npm - agentic-qe - Versions diffs - 3.6.4 → 3.6.5 - Mend

agentic-qe 3.6.4 → 3.6.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (69) hide show

package/.claude/helpers/v3/quality-criteria/evidence-classification.md ADDED Viewed

@@ -0,0 +1,116 @@
+# Evidence Classification Guide
+Guidelines for classifying evidence in Quality Criteria recommendations.
+## Evidence Types
+### Direct Evidence
+**Definition:** Actual code quote, explicit documentation statement, or measurable fact from source.
+**Requirements:**
+- Must include `file_path:line_range` reference (e.g., `src/auth/login.ts:45-52`)
+- Line ranges should be narrow (max 10-15 lines)
+- Must quote or directly reference the source
+**Examples:**
+```
+Source: src/payment/processor.ts:123-128
+Type: Direct
+Finding: No input validation before API call
+Reasoning: Unvalidated input could enable injection attacks
+```
+### Inferred Evidence
+**Definition:** Logical deduction from observed patterns, architectural implications, or domain knowledge.
+**Requirements:**
+- Must show reasoning chain
+- Can use architectural implications
+- Should reference what was observed
+**Examples:**
+```
+Source: Architecture review of src/api/
+Type: Inferred
+Finding: No rate limiting middleware detected
+Reasoning: API endpoints could be vulnerable to DoS; need to verify with load testing
+```
+### Claimed Evidence
+**Definition:** Statement that requires verification - based on assumptions or incomplete data.
+**Requirements:**
+- Must state "requires verification" or "needs inspection to confirm"
+- Must NOT speculate about what "could" or "might" happen
+- Used when source is unavailable or claim needs validation
+**Examples:**
+```
+WRONG: "Could range from efficient to aggressive implementation"
+RIGHT: "Poll interval not specified - requires code inspection to verify"
+```
+## Evidence Table Format
+```html
+<table class="evidence-table">
+  <thead>
+    <tr>
+      <th>Source Reference</th>
+      <th>Type</th>
+      <th>Quality Implication</th>
+      <th>Reasoning</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td><code>src/auth/session.ts:89-94</code></td>
+      <td><span class="evidence-type direct">Direct</span></td>
+      <td>Session tokens stored without encryption</td>
+      <td class="evidence-reasoning">Credential exposure risk if storage is compromised</td>
+    </tr>
+  </tbody>
+</table>
+```
+## Source Reference Format
+### For Specific Code
+```
+file_path:start_line-end_line
+Example: src/agents/FleetCommanderAgent.ts:847-852
+```
+### For File-Level Metrics
+```
+file_path (metric)
+Example: src/agents/N8nBaseAgent.ts (683 LOC)
+```
+### For Search Results (No Matches)
+```
+N/A (verified via Glob/Grep search)
+- NOT: tests/**/n8n/**/*.test.ts (glob pattern)
+```
+## Reasoning Column Guidelines
+The Reasoning column must explain **WHY** something matters, not **WHAT** the code does.
+| WRONG (describes WHAT) | CORRECT (explains WHY) |
+|------------------------|------------------------|
+| "Retry logic with exponential backoff" | "Retry pattern handles transient failures; needs edge case testing for timeout exhaustion" |
+| "Session cookie stored in memory" | "Credential in memory could leak if agent state is serialized to logs" |
+| "getWorkflow supports forceRefresh flag" | "Cache bypass prevents stale data; but increases load on source system" |
+**Formula:**
+```
+{What the code does} → {Why that matters for quality} → {What could go wrong}
+```
+## Prohibited Patterns
+- **No confidence percentages**: Use evidence types instead of "85% confident"
+- **No vague blast radius**: Use "affects 19 agents" not "affects many"
+- **No speculation in Claimed**: Use "requires verification" not "could be X or Y"
+- **No keyword matching claims**: Show semantic reasoning, not keyword counts

