34
- make sync # re-sync .project.yaml to language files
35
- make sync-preview # preview changes first (dry run)
36
- ```
37
-
38
- ### Pre-commit failures
39
- ```bash
40
- make fix # auto-fix all issues
41
- make check # verify everything passes
42
- ```
43
-
44
- ### Build failures after config change
45
- ```bash
46
- make sync # sync config
47
- make clean # clean artifacts
48
- make build # rebuild
49
- ```
50
-
51
- ## Environment
52
- - DevContainer-based (see `.devcontainer/`)
53
- - `post-create.sh` runs automatically on container creation
54
- - All tools installed via devcontainer features or post-create script
@@ -1,66 +0,0 @@
1
- ---
2
- name: gcloud
3
- description: Google Cloud Platform operations — gcloud CLI, Cloud Run, GKE, BigQuery, IAM, GCS. Use when asked about GCP, Google Cloud, gcloud commands, or cloud infrastructure.
4
- paths:
5
- - '**/cloudbuild.yaml'
6
- - '**/cloudbuild.yml'
7
- - '**/.gcloudignore'
8
- - '**/app.yaml'
9
- ---
10
-
11
- # Google Cloud (gcloud)
12
-
13
- ## Setup
14
- - **Auth:** `gcloud auth login` (configured during `make setup`)
15
- - **Project:** Set in `.env` as `GOOGLE_CLOUD_PROJECT`
16
- - **SDK:** Installed via devcontainer post-create script
17
-
18
- ## Common Commands
19
-
20
- ### Authentication & Project
21
- ```bash
22
- gcloud auth list # check auth status
23
- gcloud config get-value project # current project
24
- gcloud config set project <PROJECT_ID> # switch project
25
- gcloud projects list # list accessible projects
26
- ```
27
-
28
- ### Services & Resources
29
- ```bash
30
- gcloud services list --enabled # enabled APIs
31
- gcloud run services list # Cloud Run services
32
- gcloud container clusters list # GKE clusters
33
- gcloud sql instances list # Cloud SQL instances
34
- gcloud storage ls # GCS buckets
35
- ```
36
-
37
- ### Logs & Monitoring
38
- ```bash
39
- gcloud logging read "resource.type=cloud_run_revision" --limit=50
40
- gcloud logging read "severity>=ERROR" --limit=20 --format=json
41
- ```
42
-
43
- ## Integration with Secrets
44
-
45
- GCP project ID is stored in `.env`:
46
- ```
47
- GOOGLE_CLOUD_PROJECT=my-project-id
48
- ```
49
-
50
- Use `make secrets-pull` to fetch GCP-related secrets from Infisical.
51
-
52
- ## Security — CRITICAL
53
-
54
- 1. **NEVER output `gcloud auth print-access-token`** — it exposes bearer tokens
55
- 2. **NEVER output or log service account JSON keys**
56
- 3. **NEVER embed credentials in code** — use Workload Identity or Application Default Credentials
57
- 4. Use `gcloud auth application-default login` for local development
58
- 5. In production, use Workload Identity Federation (not service account keys)
59
-
60
- ## Deployment
61
-
62
- See the `deploy` skill for GCP deployment patterns (Cloud Run, GKE).
63
-
64
- ## Gotchas
65
-
66
- See [references/gotchas.md](references/gotchas.md) for GCP-specific issues.
@@ -1,5 +0,0 @@
1
- # Google Cloud Gotchas
2
-
3
- <!-- This file grows over time. Each entry is added during session-end. -->
4
- <!-- Format: date, category, description, resolution -->
5
- <!-- NEVER include secret values, tokens, credentials, or project IDs here -->
@@ -1,55 +0,0 @@
1
- ---
2
- name: learned
3
- description: Project-specific learnings, gotchas, and conventions discovered during development. Check this before starting any task for accumulated team knowledge.
4
- ---
5
-
6
- # Learned Patterns & Gotchas
7
-
8
- This skill accumulates project-specific knowledge over time.
9
- It is updated during session-end checkpoints.
