@zeyue0329/xiaoma-cli 1.0.37 → 1.0.39

package/xiaoma-core/tasks/review-story.md

@@ -8,10 +8,10 @@ Perform a comprehensive test architecture review with quality gate decision. Thi
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: '{devStoryLocation}/{epic}.{story}.*.md' # Path from core-config.yaml
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "{devStoryLocation}/{epic}.{story}.*.md" # Path from core-config.yaml
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Prerequisites
@@ -193,19 +193,19 @@ Gate file structure:
 
 ```yaml
 schema: 1
-story: '{epic}.{story}'
-story_title: '{story title}'
+story: "{epic}.{story}"
+story_title: "{story title}"
 gate: PASS|CONCERNS|FAIL|WAIVED
-status_reason: '1-2 sentence explanation of gate decision'
-reviewer: 'Quinn (Test Architect)'
-updated: '{ISO-8601 timestamp}'
+status_reason: "1-2 sentence explanation of gate decision"
+reviewer: "Quinn (Test Architect)"
+updated: "{ISO-8601 timestamp}"
 
 top_issues: [] # Empty if no issues
 waiver: { active: false } # Set active: true only if WAIVED
 
 # Extended fields (optional but recommended):
 quality_score: 0-100 # 100 - (20*FAILs) - (10*CONCERNS) or use technical-preferences.md weights
-expires: '{ISO-8601 timestamp}' # Typically 2 weeks from review
+expires: "{ISO-8601 timestamp}" # Typically 2 weeks from review
 
 evidence:
   tests_reviewed: { count }
@@ -217,24 +217,24 @@ evidence:
 nfr_validation:
   security:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   performance:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   reliability:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
   maintainability:
     status: PASS|CONCERNS|FAIL
-    notes: 'Specific findings'
+    notes: "Specific findings"
 
 recommendations:
   immediate: # Must fix before production
-    - action: 'Add rate limiting'
-      refs: ['api/auth/login.ts']
+    - action: "Add rate limiting"
+      refs: ["api/auth/login.ts"]
   future: # Can be addressed later
-    - action: 'Consider caching'
-      refs: ['services/data.ts']
+    - action: "Consider caching"
+      refs: ["services/data.ts"]
 ```
 
 ### Gate Decision Criteria

package/xiaoma-core/tasks/risk-profile.md

@@ -8,10 +8,10 @@ Generate a comprehensive risk assessment matrix for a story implementation using
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: 'docs/stories/{epic}.{story}.*.md'
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "docs/stories/{epic}.{story}.*.md"
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Purpose
@@ -81,14 +81,14 @@ For each category, identify specific risks:
 
 ```yaml
 risk:
-  id: 'SEC-001' # Use prefixes: SEC, PERF, DATA, BUS, OPS, TECH
+  id: "SEC-001" # Use prefixes: SEC, PERF, DATA, BUS, OPS, TECH
   category: security
-  title: 'Insufficient input validation on user forms'
-  description: 'Form inputs not properly sanitized could lead to XSS attacks'
+  title: "Insufficient input validation on user forms"
+  description: "Form inputs not properly sanitized could lead to XSS attacks"
   affected_components:
-    - 'UserRegistrationForm'
-    - 'ProfileUpdateForm'
-  detection_method: 'Code review revealed missing validation'
+    - "UserRegistrationForm"
+    - "ProfileUpdateForm"
+  detection_method: "Code review revealed missing validation"
 ```
 
 ### 2. Risk Assessment
@@ -135,20 +135,20 @@ For each identified risk, provide mitigation:
 
 ```yaml
 mitigation:
-  risk_id: 'SEC-001'
-  strategy: 'preventive' # preventive|detective|corrective
+  risk_id: "SEC-001"
+  strategy: "preventive" # preventive|detective|corrective
   actions:
-    - 'Implement input validation library (e.g., validator.js)'
-    - 'Add CSP headers to prevent XSS execution'
-    - 'Sanitize all user inputs before storage'
-    - 'Escape all outputs in templates'
+    - "Implement input validation library (e.g., validator.js)"
+    - "Add CSP headers to prevent XSS execution"
+    - "Sanitize all user inputs before storage"
+    - "Escape all outputs in templates"
   testing_requirements:
-    - 'Security testing with OWASP ZAP'
-    - 'Manual penetration testing of forms'
-    - 'Unit tests for validation functions'
-  residual_risk: 'Low - Some zero-day vulnerabilities may remain'
-  owner: 'dev'
-  timeline: 'Before deployment'
+    - "Security testing with OWASP ZAP"
+    - "Manual penetration testing of forms"
+    - "Unit tests for validation functions"
+  residual_risk: "Low - Some zero-day vulnerabilities may remain"
+  owner: "dev"
+  timeline: "Before deployment"
 ```
 