package/.claude/helpers/v3/quality-criteria/htsm-categories.md ADDED Viewed

@@ -0,0 +1,139 @@
+# HTSM v6.3 Quality Criteria Categories
+James Bach's Heuristic Test Strategy Model (HTSM) v6.3 Quality Criteria framework.
+## 1. Capability
+**Can it perform the required functions?**
+| Subcategory | Focus |
+|-------------|-------|
+| Sufficiency | Does it do what it's supposed to? |
+| Correctness | Does it do it correctly? |
+**Priority Indicators:**
+- P0: Core business functionality
+- P1: Important features
+- P2: Secondary features
+- P3: Nice-to-have features
+## 2. Reliability
+**Will it work well and resist failure?**
+| Subcategory | Focus |
+|-------------|-------|
+| Robustness | Can it handle adverse conditions? |
+| Error Handling | Does it handle errors gracefully? |
+| Data Integrity | Is data protected from corruption? |
+| Safety | Does it avoid dangerous behaviors? |
+**Cannot be omitted** - All systems can fail.
+## 3. Usability
+**How easy is it for real users?**
+| Subcategory | Focus |
+|-------------|-------|
+| Learnability | How quickly can users learn? |
+| Operability | How easy to operate day-to-day? |
+| Accessibility | Can users with disabilities use it? |
+## 4. Charisma
+**How appealing is the product?**
+| Subcategory | Focus |
+|-------------|-------|
+| Aesthetics | Is it visually pleasing? |
+| Uniqueness | Does it stand out? |
+| Entrancement | Does it engage users? |
+| Image | Does it project the right brand? |
+**Note:** "Brand guidelines handled separately" is NOT a valid omission reason. Charisma is about UX testing, not brand documentation.
+## 5. Security
+**How well protected against unauthorized use?**
+| Subcategory | Focus |
+|-------------|-------|
+| Authentication | Who is using it? |
+| Authorization | What are they allowed to do? |
+| Privacy | Is personal data protected? |
+| Security Holes | Are there vulnerabilities? |
+**Cannot be omitted** - Every system has attack surface.
+## 6. Scalability
+**How well does deployment scale?**
+| Subcategory | Focus |
+|-------------|-------|
+| Load Handling | Behavior under increased demand |
+| Resource Efficiency | Resource usage at scale |
+## 7. Compatibility
+**Works with external components?**
+| Subcategory | Focus |
+|-------------|-------|
+| Application | Works with other applications? |
+| OS | Works with target operating systems? |
+| Hardware | Works with target hardware? |
+| Backward | Works with previous versions? |
+| Product Footprint | Resource requirements acceptable? |
+## 8. Performance
+**How speedy and responsive?**
+| Subcategory | Focus |
+|-------------|-------|
+| Response Time | Under various conditions |
+| Throughput | Data processing capacity |
+| Efficiency | Resource utilization |
+**Cannot be omitted** - Every system has response time.
+## 9. Installability
+**How easily installed?**
+| Subcategory | Focus |
+|-------------|-------|
+| System Requirements | Clear and achievable? |
+| Configuration | Easy to configure? |
+| Uninstallation | Clean removal? |
+| Upgrades/Patches | Easy to update? |
+| Administration | Easy to administer? |
+**Valid omission:** Pure SaaS/browser-based with no client installation.
+## 10. Development
+**How well can we create/test/modify?**
+| Subcategory | Focus |
+|-------------|-------|
+| Supportability | Easy to support? |
+| Testability | Easy to test? |
+| Maintainability | Easy to maintain? |
+| Portability | Easy to port? |
+| Localizability | Easy to localize? |
+**Cannot be omitted** - Always applies to software.
+---
+## Priority Assignment Guide
+| Priority | Definition | Example |
+|----------|------------|---------|
+| **P0 (Critical)** | Failure causes immediate business/user harm | Payment failures, data breaches |
+| **P1 (High)** | Critical to core user value proposition | Core features not working |
+| **P2 (Medium)** | Affects satisfaction but not blocking | Secondary features |
+| **P3 (Low)** | Nice-to-have improvements | Polish, edge case optimization |
+## Valid vs Invalid Omission Reasons
+| Category | Valid Omission | Invalid Omission |
+|----------|----------------|------------------|
+| Installability | "Pure SaaS, no client installation" | "Handled by ops team" |
+| Charisma | "CLI tool, visual design N/A" | "Brand guidelines separate" |
+| Compatibility | "Single-platform by contract" | "Will test on main browsers" |
+| Development | **NEVER** | "Team is experienced" |
+| Security | **NEVER** | "Internal system only" |