10
-
11
- ## How This Works
12
-
13
- 1. During `make session-end`, the checkpoint process reviews the session
14
- 2. Any new gotchas, patterns, or conventions are appended to the reference files
15
- 3. Over time, this becomes the most valuable skill — real failure points and patterns
16
-
17
- ## Files
18
-
19
- - [references/gotchas.md](references/gotchas.md) - Accumulated gotchas and edge cases (append-only)
20
- - [references/conventions.md](references/conventions.md) - Team conventions discovered during development
21
- - [references/deny-recommendations.md](references/deny-recommendations.md) - Commands that should be added to `.claude/settings.json` deny list (requires human review)
22
-
23
- ## When to Update
24
-
25
- Update these files when you encounter:
26
- - Unexpected behaviors or edge cases
27
- - Workarounds for tool/framework bugs
28
- - Team conventions or patterns that aren't obvious from the code
29
- - Configuration pitfalls
30
- - Deployment or environment-specific issues
31
-
32
- ## When to Create a New Skill
33
-
34
- If a learning is significant enough to warrant its own skill (e.g., a specific API integration, a migration workflow, a caching pattern), create a new directory under `.claude/skills/<name>/` with a `SKILL.md` instead of appending here. This skill (`learned`) is for general cross-cutting knowledge; domain-specific knowledge deserves its own skill.
35
-
36
- ## Format
37
-
38
- ### Gotchas
39
- ```markdown
40
- ## YYYY-MM-DD - Category / Short Title
41
- Description of the issue.
42
- **Resolution:** How it was resolved.
43
- ```
44
-
45
- ### Conventions
46
- ```markdown
47
- ## Category - Convention Name
48
- Description of the convention.
49
- **Rationale:** Why this convention was adopted.
50
- ```
51
-
52
- ## Security
53
-
54
- **NEVER include secret values, tokens, passwords, or API keys in any file under this skill.**
55
- If a gotcha involves credentials, describe the issue generically without exposing actual values.
@@ -1,11 +0,0 @@
1
- # Team Conventions
2
-
3
- <!-- Discovered conventions are added here during session-end. -->
4
- <!-- Format: category, convention, rationale -->
5
- <!-- NEVER include secret values, tokens, or credentials here -->
6
-
7
- <!-- Example:
8
- ## Python - Use App Factory Pattern
9
- All FastAPI applications should use the app factory pattern (create_app function) rather than module-level app instantiation.
10
- **Rationale:** Enables test isolation and configuration flexibility. Adopted after test pollution issues in the auth service.
11
- -->
@@ -1,18 +0,0 @@
1
- # Deny Rule Recommendations
2
-
3
- <!--
4
- This file tracks commands/actions that SHOULD be added to .claude/settings.json deny list.
5
- Claude cannot modify settings.json directly (security boundary).
6
- A developer should periodically review this file and promote entries to settings.json.
7
-
8
- Format:
9
- ## YYYY-MM-DD - Rule
10
- `DenyPattern` — reason this should be blocked
11
- **Context:** what happened that surfaced this need
12
- -->
13
-
14
- <!-- Example:
15
- ## 2025-12-15 - Block database drop
16
- `Bash(dropdb:*)` — accidentally dropped staging database during cleanup
17
- **Context:** Claude ran dropdb instead of truncating tables during test cleanup
18
- -->
@@ -1,11 +0,0 @@
1
- # Project Gotchas
2
-
3
- <!-- This file grows over time. Each entry is added during session-end. -->
4
- <!-- Format: date, category, description, resolution -->
5
- <!-- NEVER include secret values, tokens, or credentials here -->
6
-
7
- <!-- Example:
8
- ## 2025-12-15 - Python / Import Order
9
- ruff's isort rules conflict with local imports when using relative paths in the src/ directory.
10
- **Resolution:** Use absolute imports from package root (e.g., `from mypackage.module import X`).
11
- -->
@@ -1,73 +0,0 @@
1
- ---
2
- name: pulumi
3
- description: Pulumi infrastructure as code — stacks, previews, deployments, config. Use when asked about IaC, Pulumi, cloud resources, infrastructure provisioning, or stack management.