 ## Outputs
@@ -174,12 +174,12 @@ risk_summary:
   highest:
     id: SEC-001
     score: 9
-    title: 'XSS on profile form'
+    title: "XSS on profile form"
   recommendations:
     must_fix:
-      - 'Add input sanitization & CSP'
+      - "Add input sanitization & CSP"
     monitor:
-      - 'Add security alerts for auth endpoints'
+      - "Add security alerts for auth endpoints"
 ```
 
 ### Output 2: Markdown Report

package/xiaoma-core/tasks/serial-development-orchestration.md

@@ -56,15 +56,15 @@ pipeline_design:
     pipeline_count: 1 # 单一串行流水线
 
     serial_pipeline:
-      focus: '严格串行执行所有故事'
-      execution_policy: 'one_task_at_a_time'
-      completion_requirement: '100%_before_next'
+      focus: "严格串行执行所有故事"
+      execution_policy: "one_task_at_a_time"
+      completion_requirement: "100%_before_next"
 
       story_execution_order:
-        priority_1_foundation: ['用户认证', '权限管理', '基础数据模型']
-        priority_2_core: ['主要业务流程', '核心数据操作']
-        priority_3_features: ['扩展功能', '用户体验优化']
-        priority_4_support: ['监控', '配置', '工具功能']
+        priority_1_foundation: ["用户认证", "权限管理", "基础数据模型"]
+        priority_2_core: ["主要业务流程", "核心数据操作"]
+        priority_3_features: ["扩展功能", "用户体验优化"]
+        priority_4_support: ["监控", "配置", "工具功能"]
 
   quality_gates:
     strict_validation:
@@ -80,28 +80,28 @@ pipeline_design:
 synchronization_design:
   sync_points:
     foundation_completion:
-      trigger: '基础故事100%完成'
-      validation: '基础API和数据模型完全就绪'
-      quality_gate: '通过所有测试和质量检查'
-      next_stage: '核心业务开发启动'
+      trigger: "基础故事100%完成"
+      validation: "基础API和数据模型完全就绪"
+      quality_gate: "通过所有测试和质量检查"
+      next_stage: "核心业务开发启动"
 
     core_business_completion:
-      trigger: '核心业务故事100%完成'
-      validation: '主要业务流程完全就绪'
-      quality_gate: '通过所有集成测试'
-      next_stage: '特性功能开发启动'
+      trigger: "核心业务故事100%完成"
+      validation: "主要业务流程完全就绪"
+      quality_gate: "通过所有集成测试"
+      next_stage: "特性功能开发启动"
 
     features_completion:
-      trigger: '特性功能故事100%完成'
-      validation: '所有特性功能完全就绪'
-      quality_gate: '通过端到端测试'
-      next_stage: '优化支撑功能启动'
+      trigger: "特性功能故事100%完成"
+      validation: "所有特性功能完全就绪"
+      quality_gate: "通过端到端测试"
+      next_stage: "优化支撑功能启动"
 
     final_completion:
-      trigger: '所有故事100%完成'
-      validation: '完整产品就绪'
-      quality_gate: '通过最终验收测试'
-      next_stage: '项目交付准备'
+      trigger: "所有故事100%完成"
+      validation: "完整产品就绪"
+      quality_gate: "通过最终验收测试"
+      next_stage: "项目交付准备"
 ```
 
