@zeyue0329/xiaoma-cli 1.0.36 → 1.0.38

package/xiaoma-core/tasks/project-integration-testing.md

@@ -351,46 +351,46 @@ delivery_readiness:
 # integration_test_report.yaml
 test_report:
   executive_summary:
-    overall_status: 'PASSED'
-    system_readiness: 'READY_FOR_DEPLOYMENT'
+    overall_status: "PASSED"
+    system_readiness: "READY_FOR_DEPLOYMENT"
     critical_issues: 0
     total_test_cases: 2847
     pass_rate: 98.7%
 
   module_integration_results:
     user_management_module:
-      status: 'PASSED'
+      status: "PASSED"
       test_cases: 456
       pass_rate: 99.1%
       critical_issues: 0
 
     data_management_module:
-      status: 'PASSED'
+      status: "PASSED"
       test_cases: 623
       pass_rate: 98.9%
       critical_issues: 0
 
   performance_results:
     load_testing:
-      baseline_load: 'PASSED'
-      peak_load: 'PASSED'
-      sustained_load: 'PASSED'
+      baseline_load: "PASSED"
+      peak_load: "PASSED"
+      sustained_load: "PASSED"
 
     response_time_analysis:
-      average_api_response: '245ms'
-      p95_response_time: '680ms'
-      p99_response_time: '1.2s'
+      average_api_response: "245ms"
+      p95_response_time: "680ms"
+      p99_response_time: "1.2s"
 
   security_assessment:
-    vulnerability_scan: 'PASSED'
-    penetration_test: 'PASSED'
-    compliance_check: 'PASSED'
+    vulnerability_scan: "PASSED"
+    penetration_test: "PASSED"
+    compliance_check: "PASSED"
     high_severity_issues: 0
 
   recommendations:
-    - '优化数据库查询性能，减少p99响应时间'
-    - '增加API监控告警机制'
-    - '完善错误处理和用户友好提示'
+    - "优化数据库查询性能，减少p99响应时间"
+    - "增加API监控告警机制"
+    - "完善错误处理和用户友好提示"
 ```
 
 ### 交付清单
@@ -399,28 +399,28 @@ test_report:
 # delivery_checklist.yaml
 delivery_package:
   code_deliverables:
-    - source_code: '完整源代码包'
-    - build_artifacts: '构建产物'
-    - database_scripts: '数据库部署脚本'
-    - configuration_files: '配置文件模板'
+    - source_code: "完整源代码包"
+    - build_artifacts: "构建产物"
+    - database_scripts: "数据库部署脚本"
+    - configuration_files: "配置文件模板"
 
   documentation:
-    - api_documentation: 'API接口文档'
-    - deployment_guide: '部署指南'
-    - user_manual: '用户使用手册'
-    - maintenance_guide: '维护运营指南'
+    - api_documentation: "API接口文档"
+    - deployment_guide: "部署指南"
+    - user_manual: "用户使用手册"
+    - maintenance_guide: "维护运营指南"
 
   test_artifacts:
-    - test_suites: '完整测试套件'
-    - test_data: '测试数据集'
-    - performance_benchmarks: '性能基准报告'
-    - security_audit_report: '安全审计报告'
+    - test_suites: "完整测试套件"
+    - test_data: "测试数据集"
+    - performance_benchmarks: "性能基准报告"
+    - security_audit_report: "安全审计报告"
 
   operational_requirements:
-    - infrastructure_specifications: '基础设施规格'
-    - monitoring_configuration: '监控配置'
-    - backup_procedures: '备份程序'
-    - disaster_recovery_plan: '灾难恢复计划'
+    - infrastructure_specifications: "基础设施规格"
+    - monitoring_configuration: "监控配置"
+    - backup_procedures: "备份程序"
+    - disaster_recovery_plan: "灾难恢复计划"
 ```
 
