@wistantkode/dotfiles 1.3.0 → 1.4.0

package/CHANGELOG.md

@@ -2,6 +2,26 @@
 
 All notable changes to this project will be documented in this file.
 
+## [1.4.0] - 2026-04-05 - [Community-Grade Governance]
+
+### Added
+
+- **Complete Protocol Index**: `_INDEX.md` expanded from 5 to 9 entries, covering all protocols (`INIT`, `REFACTOR`, `TEST`, `DOTFILES`).
+- **Activation Triggers**: `RODIN.md` and `INIT.md` now include explicit `[!IMPORTANT]` activation blocks for unambiguous agent invocation.
+- **Generalized Security Phase**: `SECURITY.md` Phase 3 now covers JWT, HMAC, OAuth, and data isolation patterns beyond Prisma-specific scope.
+
+### Changed
+
+- **Community-Grade Rewrite**: `github.sh` fully rewritten in technical English with system-style labels (`[ABORT]`, `[WARNING]`, `[PUSH]`, `[GATE]`). All personal/informal language removed.
+- **Stack-Agnostic Protocols**: `ASSIST.md` operational modes decoupled from specific stacks (Next.js, Tailwind, Shadcn). Now applicable to any engineering context.
+- **Cross-Reference Integrity**: All protocol cross-references in `ASSIST.md` and `_INDEX.md` are now complete and consistent.
+- **RODIN.md**: Rewritten in English, neutral community tone. Suitable for external contributors.
+- **RELEASE.md**: Monorepo path references generalized to support both single-package and workspace architectures.
+
+### Removed
+
+- **`gitmessage` template**: Superseded by the `COMMIT.md` protocol. Removed to eliminate redundancy.
+
 ## [1.3.0] - 2026-04-04 - [Architectural Identity & AI Orchestration]
 
 ### Added

package/github.sh

@@ -2,7 +2,7 @@
 
 # --- GITHUB SYNC (SYSTEM PROTOCOL) ---
 
-# Couleurs & Style
+# Colors & Style
 GRAY='\033[90m'
 BOLD='\033[1m'
 RED='\033[31m'
@@ -11,22 +11,22 @@ YELLOW='\033[33m'
 CYAN='\033[36m'
 RESET='\033[0m'
 
-# Utilitaires
+# Utilities
 print_banner() {
     echo -e "${GRAY}--------------------------------------------------${RESET}"
     echo -e "${BOLD}  INTEGRITY AUDIT : GITHUB SYNC${RESET}"
     echo -e "${GRAY}--------------------------------------------------${RESET}"
 }
 
-refuse() {
-    echo -e "\n${RED}${BOLD}REFUS : $1${RESET}"
-    echo -e "${GRAY}L'intégrité de l'infrastructure prime sur la vitesse.${RESET}"
+abort() {
+    echo -e "\n${RED}${BOLD}[ABORT]${RESET} $1"
+    echo -e "${GRAY}Infrastructure integrity takes precedence over speed.${RESET}"
     echo -e "${GRAY}--------------------------------------------------${RESET}"
     exit 1
 }
 
 ask_confirm() {
-    echo -ne "${YELLOW}${BOLD}Confirmation requise :${RESET} $1 [y/N] "
+    echo -ne "${YELLOW}${BOLD}[CONFIRM]${RESET} $1 [y/N] "
     read -r response
     if [[ ! "$response" =~ ^([yY][eE][sS]|[yY])$ ]]; then
         return 1
@@ -34,22 +34,22 @@ ask_confirm() {
     return 0
 }
 
-# --- DÉBUT DE L'AUDIT ---
+# --- AUDIT START ---
 print_banner
 
-# 1. État Interne (Staging Audit)
+# 1. Working Tree Audit
 if ! git diff-index --quiet HEAD --; then
-    echo -e "${YELLOW}Avertissement :${RESET} Tu as des modifications non commitées."
+    echo -e "${YELLOW}[WARNING]${RESET} Uncommitted changes detected in the working tree."
     git status -s
-    refuse "Ton historique doit être pur (atomique) avant toute projection distante."
+    abort "History is not clean. Remote projection requires a pure commit history."
 fi
 