 ### 第4步: 质量门控实施
@@ -114,31 +114,31 @@ quality_gates:
 
     gate_1_foundation:
       requirements:
-        - code_coverage: '>=95%'
-        - unit_tests: 'all_passing'
-        - integration_tests: 'all_passing'
-        - code_quality: 'A_grade'
+        - code_coverage: ">=95%"
+        - unit_tests: "all_passing"
+        - integration_tests: "all_passing"
+        - code_quality: "A_grade"
 
     gate_2_core:
       requirements:
-        - api_tests: 'all_passing'
-        - business_logic_tests: 'all_passing'
-        - database_tests: 'all_passing'
-        - performance_tests: 'baseline_met'
+        - api_tests: "all_passing"
+        - business_logic_tests: "all_passing"
+        - database_tests: "all_passing"
+        - performance_tests: "baseline_met"
 
     gate_3_features:
       requirements:
-        - feature_tests: 'all_passing'
-        - ui_tests: 'all_passing'
-        - cross_browser_tests: 'all_passing'
-        - accessibility_tests: 'all_passing'
+        - feature_tests: "all_passing"
+        - ui_tests: "all_passing"
+        - cross_browser_tests: "all_passing"
+        - accessibility_tests: "all_passing"
 
     gate_4_final:
       requirements:
-        - end_to_end_tests: 'all_passing'
-        - security_scan: 'no_critical_issues'
-        - performance_benchmark: 'meets_requirements'
-        - user_acceptance: 'approved'
+        - end_to_end_tests: "all_passing"
+        - security_scan: "no_critical_issues"
+        - performance_benchmark: "meets_requirements"
+        - user_acceptance: "approved"
 ```
 
 ### 第5步: 执行监控和控制
@@ -153,7 +153,7 @@ execution_control:
       - blocking_issues: 阻塞问题
 
     progress_reporting:
-      frequency: 'continuous'
+      frequency: "continuous"
       metrics:
         - story_completion_status: 故事完成状态
         - quality_gate_status: 质量门控状态
@@ -265,7 +265,7 @@ ${final_validation_results}
 triggers:
   primary:
     condition: story_backlog_ready
-    trigger: '*orchestrate-serial-development'
+    trigger: "*orchestrate-serial-development"
 
   dependencies:
     required_inputs:
@@ -289,10 +289,10 @@ success_criteria:
     - deliverable_ready: 交付物就绪
 
   quality:
-    - code_coverage: '>=95%'
-    - test_pass_rate: '100%'
-    - defect_density: '<=0.1 per KLOC'
-    - performance_baseline: 'met'
+    - code_coverage: ">=95%"
+    - test_pass_rate: "100%"
+    - defect_density: "<=0.1 per KLOC"
+    - performance_baseline: "met"
 
   process:
     - strict_sequence_followed: 严格按序执行
@@ -319,16 +319,16 @@ error_handling:
 
   quality_failures:
     test_failures:
-      action: 'stop_and_fix'
-      escalation: 'immediate'
+      action: "stop_and_fix"
+      escalation: "immediate"
 
     coverage_below_threshold:
-      action: 'stop_and_improve'
-      requirement: 'meet_coverage_target'
+      action: "stop_and_improve"
+      requirement: "meet_coverage_target"
 
     integration_failures:
-      action: 'rollback_and_debug'
-      validation: 'complete_retest'
+      action: "rollback_and_debug"
+      validation: "complete_retest"
 ```
 
 ## Integration Points

package/xiaoma-core/tasks/test-design.md

@@ -8,10 +8,10 @@ Create comprehensive test scenarios with appropriate test level recommendations
 
 ```yaml
 required:
-  - story_id: '{epic}.{story}' # e.g., "1.3"
-  - story_path: '{devStoryLocation}/{epic}.{story}.*.md' # Path from core-config.yaml
-  - story_title: '{title}' # If missing, derive from story file H1
-  - story_slug: '{slug}' # If missing, derive from title (lowercase, hyphenated)
+  - story_id: "{epic}.{story}" # e.g., "1.3"
+  - story_path: "{devStoryLocation}/{epic}.{story}.*.md" # Path from core-config.yaml
+  - story_title: "{title}" # If missing, derive from story file H1
+  - story_slug: "{slug}" # If missing, derive from title (lowercase, hyphenated)
 ```
 