 ## Integration with Full Requirement Orchestrator
@@ -430,21 +430,21 @@ delivery_package:
 ```yaml
 orchestrator_integration:
   trigger_conditions:
-    all_stories_completed: '所有用户故事状态为Done'
-    individual_story_tests_passed: '所有故事单元测试通过'
-    dependency_integration_ready: '依赖集成就绪'
+    all_stories_completed: "所有用户故事状态为Done"
+    individual_story_tests_passed: "所有故事单元测试通过"
+    dependency_integration_ready: "依赖集成就绪"
 
-  execution_command: '*execute-project-integration'
+  execution_command: "*execute-project-integration"
 
   success_criteria:
-    integration_tests_passed: '集成测试100%通过'
-    performance_benchmarks_met: '性能基准达标'
-    security_validation_complete: '安全验证完成'
+    integration_tests_passed: "集成测试100%通过"
+    performance_benchmarks_met: "性能基准达标"
+    security_validation_complete: "安全验证完成"
 
   failure_handling:
-    rollback_strategy: '回滚到最后稳定版本'
-    issue_triage: '问题分级和分配'
-    remediation_planning: '修复计划制定'
+    rollback_strategy: "回滚到最后稳定版本"
+    issue_triage: "问题分级和分配"
+    remediation_planning: "修复计划制定"
 ```
 
 ## Usage Examples

package/xiaoma-core/tasks/qa-gate.md

@@ -29,11 +29,11 @@ Slug rules:
 
 ```yaml
 schema: 1
-story: '{epic}.{story}'
+story: "{epic}.{story}"
 gate: PASS|CONCERNS|FAIL|WAIVED
-status_reason: '1-2 sentence explanation of gate decision'
-reviewer: 'Quinn'
-updated: '{ISO-8601 timestamp}'
+status_reason: "1-2 sentence explanation of gate decision"
+reviewer: "Quinn"
+updated: "{ISO-8601 timestamp}"
 top_issues: [] # Empty array if no issues
 waiver: { active: false } # Only set active: true if WAIVED
 ```
@@ -42,20 +42,20 @@ waiver: { active: false } # Only set active: true if WAIVED
 
 ```yaml
 schema: 1
-story: '1.3'
+story: "1.3"
 gate: CONCERNS
-status_reason: 'Missing rate limiting on auth endpoints poses security risk.'
-reviewer: 'Quinn'
-updated: '2025-01-12T10:15:00Z'
+status_reason: "Missing rate limiting on auth endpoints poses security risk."
+reviewer: "Quinn"
+updated: "2025-01-12T10:15:00Z"
 top_issues:
-  - id: 'SEC-001'
+  - id: "SEC-001"
     severity: high # ONLY: low|medium|high
-    finding: 'No rate limiting on login endpoint'
-    suggested_action: 'Add rate limiting middleware before production'
-  - id: 'TEST-001'
+    finding: "No rate limiting on login endpoint"
+    suggested_action: "Add rate limiting middleware before production"
+  - id: "TEST-001"
     severity: medium
-    finding: 'No integration tests for auth flow'
-    suggested_action: 'Add integration test coverage'
+    finding: "No integration tests for auth flow"
+    suggested_action: "Add integration test coverage"
 waiver: { active: false }
 ```
 
@@ -63,20 +63,20 @@ waiver: { active: false }
 
 ```yaml
 schema: 1
-story: '1.3'
+story: "1.3"
 gate: WAIVED
-status_reason: 'Known issues accepted for MVP release.'
-reviewer: 'Quinn'
-updated: '2025-01-12T10:15:00Z'
+status_reason: "Known issues accepted for MVP release."
+reviewer: "Quinn"
+updated: "2025-01-12T10:15:00Z"
 top_issues:
-  - id: 'PERF-001'
+  - id: "PERF-001"
     severity: low
-    finding: 'Dashboard loads slowly with 1000+ items'
-    suggested_action: 'Implement pagination in next sprint'
+    finding: "Dashboard loads slowly with 1000+ items"
+    suggested_action: "Implement pagination in next sprint"
 waiver:
   active: true
-  reason: 'MVP release - performance optimization deferred'
-  approved_by: 'Product Owner'
+  reason: "MVP release - performance optimization deferred"
+  approved_by: "Product Owner"
 ```
 