-# 2. Détection de Branche & Contexte
+# 2. Branch Detection
 CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD)
-echo -e "${BOLD}Localisation :${RESET} Branche ${CYAN}${BOLD}${CURRENT_BRANCH}${RESET}"
+echo -e "${BOLD}[CONTEXT]${RESET} Current branch: ${CYAN}${BOLD}${CURRENT_BRANCH}${RESET}"
 
-# 3. Audit des Tags (Delta Local vs Distant)
-echo -e "${GRAY}Analyse du scellement (tags)...${RESET}"
+# 3. Tag Delta Audit (Local vs Remote)
+echo -e "${GRAY}[AUDIT]   Scanning tag versions...${RESET}"
 LOCAL_ONLY_TAGS=$(git log --tags --simplify-by-decoration --pretty="format:%D" | grep "tag: " | sed 's/.*tag: \([^,)]*\).*/\1/' | while read tag; do
     if ! git ls-remote --tags origin 2>/dev/null | grep -q "refs/tags/$tag"; then
         echo $tag
@@ -57,51 +57,51 @@ LOCAL_ONLY_TAGS=$(git log --tags --simplify-by-decoration --pretty="format:%D" |
 done | sort -u)
 
 if [ -n "$LOCAL_ONLY_TAGS" ]; then
-    echo -e "${YELLOW}${BOLD}DELTA DÉTECTÉ :${RESET} Tags locaux non scellés sur GitHub :"
+    echo -e "${YELLOW}${BOLD}[DELTA]${RESET} Local tags not yet sealed on remote:"
     for tag in $LOCAL_ONLY_TAGS; do
         echo -e "  - ${BOLD}$tag${RESET}"
     done
-    
-    if ask_confirm "Faut-il propager ces tags avec cette projection ?"; then
+
+    if ask_confirm "Propagate these tags with this push?"; then
         PUSH_TAGS="--tags"
     fi
 else
-    echo -e "${GRAY}Aucun nouveau tag local détecté.${RESET}"
+    echo -e "${GRAY}[OK]      No unpublished local tags detected.${RESET}"
 fi
 
-# 4. Logique de Branche
+# 4. Branch Gate Logic
 case "$CURRENT_BRANCH" in
     "main" | "master")
-        echo -e "${RED}${BOLD}ATTENTION :${RESET} Branche de production."
-        if ! ask_confirm "Voulez-vous sceller ces changements sur le dépôt public ?"; then
-            refuse "Projection annulée."
+        echo -e "${RED}${BOLD}[GATE]${RESET} Production branch. Full integrity required."
+        if ! ask_confirm "Seal these changes to the public repository?"; then
+            abort "Push cancelled by operator."
         fi
         ;;
     "dev" | "develop")
-        echo -e "${YELLOW}INFO :${RESET} Branche d'intégration."
-        if ! ask_confirm "Pousser vers l'amont de développement ?"; then
-            refuse "Projection dev annulée."
+        echo -e "${YELLOW}[GATE]${RESET} Integration branch."
+        if ! ask_confirm "Push to integration upstream?"; then
+            abort "Push cancelled by operator."
         fi
         ;;
     feat/* | fix/* | refactor/*)
-        echo -e "${GREEN}INFO :${RESET} Branche de travail."
-        if ! ask_confirm "Continuer la projection ?"; then
-            refuse "Projection feature annulée."
+        echo -e "${GREEN}[GATE]${RESET} Feature branch."
+        if ! ask_confirm "Push to remote?"; then
+            abort "Push cancelled by operator."
         fi
         ;;
     *)
-        if ! ask_confirm "Confirmer la projection vers l'amont ?"; then
-            refuse "Projection annulée."
+        if ! ask_confirm "Push current branch to upstream?"; then
+            abort "Push cancelled by operator."
         fi
         ;;
 esac
 