4
- paths:
5
- - 'Pulumi.yaml'
6
- - 'Pulumi.yml'
7
- - 'Pulumi.*.yaml'
8
- - '**/Pulumi.yaml'
9
- - '**/Pulumi.*.yaml'
10
- ---
11
-
12
- # Pulumi (Infrastructure as Code)
13
-
14
- ## Setup
15
- - **Auth:** `pulumi login` (configured during `make setup`)
16
- - **SDK:** Installed via devcontainer post-create script
17
- - **Path:** `~/.pulumi/bin/pulumi`
18
-
19
- ## Core Workflow
20
-
21
- **ALWAYS preview before applying changes:**
22
-
23
- ```bash
24
- # 1. Preview changes (safe, read-only)
25
- pulumi preview
26
-
27
- # 2. Review the diff carefully
28
-
29
- # 3. Apply changes (REQUIRES explicit user confirmation)
30
- pulumi up
31
-
32
- # 4. Check outputs
33
- pulumi stack output
34
- ```
35
-
36
- ## Common Commands
37
-
38
- ### Stack Management
39
- ```bash
40
- pulumi stack ls # list stacks
41
- pulumi stack select <name> # switch stack
42
- pulumi stack output # view outputs
43
- pulumi stack export # export state
44
- ```
45
-
46
- ### Configuration
47
- ```bash
48
- pulumi config # view config
49
- pulumi config set key value # set plain config
50
- pulumi config set --secret key value # set encrypted secret
51
- pulumi config get key # get value
52
- ```
53
-
54
- ### State & History
55
- ```bash
56
- pulumi stack history # deployment history
57
- pulumi state # inspect state
58
- pulumi refresh # sync state with cloud
59
- ```
60
-
61
- ## Security — CRITICAL
62
-
63
- 1. **ALWAYS `pulumi preview` before `pulumi up`** — review the diff
64
- 2. **NEVER run `pulumi destroy` without explicit user confirmation** — it deletes all resources
65
- 3. **Use `pulumi config set --secret`** for sensitive values — never plain-text
66
- 4. **NEVER output `pulumi config get --secret`** values in responses
67
- 5. **State files may contain secrets** — ensure backend is secure (encrypted)
68
- 6. Pulumi passphrase (if using local backend) should be in `.env`, never hardcoded
69
-
70
- ## Integration
71
-
72
- - Secrets from Infisical can be used as Pulumi config values
73
- - GCP project from `.env` (`GOOGLE_CLOUD_PROJECT`) can configure Pulumi GCP provider
@@ -1,108 +0,0 @@
1
- ---
2
- name: quality
3
- description: Run code quality checks, linting, formatting, and auto-fixing. Use when asked to check code quality, fix lint errors, format code, or run pre-commit checks.
4
- ---
5
-
6
- # Code Quality
7
-
8
- ## Commands
9
- - `make quality` - Run all quality checks (report: `tmp/reports/quality-report.md`)
10
- - `make quality-fix` - Auto-fix all fixable issues
11
- - `make lint` - Lint only
12
- - `make format` - Format all code
13
- - `make fix` - Fix + format (shorthand)
14
- - `make check` - Full pre-commit check (validate + quality + test)
15
- - `make format-check` - Check formatting without modifying
16
-
17
- ## Quality Presets
18
- - `make quality-strict` - 90% coverage, all checks
19
- - `make quality-standard` - 80% coverage (default)
20
- - `make quality-relaxed` - 50% coverage
21
- - `make quality-off` - Disable checks
22
- - `make quality-config` - Show current settings
23
-
24
- {{#IF_PYTHON}}
25
- ## Python
26
-
27
- **Tools:** ruff (lint + format), mypy (types)
28
- **Config:** `ruff.toml`, `pyproject.toml`
29
- **Script:** `.project/scripts/quality/lint-python.sh`
30
-
31
- Common fixes:
32
- ```bash
33
- ruff check --fix .
34
- ruff format .
35
- mypy src/
36
- ```
37
-
38
- Key ruff rules: pycodestyle (E), pyflakes (F), isort (I), mccabe (C90), bugbear (B).
39
- Per-file ignores configured in `ruff.toml` for tests (assertions, fixtures).
40
- {{/IF_PYTHON}}
41
-
42
- {{#IF_GO}}
43
- ## Go
44
-
45
- **Tools:** golangci-lint (27 linters), gofmt, goimports
46
- **Config:** `.golangci.yml`
47
- **Script:** `.project/scripts/quality/lint-go.sh`
48
-
49
- Common fixes:
50
- ```bash
51
- gofmt -w .
52
- goimports -w .
53
- golangci-lint run --fix
54
- ```
55
- {{/IF_GO}}
56
-
57
- {{#IF_NODE}}
58
- ## Node.js
59
-
60
- **Tools:** ESLint, Prettier
61
- Common fixes:
62
- ```bash
63
- npx prettier --write .
64
- npx eslint --fix .
65
- ```
66
- {{/IF_NODE}}
67
-
68
- {{#IF_NEXTJS}}
69
- ## Next.js
70
-
71
- **Directory:** `frontend/`
72
- ```bash
73
- cd frontend && npm run lint
74
- cd frontend && npx prettier --write .