 ## Gate Decision Criteria

package/xiaoma-core/tasks/review-story.md

@@ -8,10 +8,10 @@ Perform a comprehensive test architecture review with quality gate decision. Thi
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: '{devStoryLocation}/{epic}.{story}.*.md' # Path from core-config.yaml
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "{devStoryLocation}/{epic}.{story}.*.md" # Path from core-config.yaml
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Prerequisites
@@ -193,19 +193,19 @@ Gate file structure:
 
 ```yaml
 schema: 1
-story: '{epic}.{story}'
-story_title: '{story title}'
+story: "{epic}.{story}"
+story_title: "{story title}"
 gate: PASS|CONCERNS|FAIL|WAIVED
-status_reason: '1-2 sentence explanation of gate decision'
-reviewer: 'Quinn (Test Architect)'
-updated: '{ISO-8601 timestamp}'
+status_reason: "1-2 sentence explanation of gate decision"
+reviewer: "Quinn (Test Architect)"
+updated: "{ISO-8601 timestamp}"
 
 top_issues: [] # Empty if no issues
 waiver: { active: false } # Set active: true only if WAIVED
 
 # Extended fields (optional but recommended):
 quality_score: 0-100 # 100 - (20*FAILs) - (10*CONCERNS) or use technical-preferences.md weights
-expires: '{ISO-8601 timestamp}' # Typically 2 weeks from review
+expires: "{ISO-8601 timestamp}" # Typically 2 weeks from review
 
 evidence:
   tests_reviewed: { count }
@@ -217,24 +217,24 @@ evidence:
 nfr_validation:
   security:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   performance:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   reliability:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   maintainability:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
 
 recommendations:
   immediate: # Must fix before production
-    - action: 'Add rate limiting'
-      refs: ['api/auth/login.ts']
+    - action: "Add rate limiting"
+      refs: ["api/auth/login.ts"]
   future: # Can be addressed later
-    - action: 'Consider caching'
-      refs: ['services/data.ts']
+    - action: "Consider caching"
+      refs: ["services/data.ts"]
 ```
 
 ### Gate Decision Criteria

package/xiaoma-core/tasks/risk-profile.md

@@ -8,10 +8,10 @@ Generate a comprehensive risk assessment matrix for a story implementation using
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: 'docs/stories/{epic}.{story}.*.md'
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "docs/stories/{epic}.{story}.*.md"
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Purpose
@@ -81,14 +81,14 @@ For each category, identify specific risks:
 
 ```yaml
 risk:
-  id: 'SEC-001' # Use prefixes: SEC, PERF, DATA, BUS, OPS, TECH
+  id: "SEC-001" # Use prefixes: SEC, PERF, DATA, BUS, OPS, TECH
   category: security
-  title: 'Insufficient input validation on user forms'
-  description: 'Form inputs not properly sanitized could lead to XSS attacks'
+  title: "Insufficient input validation on user forms"
+  description: "Form inputs not properly sanitized could lead to XSS attacks"
   affected_components:
-    - 'UserRegistrationForm'
-    - 'ProfileUpdateForm'
-  detection_method: 'Code review revealed missing validation'
+    - "UserRegistrationForm"
+    - "ProfileUpdateForm"
+  detection_method: "Code review revealed missing validation"
 ```
 
 ### 2. Risk Assessment
@@ -135,20 +135,20 @@ For each identified risk, provide mitigation:
 
 ```yaml
 mitigation:
-  risk_id: 'SEC-001'
-  strategy: 'preventive' # preventive|detective|corrective
+  risk_id: "SEC-001"
+  strategy: "preventive" # preventive|detective|corrective
   actions:
-    - 'Implement input validation library (e.g., validator.js)'
-    - 'Add CSP headers to prevent XSS execution'
-    - 'Sanitize all user inputs before storage'
-    - 'Escape all outputs in templates'
+    - "Implement input validation library (e.g., validator.js)"
+    - "Add CSP headers to prevent XSS execution"
+    - "Sanitize all user inputs before storage"
+    - "Escape all outputs in templates"
   testing_requirements:
-    - 'Security testing with OWASP ZAP'
-    - 'Manual penetration testing of forms'
-    - 'Unit tests for validation functions'
-  residual_risk: 'Low - Some zero-day vulnerabilities may remain'
-  owner: 'dev'
-  timeline: 'Before deployment'
+    - "Security testing with OWASP ZAP"
+    - "Manual penetration testing of forms"
+    - "Unit tests for validation functions"
+  residual_risk: "Low - Some zero-day vulnerabilities may remain"
+  owner: "dev"
+  timeline: "Before deployment"
 ```
 