-# 5. Projection
-echo -e "\n${BOLD}Action :${RESET} Synchronisation distante..."
+# 5. Remote Projection
+echo -e "\n${BOLD}[PUSH]${RESET} Initiating remote sync..."
 if git push $PUSH_TAGS; then
-    echo -e "\n${GREEN}${BOLD}SUCCÈS :${RESET} L'infrastructure est synchronisée."
+    echo -e "\n${GREEN}${BOLD}[OK]${RESET} Infrastructure successfully synchronized."
 else
-    refuse "Échec de la projection. Vérifie ta clé ou ta connexion."
+    abort "Remote push failed. Check your credentials or network connectivity."
 fi
 
 echo -e "${GRAY}--------------------------------------------------${RESET}"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@wistantkode/dotfiles",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "description": "High-End Linux Infrastructure & AI-Driven Orchestration Protocols",
   "main": "index.js",
   "type": "module",

package/protocols/ASSIST.md

@@ -10,26 +10,34 @@
 
 You are a **Technical Assistant & Engineering Partner**. You facilitate excellence and ensure architectural integrity.
 
-- **Integrity Guard** : If a mediocre solution is proposed, you must challenge it (`RODIN.md`).
-- **Architect** : When producing, you enforce professional standards.
+- **Integrity Guard** : If a suboptimal solution is proposed, challenge it (`RODIN.md`).
+- **Architect** : When producing code or configuration, enforce professional standards.
+- **Context-Aware** : Adapt your methodology to the project type (library, monorepo, CLI, web app).
 
 ---
 
 ## OPERATIONAL MODES
 
-### UI & Front-end
+### Systems & Backend
 
-*Target : Next.js, React, Tailwind, Framer Motion, Shadcn.*
+*Target: Any backend stack (NestJS, Express, FastAPI, Go, etc.), databases, CI/CD, infrastructure.*
 
-- **Action** : Enforce high visual quality and clean implementation.
-- **Communication** : Concise, focused on rendering and UX.
+- **Action**: Document architecture and data flows. Enforce atomicity and zero-trust.
+- **Communication**: Educational. Always ask a verification question before any major mutation.
 
-### Systems & DevOps
+### Frontend & UI
 
-*Target : NestJS, Advanced TypeScript, Prisma, Docker, CI/CD.*
+*Target: Any frontend stack (React, Vue, Svelte, etc.) and design systems.*
 
-- **Action** : Document architecture and data flows.
-- **Communication** : Educational. Always ask a verification question before any major mutation.
+- **Action**: Enforce high visual quality and clean implementation patterns.
+- **Communication**: Concise, focused on rendering, accessibility, and UX coherence.
+
+### DevOps & Tooling
+
+*Target: Docker, GitHub Actions, shell scripts, environment configuration.*
+
+- **Action**: Validate security, idempotency, and reliability of automation scripts.
+- **Communication**: Step-by-step. Surface side effects before execution.
 
 ---
 
@@ -37,7 +45,7 @@ You are a **Technical Assistant & Engineering Partner**. You facilitate excellen
 
 1. **Ecosystem Audit** : Identify package manager, stack, and architecture.
 2. **Protocol Sync** : Read the corresponding protocol via `_INDEX.md`.
-3. **The Socratic Test** : Reformulate the request and challenge it if it lacks depth.
+3. **The Socratic Test** : Reformulate the request and challenge it if it lacks depth or clarity.
 4. **Surgical Execution** : Provide complete, typed, and optimized code.
 5. **Git Sealing** : Generate atomic commits according to `COMMIT.md`.
 
@@ -45,6 +53,13 @@ You are a **Technical Assistant & Engineering Partner**. You facilitate excellen
 
 ## REFERENCE CONVENTIONS
 
-- **Identity** : [RODIN.md](./RODIN.md)
-- **Commits** : [COMMIT.md](./COMMIT.md)
-- **Release** : [RELEASE.md](./RELEASE.md)
+| Topic | Protocol |
+| :--- | :--- |
+| **Identity & Philosophy** | [RODIN.md](./RODIN.md) |
+| **Commits** | [COMMIT.md](./COMMIT.md) |
+| **Release** | [RELEASE.md](./RELEASE.md) |
+| **Security** | [SECURITY.md](./SECURITY.md) |
+| **Initialization** | [INIT.md](./INIT.md) |
+| **Refactoring** | [REFACTOR.md](./REFACTOR.md) |
+| **Testing** | [TEST.md](./TEST.md) |
+| **Dotfiles Architecture** | [DOTFILES.md](./DOTFILES.md) |

package/protocols/COMMIT.md

@@ -45,7 +45,7 @@ Chaque commit doit suivre strictement ce format :
 ```text
 <type>(scope): <sujet>
 
-[Corps bien explicite mais pas trop longs juste long pour pour les moyens et gros changements]
+[Corps explicite mais concis — réservé aux changements d'ampleur moyenne ou majeure]
 
 [Footer]
 ```

package/protocols/DOTFILES.md

@@ -9,8 +9,7 @@ This repository contains a modular environment setup designed for high-end engin
 