 ## Purpose
@@ -64,13 +64,13 @@ For each identified test need, create:
 
 ```yaml
 test_scenario:
-  id: '{epic}.{story}-{LEVEL}-{SEQ}'
-  requirement: 'AC reference'
+  id: "{epic}.{story}-{LEVEL}-{SEQ}"
+  requirement: "AC reference"
   priority: P0|P1|P2|P3
   level: unit|integration|e2e
-  description: 'What is being tested'
-  justification: 'Why this level was chosen'
-  mitigates_risks: ['RISK-001'] # If risk profile exists
+  description: "What is being tested"
+  justification: "Why this level was chosen"
+  mitigates_risks: ["RISK-001"] # If risk profile exists
 ```
 
 ### 5. Validate Coverage

package/xiaoma-core/tasks/trace-requirements.md

@@ -33,21 +33,21 @@ Identify all testable requirements from:
 For each requirement, document which tests validate it. Use Given-When-Then to describe what the test validates (not how it's written):
 
 ```yaml
-requirement: 'AC1: User can login with valid credentials'
+requirement: "AC1: User can login with valid credentials"
 test_mappings:
-  - test_file: 'auth/login.test.ts'
-    test_case: 'should successfully login with valid email and password'
+  - test_file: "auth/login.test.ts"
+    test_case: "should successfully login with valid email and password"
     # Given-When-Then describes WHAT the test validates, not HOW it's coded
-    given: 'A registered user with valid credentials'
-    when: 'They submit the login form'
-    then: 'They are redirected to dashboard and session is created'
+    given: "A registered user with valid credentials"
+    when: "They submit the login form"
+    then: "They are redirected to dashboard and session is created"
     coverage: full
 
-  - test_file: 'e2e/auth-flow.test.ts'
-    test_case: 'complete login flow'
-    given: 'User on login page'
-    when: 'Entering valid credentials and submitting'
-    then: 'Dashboard loads with user data'
+  - test_file: "e2e/auth-flow.test.ts"
+    test_case: "complete login flow"
+    given: "User on login page"
+    when: "Entering valid credentials and submitting"
+    then: "Dashboard loads with user data"
     coverage: integration
 ```
 
@@ -69,19 +69,19 @@ Document any gaps found:
 
 ```yaml
 coverage_gaps:
-  - requirement: 'AC3: Password reset email sent within 60 seconds'
-    gap: 'No test for email delivery timing'
+  - requirement: "AC3: Password reset email sent within 60 seconds"
+    gap: "No test for email delivery timing"
     severity: medium
     suggested_test:
       type: integration
-      description: 'Test email service SLA compliance'
+      description: "Test email service SLA compliance"
 
-  - requirement: 'AC5: Support 1000 concurrent users'
-    gap: 'No load testing implemented'
+  - requirement: "AC5: Support 1000 concurrent users"
+    gap: "No load testing implemented"
     severity: high
     suggested_test:
       type: performance
-      description: 'Load test with 1000 concurrent connections'
+      description: "Load test with 1000 concurrent connections"
 ```
 