 ## Outputs
@@ -174,12 +174,12 @@ risk_summary:
   highest:
     id: SEC-001
     score: 9
-    title: 'XSS on profile form'
+    title: "XSS on profile form"
   recommendations:
     must_fix:
-      - 'Add input sanitization & CSP'
+      - "Add input sanitization & CSP"
     monitor:
-      - 'Add security alerts for auth endpoints'
+      - "Add security alerts for auth endpoints"
 ```
 
 ### Output 2: Markdown Report

package/xiaoma-core/tasks/serial-development-orchestration.md

@@ -56,15 +56,15 @@ pipeline_design:
     pipeline_count: 1 # 单一串行流水线
 
     serial_pipeline:
-      focus: '严格串行执行所有故事'
-      execution_policy: 'one_task_at_a_time'
-      completion_requirement: '100%_before_next'
+      focus: "严格串行执行所有故事"
+      execution_policy: "one_task_at_a_time"
+      completion_requirement: "100%_before_next"
 
       story_execution_order:
-        priority_1_foundation: ['用户认证', '权限管理', '基础数据模型']
-        priority_2_core: ['主要业务流程', '核心数据操作']
-        priority_3_features: ['扩展功能', '用户体验优化']
-        priority_4_support: ['监控', '配置', '工具功能']
+        priority_1_foundation: ["用户认证", "权限管理", "基础数据模型"]
+        priority_2_core: ["主要业务流程", "核心数据操作"]
+        priority_3_features: ["扩展功能", "用户体验优化"]
+        priority_4_support: ["监控", "配置", "工具功能"]
 
   quality_gates:
     strict_validation:
@@ -80,28 +80,28 @@ pipeline_design:
 synchronization_design:
   sync_points:
     foundation_completion:
-      trigger: '基础故事100%完成'
-      validation: '基础API和数据模型完全就绪'
-      quality_gate: '通过所有测试和质量检查'
-      next_stage: '核心业务开发启动'
+      trigger: "基础故事100%完成"
+      validation: "基础API和数据模型完全就绪"
+      quality_gate: "通过所有测试和质量检查"
+      next_stage: "核心业务开发启动"
 
     core_business_completion:
-      trigger: '核心业务故事100%完成'
-      validation: '主要业务流程完全就绪'
-      quality_gate: '通过所有集成测试'
-      next_stage: '特性功能开发启动'
+      trigger: "核心业务故事100%完成"
+      validation: "主要业务流程完全就绪"
+      quality_gate: "通过所有集成测试"
+      next_stage: "特性功能开发启动"
 
     features_completion:
-      trigger: '特性功能故事100%完成'
-      validation: '所有特性功能完全就绪'
-      quality_gate: '通过端到端测试'
-      next_stage: '优化支撑功能启动'
+      trigger: "特性功能故事100%完成"
+      validation: "所有特性功能完全就绪"
+      quality_gate: "通过端到端测试"
+      next_stage: "优化支撑功能启动"
 
     final_completion:
-      trigger: '所有故事100%完成'
-      validation: '完整产品就绪'
-      quality_gate: '通过最终验收测试'
-      next_stage: '项目交付准备'
+      trigger: "所有故事100%完成"
+      validation: "完整产品就绪"
+      quality_gate: "通过最终验收测试"
+      next_stage: "项目交付准备"
 ```
 