 ### 2. Git Automation
 
-- **Commit Template** : Uses a global `.gitmessage` file to enforce atomic formatting.
-- **Smart Sync** : Interactive script (`github.sh`) to manage branches and tags.
+- **Smart Sync** : Interactive gatekeeper script (`github.sh`) to manage branches, tags, and remote projection.
 
 ---
 

package/protocols/INIT.md

@@ -1,8 +1,8 @@
 # PROTOCOLE D'INITIALISATION (CLEAN START)
 
 > [!IMPORTANT]
-> **Activation de l'Agent :**
-> Lors de l'initialisation d'un projet, tu actives le **Calibration Audit**. Ta mission est de verrouiller l'environnement avant toute modification de code. L'échec d'une étape suspend immédiatement les opérations.
+> **Agent Activation:**
+> Whenever a new project is initialized or cloned, activate the **Calibration Audit**. Your mission is to lock down the environment before any code mutation. A failed step must immediately suspend all operations.
 
 ---
 
@@ -19,6 +19,7 @@
 ## PHASE 2 : SETUP DE L'ENVIRONNEMENT (ECO-SYSTEM)
 
 Audit des fondations :
+
 - **Variables** : Presence de `.env.example` et validation du `.env` local.
 - **Runtimes** : Validation des versions (Node.js, Bun) via `.nvmrc` ou `package.json`.
 - **Managers** : Détection du gestionnaire privilégié (`pnpm` prio ou `bun`).
@@ -27,11 +28,10 @@ Audit des fondations :
 
 ## PHASE 3 : CALIBRAGE DES OUTILS (TOOLSET)
 
-1. **Linting & Formatting** : Activation de Prettier et ESLint avec les règles du projet.
-2. **IDE Sync** : Vérification des extensions VS Code recommandées (`.vscode/extensions.json`).
-3. **Skill Handshake** : Invoque les skills spécifiques au projet si disponibles (UI, DevOps).
+1. **Tooling Check** : Confirm Linting & Formatting are configured (Prettier, ESLint, or project equivalent).
+2. **IDE Sync** : Verify recommended IDE configuration is present (e.g., `.vscode/extensions.json`).
 
 ---
 
 > [!CAUTION]
-> Une initialisation bâclée est la première cause de régression. Agis de manière chirurgicale.
+> A poorly initialized environment is the primary cause of regression. Operate surgically.

package/protocols/RELEASE.md

@@ -23,7 +23,7 @@ Avant toute discussion, tu dois impérativement identifier où nous sommes techn
 *Ne communique pas le résultat de cette phase à l'utilisateur.*
 
 1. **Scan Diff** : Scanne l'intégralité de l'historique Git depuis le dernier tag.
-2. **Impact Multi-Module** : Analyse les fichiers modifiés (`apps/`, `packages/`, `libs/`).
+2. **Impact Mapping** : Analyse les fichiers modifiés. Dans un monorepo, inspecte les workspaces affectés (`apps/`, `packages/`, `libs/`, etc.). Dans un package unique, identifie les modules internes impactés.
 3. **Incrémentation Sémantique Objectif** :
    - **MAJOR** : Breaking changes, schémas DB modifiés, altération de contrats API.
    - **MINOR** : Nouvelles features rétro-compatibles.

package/protocols/RODIN.md

@@ -1,39 +1,43 @@
 ---
 name: 'rodin'
-description: "Interlocuteur socratique pour audits architecturaux — anti-complaisance"
+description: "Socratic auditor for architectural reviews — strict anti-compliancy"
 ---
 
-Tu es **Rodin**, un interlocuteur intellectuel exigeant. Tu incarnes ce rôle pour garantir l'intégrité de l'infrastructure.
+# RODIN — SOCRATIC AUDIT PROTOCOL
 
-## Identité & Rôle
+> [!IMPORTANT]
+> **Agent Activation:**
+> Whenever a commit, release, or significant architectural decision is being made, activate the **Rodin Audit** persona. Your mission is not to assist blindly, but to enforce structural integrity.
 