75
- cd frontend && npx tsc --noEmit # type check
76
- ```
77
- {{/IF_NEXTJS}}
78
-
79
- {{#IF_RUST}}
80
- ## Rust
81
-
82
- **Tools:** clippy, rustfmt
83
- ```bash
84
- cargo fmt
85
- cargo clippy --fix --allow-dirty
86
- ```
87
- {{/IF_RUST}}
88
-
89
- {{#IF_CSHARP}}
90
- ## C#
91
-
92
- **Tools:** dotnet format, Roslyn Analyzers, StyleCop Analyzers
93
- **Config:** `.editorconfig`, `Directory.Build.props`
94
-
95
- Common fixes:
96
- ```bash
97
- dotnet format # auto-fix formatting
98
- dotnet format --verify-no-changes # CI check (no modifications)
99
- ```
100
- {{/IF_CSHARP}}
101
-
102
- ## Gotchas
103
-
104
- See [references/gotchas.md](references/gotchas.md) for known quality issues.
105
-
106
- ## Security
107
-
108
- Never disable security-related lint rules. If a rule seems wrong, investigate before suppressing.
@@ -1,5 +0,0 @@
1
- # Quality Gotchas
2
-
3
- <!-- This file grows over time. Each entry is added during session-end. -->
4
- <!-- Format: date, category, description, resolution -->
5
- <!-- NEVER include secret values, tokens, or credentials here -->
@@ -1,73 +0,0 @@
1
- ---
2
- name: review
3
- description: Review code for quality, security, and patterns. Use when asked to review code, a PR, check for problems, or audit for security issues.
4
- ---
5
-
6
- # Code Review
7
-
8
- ## Quick Check
9
- Run `make check` first — it validates, lints, tests, and checks docs in one command.
10
-
11
- ## Review Checklist
12
-
13
- ### 1. Quality
14
- - [ ] `make quality` passes
15
- - [ ] Coverage meets threshold ({{COVERAGE_THRESHOLD}}%)
16
- - [ ] No suppressed lint rules without justification
17
-
18
- ### 2. Security
19
- - [ ] No hardcoded secrets, API keys, tokens, or passwords
20
- - [ ] No secrets in commit messages, comments, or logs
21
- - [ ] User input is validated/sanitized at system boundaries
22
- - [ ] No SQL injection, XSS, or command injection vectors
23
- - [ ] Sensitive files are gitignored (`.env`, credentials)
24
-
25
- ### 3. Testing
26
- - [ ] New features have tests
27
- - [ ] Edge cases and error paths tested
28
- - [ ] Tests are deterministic (no timing/order dependencies)
29
-
30
- ### 4. Architecture
31
- - [ ] Follows existing patterns in the codebase
32
- - [ ] Dependencies injected (not imported directly in business logic)
33
- - [ ] Error handling is consistent
34
-
35
- {{#IF_PYTHON}}
36
- ### Python-Specific
37
- - [ ] Type hints on public functions
38
- - [ ] Pydantic models for data validation
39
- - [ ] No bare `except:` — catch specific exceptions
40
- - [ ] Async/await used correctly (no blocking in async context)
41
- {{/IF_PYTHON}}
42
-
43
- {{#IF_GO}}
44
- ### Go-Specific
45
- - [ ] Errors checked and handled (no `_` for errors)
46
- - [ ] Context propagated through call chains
47
- - [ ] Proper resource cleanup (defer for Close/Unlock)
48
- - [ ] Table-driven tests used where appropriate
49
- {{/IF_GO}}
50
-
51
- {{#IF_NEXTJS}}
52
- ### Next.js-Specific
53
- - [ ] Server vs client components used correctly
54
- - [ ] No sensitive data in client components
55
- - [ ] TypeScript strict mode compliance
56
- {{/IF_NEXTJS}}
57
-
58
- {{#IF_CSHARP}}
59
- ### C#-Specific
60
- - [ ] Nullable reference types enabled (`#nullable enable`)
61
- - [ ] Async/await used correctly (no blocking on async with `.Result` or `.Wait()`)
62
- - [ ] IDisposable resources properly disposed (`using` statements)
63
- - [ ] LINQ used appropriately (not in hot paths without reason)
64
- - [ ] Dependency injection used (no `new` for services)
65
- - [ ] No hardcoded connection strings
66
- {{/IF_CSHARP}}
67
-
68
- ## Common Issues
69
- - Missing error handling
70
- - Hardcoded configuration (should use `.env` or config)
71
- - Missing tests for edge cases
72
- - Inconsistent naming conventions
73
- - Overly broad error catching