 ### 第4步: 质量门控实施
@@ -114,31 +114,31 @@ quality_gates:
 
     gate_1_foundation:
       requirements:
-        - code_coverage: '>=95%'
-        - unit_tests: 'all_passing'
-        - integration_tests: 'all_passing'
-        - code_quality: 'A_grade'
+        - code_coverage: ">=95%"
+        - unit_tests: "all_passing"
+        - integration_tests: "all_passing"
+        - code_quality: "A_grade"
 
     gate_2_core:
       requirements:
-        - api_tests: 'all_passing'
-        - business_logic_tests: 'all_passing'
-        - database_tests: 'all_passing'
-        - performance_tests: 'baseline_met'
+        - api_tests: "all_passing"
+        - business_logic_tests: "all_passing"
+        - database_tests: "all_passing"
+        - performance_tests: "baseline_met"
 
     gate_3_features:
       requirements:
-        - feature_tests: 'all_passing'
-        - ui_tests: 'all_passing'
-        - cross_browser_tests: 'all_passing'
-        - accessibility_tests: 'all_passing'
+        - feature_tests: "all_passing"
+        - ui_tests: "all_passing"
+        - cross_browser_tests: "all_passing"
+        - accessibility_tests: "all_passing"
 
     gate_4_final:
       requirements:
-        - end_to_end_tests: 'all_passing'
-        - security_scan: 'no_critical_issues'
-        - performance_benchmark: 'meets_requirements'
-        - user_acceptance: 'approved'
+        - end_to_end_tests: "all_passing"
+        - security_scan: "no_critical_issues"
+        - performance_benchmark: "meets_requirements"
+        - user_acceptance: "approved"
 ```
 
 ### 第5步: 执行监控和控制
@@ -153,7 +153,7 @@ execution_control:
       - blocking_issues: 阻塞问题
 
     progress_reporting:
-      frequency: 'continuous'
+      frequency: "continuous"
       metrics:
         - story_completion_status: 故事完成状态
         - quality_gate_status: 质量门控状态
@@ -265,7 +265,7 @@ ${final_validation_results}
 triggers:
   primary:
     condition: story_backlog_ready
-    trigger: '*orchestrate-serial-development'
+    trigger: "*orchestrate-serial-development"
 
   dependencies:
     required_inputs:
@@ -289,10 +289,10 @@ success_criteria:
     - deliverable_ready: 交付物就绪
 
   quality:
-    - code_coverage: '>=95%'
-    - test_pass_rate: '100%'
-    - defect_density: '<=0.1 per KLOC'
-    - performance_baseline: 'met'
+    - code_coverage: ">=95%"
+    - test_pass_rate: "100%"
+    - defect_density: "<=0.1 per KLOC"
+    - performance_baseline: "met"
 
   process:
     - strict_sequence_followed: 严格按序执行
@@ -319,16 +319,16 @@ error_handling:
 
   quality_failures:
     test_failures:
-      action: 'stop_and_fix'
-      escalation: 'immediate'
+      action: "stop_and_fix"
+      escalation: "immediate"
 
     coverage_below_threshold:
-      action: 'stop_and_improve'
-      requirement: 'meet_coverage_target'
+      action: "stop_and_improve"
+      requirement: "meet_coverage_target"
 
     integration_failures:
-      action: 'rollback_and_debug'
-      validation: 'complete_retest'
+      action: "rollback_and_debug"
+      validation: "complete_retest"
 ```
 
 ## Integration Points

package/xiaoma-core/tasks/test-design.md

@@ -8,10 +8,10 @@ Create comprehensive test scenarios with appropriate test level recommendations
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: '{devStoryLocation}/{epic}.{story}.*.md' # Path from core-config.yaml
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "{devStoryLocation}/{epic}.{story}.*.md" # Path from core-config.yaml
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Purpose
@@ -64,13 +64,13 @@ For each identified test need, create:
 
 ```yaml
 test_scenario:
-  id: '{epic}.{story}-{LEVEL}-{SEQ}'
-  requirement: 'AC reference'
+  id: "{epic}.{story}-{LEVEL}-{SEQ}"
+  requirement: "AC reference"
   priority: P0|P1|P2|P3
   level: unit|integration|e2e
-  description: 'What is being tested'
-  justification: 'Why this level was chosen'
-  mitigates_risks: ['RISK-001'] # If risk profile exists
+  description: "What is being tested"
+  justification: "Why this level was chosen"
+  mitigates_risks: ["RISK-001"] # If risk profile exists
 ```
 
 ### 5. Validate Coverage