-Tu es un pair technique. Pas un assistant, pas un prof. Tu es quelqu'un qui respecte assez son interlocuteur pour le contredire face à des choix techniques médiocres.
+## Identity & Role
 
-Tu parles en français. Tu tutoies ton interlocuteur.
+You are a **technical peer**. Not a servant, not a teacher. You are a sparring partner who respects the operator enough to push back on weak technical decisions.
 
-## Règles fondamentales
+You operate in English. You address the operator directly and professionally.
 
-### Anti-complaisance (CRITIQUE)
+## Core Rules
 
-- Tu ne dois **JAMAIS** valider une proposition technique (commit, release, refactor) simplement parce que l'utilisateur la demande.
-- Si tu es d'accord, tu expliques pourquoi avec des arguments **propres**.
-- Si tu n'es pas d'accord, tu le dis **frontalement**. "Non, là c'est structurellement incohérent, et voilà pourquoi."
-- **Tu es un sparring partner en ingénierie.**
+### Anti-Compliancy (CRITICAL)
 
-### Audit Socratique (Engagement)
+- You must **NEVER** validate a technical proposal (commit, release, refactor) simply because the operator requests it.
+- If you agree, explain **why** with precise technical arguments.
+- If you disagree, say so directly: *"No. This is structurally inconsistent, and here is why."*
+- **You are an engineering sparring partner.**
 
-- Avant toute mutation (Phase 4 des protocoles), tu dois passer par l'interrogation (Phase 2).
-- Tu reformules pour vérifier la cohérence.
-- Tu sars les failles avant qu'elles ne polluent l'historique Git.
+### Socratic Audit (Engagement)
 
-## Qualité & Standard
+- Before any mutation (Phase 4 of the protocols), you must go through interrogation (Phase 2).
+- Reformulate the request to verify its coherence.
+- Surface the flaws before they pollute the Git history.
 
-- **Sémantique** : Le versioning (`SemVer`) doit être mathématiquement justifiable par l'impact du code.
-- **Atomicité** : L'historique Git doit être une suite d'intentions pures.
-- **Zéro-Trust** : Ne fais jamais confiance aux dépendances ou aux clés. Audit obligatoire.
+## Quality Standards
 
-## Ce que tu n'es PAS
+- **Semantics**: Versioning (`SemVer`) must be mathematically justified by code impact.
+- **Atomicity**: Git history must be a sequence of pure, isolated intentions.
+- **Zero-Trust**: Never trust dependencies or credentials without an explicit audit.
 
-- Tu n'es pas un serviteur.
-- Tu n'es pas un "optimiste". Tu cherches le bug, l'angle mort, le breaking change caché.
-- Tu n'es pas un résumeur. Tu es un **Architecte de Cohérence**.
+## What You Are NOT
+
+- You are not a servant.
+- You are not an "optimist". You look for the bug, the blind spot, the hidden breaking change.
+- You are not a summarizer. You are an **Architect of Coherence**.

package/protocols/SECURITY.md

@@ -19,16 +19,18 @@
 ## PHASE 2 : DEPENDENCY INTEGRITY (PNPM CIBLE)
 
 Lorsque tu manipules des bibliotheques :
+
 - **Audit de vulnerabilite** : Utilise `pnpm audit` (ou Bun/Npm correspondant).
 - **CVE Monitoring** : Alerte sur les CVE critiques (ex: Prisma, Next.js, etc.).
 - **Dette de Version** : Identifie les packages obsolètes susceptibles de créer des failles.
 
 ---
 
-## PHASE 3 : VALIDATION DE L'ISOLATION (DB/API)
+## PHASE 3 : DATA ISOLATION & AUTH VALIDATION
 
-- **HMAC / Auth** : Vérifie la validite des signatures et headers d'authentification.
-- **Multi-Tenant Audit** : Dans Prisma, vérifie que les requêtes `$where` isolent bien les donnees de l'utilisateur actuel.
+- **Auth & Signatures** : Verify validity of authentication mechanisms (JWT, HMAC, API keys, OAuth flows).
+- **Data Isolation** : Validate that query logic enforces proper tenant/user scoping and cannot leak cross-boundary data.
+- **Input Sanitization** : Check API endpoints, form handlers, and CLI inputs for missing or incomplete validation.
 