 ## Outputs
@@ -97,11 +97,11 @@ trace:
     full: Y
     partial: Z
     none: W
-  planning_ref: 'qa.qaLocation/assessments/{epic}.{story}-test-design-{YYYYMMDD}.md'
+  planning_ref: "qa.qaLocation/assessments/{epic}.{story}-test-design-{YYYYMMDD}.md"
   uncovered:
-    - ac: 'AC3'
-      reason: 'No test found for password reset timing'
-  notes: 'See qa.qaLocation/assessments/{epic}.{story}-trace-{YYYYMMDD}.md'
+    - ac: "AC3"
+      reason: "No test found for password reset timing"
+  notes: "See qa.qaLocation/assessments/{epic}.{story}-trace-{YYYYMMDD}.md"
 ```
 
 ### Output 2: Traceability Report

package/xiaoma-core/templates/competitor-analysis-tmpl.yaml

@@ -152,11 +152,29 @@ sections:
         rows:
           - category: "核心功能"
             items:
-              - ["功能A", "{{status}}", "{{status}}", "{{status}}", "{{status}}"]
-              - ["功能B", "{{status}}", "{{status}}", "{{status}}", "{{status}}"]
+              - [
+                  "功能A",
+                  "{{status}}",
+                  "{{status}}",
+                  "{{status}}",
+                  "{{status}}",
+                ]
+              - [
+                  "功能B",
+                  "{{status}}",
+                  "{{status}}",
+                  "{{status}}",
+                  "{{status}}",
+                ]
           - category: "用户体验"
             items:
-              - ["移动应用", "{{rating}}", "{{rating}}", "{{rating}}", "{{rating}}"]
+              - [
+                  "移动应用",
+                  "{{rating}}",
+                  "{{rating}}",
+                  "{{rating}}",
+                  "{{rating}}",
+                ]
               - ["上手时间", "{{time}}", "{{time}}", "{{time}}", "{{time}}"]
           - category: "集成与生态系统"
             items:
@@ -167,11 +185,23 @@ sections:
                   "{{availability}}",
                   "{{availability}}",
                 ]
-              - ["第三方集成", "{{number}}", "{{number}}", "{{number}}", "{{number}}"]
+              - [
+                  "第三方集成",
+                  "{{number}}",
+                  "{{number}}",
+                  "{{number}}",
+                  "{{number}}",
+                ]
           - category: "定价与计划"
             items:
               - ["起步价", "{{price}}", "{{price}}", "{{price}}", "{{price}}"]
-              - ["免费套餐", "{{yes_no}}", "{{yes_no}}", "{{yes_no}}", "{{yes_no}}"]
+              - [
+                  "免费套餐",
+                  "{{yes_no}}",
+                  "{{yes_no}}",
+                  "{{yes_no}}",
+                  "{{yes_no}}",
+                ]
       - id: swot-comparison
         title: SWOT 对比
         instruction: 为你的解决方案与主要竞争对手创建 SWOT 分析

package/xiaoma-core/templates/front-end-architecture-tmpl.yaml

@@ -73,17 +73,83 @@ sections:
         columns: [类别, 技术, 版本, 用途, 选型理由]
         instruction: 根据所选框架和项目需求，填写适当的技术选型。
         rows:
-          - ["框架", "{{framework}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["UI 库", "{{ui_library}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["状态管理", "{{state_management}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["路由", "{{routing_library}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["构建工具", "{{build_tool}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["样式方案", "{{styling_solution}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["测试", "{{test_framework}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["组件库", "{{component_lib}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["表单处理", "{{form_library}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["动画", "{{animation_lib}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
-          - ["开发工具", "{{dev_tools}}", "{{version}}", "{{purpose}}", "{{why_chosen}}"]
+          - [
+              "框架",
+              "{{framework}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "UI 库",
+              "{{ui_library}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "状态管理",
+              "{{state_management}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "路由",
+              "{{routing_library}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "构建工具",
+              "{{build_tool}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "样式方案",
+              "{{styling_solution}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "测试",
+              "{{test_framework}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "组件库",
+              "{{component_lib}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "表单处理",
+              "{{form_library}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "动画",
+              "{{animation_lib}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
+          - [
+              "开发工具",
+              "{{dev_tools}}",
+              "{{version}}",
+              "{{purpose}}",
+              "{{why_chosen}}",
+            ]
 
   - id: project-structure
     title: 项目结构

package/xiaoma-core/templates/front-end-spec-tmpl.yaml

@@ -279,7 +279,12 @@ sections:
         rows:
           - ["移动端", "{{mobile_min}}", "{{mobile_max}}", "{{mobile_devices}}"]
           - ["平板", "{{tablet_min}}", "{{tablet_max}}", "{{tablet_devices}}"]
-          - ["桌面端", "{{desktop_min}}", "{{desktop_max}}", "{{desktop_devices}}"]
+          - [
+              "桌面端",
+              "{{desktop_min}}",
+              "{{desktop_max}}",
+              "{{desktop_devices}}",
+            ]
           - ["宽屏", "{{wide_min}}", "-", "{{wide_devices}}"]
       - id: adaptation-patterns
         title: 适配模式