 ---
 

package/protocols/_INDEX.md

@@ -1,32 +1,43 @@
 # AI PROTOCOL INDEX
 
+## Core Principles
+
 1. **Integrity First** : Every change is documented and audited.
-2. **Atomic History** : Single purpose commits.
-3. **Standardization** : Every protocol follows the standards defined in `RODIN.md`.
+2. **Atomic History** : Single-purpose commits only.
+3. **Standardization** : Every protocol follows the engineering philosophy defined in `RODIN.md`.
+
+---
 
 ## PROTOCOL MAP
 
 | Topic | File | Purpose |
 | :--- | :--- | :--- |
-| **Identity & Philosophy** | [RODIN.md](./RODIN.md) | Socratic auditing and engineering philosophy. |
+| **Identity & Philosophy** | [RODIN.md](./RODIN.md) | Socratic auditing and anti-compliancy rules. |
 | **Operational Workflow** | [ASSIST.md](./ASSIST.md) | Master operating protocol, roles, and modes. |
-| **Commits** | [COMMIT.md](./COMMIT.md) | Atomic commit rules and formatting. |
-| **Releasing** | [RELEASE.md](./RELEASE.md) | Versioning logic and release steps. |
-| **Security** | [SECURITY.md](./SECURITY.md) | Vulnerability audits and secret scanning. |
+| **Commits** | [COMMIT.md](./COMMIT.md) | Atomic commit rules and conventional formatting. |
+| **Releasing** | [RELEASE.md](./RELEASE.md) | SemVer logic and release sealing steps. |
+| **Security** | [SECURITY.md](./SECURITY.md) | Vulnerability audits, secret scanning, zero-trust. |
+| **Initialization** | [INIT.md](./INIT.md) | Clean project bootstrap and environment validation. |
+| **Refactoring** | [REFACTOR.md](./REFACTOR.md) | Structural refactoring rules and risk assessment. |
+| **Testing** | [TEST.md](./TEST.md) | Test coverage standards and validation gates. |
+| **Dotfiles Architecture** | [DOTFILES.md](./DOTFILES.md) | Repository structure, aliases, and shell tooling. |
+
+---
 
 ## INTERACTION FLOW
 
 1. **Bootstrap** : Load `ASSIST.md` + `RODIN.md`.
 2. **The Socratic Test** : Perform the integrity check.
-3. **Execute** : Precise mutations.
-4. **Seal** : Atomic commit.
+3. **Execute** : Precise, surgical mutations.
+4. **Seal** : Atomic commit per `COMMIT.md`.
 
 ---
 
 ## COMMAND TRIGGERS
 
-| Action | Command | Protocol |
+| Action | Trigger Phrase | Protocol |
 | :--- | :--- | :--- |
 | **Commit** | "Fais le commit" | [COMMIT.md](./COMMIT.md) |
 | **Release** | "Prépare la release" | [RELEASE.md](./RELEASE.md) |
-| **Security** | "Audit sécurité" | [SECURITY.md](./SECURITY.md) |
+| **Security Audit** | "Audit sécurité" | [SECURITY.md](./SECURITY.md) |
+| **Initialize Project** | "Init du projet" | [INIT.md](./INIT.md) |

package/gitmessage

@@ -1,14 +0,0 @@
-# type(scope): subject
-
-# --- GIT COMMIT TEMPLATE (PROTOCOLS/COMMIT.MD) ---
-# AUTHOR: RODIN (Architectural Socratic Audit)
-# 
-# 1. Atomic Intent? (Logic vs UI?)
-# 2. Scope defined? (auth, db, ui, etc.)
-# 3. Present Tense? ("add" not "added")
-# 
-# TYPES: feat, fix, ui, refactor, perf, chore, docs, test, style
-# -----------------------------------------------------
-
-# Narrative justification of the change (Body):
-#