ai-sprint-kit 1.3.0 → 2.0.0

package/templates/.claude/commands/ai-sprint-auto.md

@@ -1,150 +0,0 @@
----
-description: Automatic full development cycle (plan → code → test → review → secure)
-argument-hint: [feature description]
----
-
-**ULTRATHINK** - Execute complete autonomous development workflow.
-
-**Objective:** $ARGUMENTS
-
-## MANDATORY Workflow Execution
-
-**CRITICAL:** You MUST execute each phase in order. Do NOT skip to coding.
-
----
-
-### Phase 1: Planning (MANDATORY - Execute First)
-
-**⚠️ STOP! Before ANY code, execute `/ai-sprint-plan` command:**
-
-```
-/ai-sprint-plan "$ARGUMENTS"
-```
-
-The `/ai-sprint-plan` command will:
-1. Research best practices and approaches
-2. Ask clarifying questions if needed
-3. Create implementation plan with architecture
-4. Save plan to `ai_context/ai-sprint-plans/`
-
-**Validation Gate:** Plan MUST exist before proceeding.
-- Check: `ai_context/ai-sprint-plans/` has new plan directory
-- If NO plan exists → STOP and run `/ai-sprint-plan` first
-
----
-
-### Phase 2: Implementation
-
-Only after plan exists, execute:
-```
-/ai-sprint-code "implement the plan at ai_context/ai-sprint-plans/{plan-path}"
-```
-
-**Requirements:**
-- Follow the plan phases step by step
-- Generate production-quality code
-- Follow security best practices (OWASP Top 10)
-- Handle errors properly (no silent failures)
-
----
-
-### Phase 3: Testing
-
-After implementation, execute:
-```
-/ai-sprint-test
-```
-
-**Requirements:**
-- Generate unit tests for business logic
-- Generate integration tests for APIs
-- Ensure >80% code coverage
-- All tests must pass
-
-**Validation Gate:** Tests must pass before proceeding.
-- If tests fail → Fix issues → Rerun `/ai-sprint-test`
-- Do NOT proceed with failing tests
-
----
-
-### Phase 4: Code Review
-
-After tests pass, execute:
-```
-/ai-sprint-review
-```
-
-**Requirements:**
-- Code quality analysis (YAGNI, KISS, DRY)
-- Best practices verification
-- No critical issues allowed
-
-**Validation Gate:** Review must pass.
-- If critical issues → Fix → Rerun `/ai-sprint-review`
-
----
-
-### Phase 5: Security Scan
-
-After review passes, execute:
-```
-/ai-sprint-secure
-```
-
-**Requirements:**
-- SAST scanning for vulnerabilities
-- Secret detection (no hardcoded credentials)
-- Dependency vulnerability check
-
-**Validation Gate:** No high/critical security issues.
-- If issues found → Fix → Rerun `/ai-sprint-secure`
-
----
-
-### Phase 6: Documentation
-
-After security passes, execute:
-```
-/ai-sprint-docs
-```
-
-**Requirements:**
-- Update relevant documentation
-- Add code comments where needed
-- Generate API docs if applicable
-
----
-
-## Human-in-the-Loop Gates
-
-Pause and ask for approval before:
-- Deployment actions
-- Infrastructure changes
-- Critical security vulnerability fixes
-- Database schema migrations
-
-## Success Criteria
-
-All gates must pass:
-- ✅ Plan created and approved
-- ✅ Code implemented per plan
-- ✅ Tests passing (>80% coverage)
-- ✅ Code review approved
-- ✅ Security scan clean
-- ✅ Documentation updated
-
-## Final Report
-
-After all phases complete, provide summary:
-1. What was implemented
-2. Test coverage achieved
-3. Security scan results
-4. Files created/modified
-5. Next steps (commit, deploy)
-
-## REMEMBER
-
-- **Phase 1 is MANDATORY** - Always run `/ai-sprint-plan` first
-- **No skipping** - Execute each phase in order
-- **Validation gates** - Do not proceed if a gate fails
-- **Fix and retry** - If any phase fails, fix issues and rerun

package/templates/.claude/commands/ai-sprint-code.md

@@ -1,316 +0,0 @@
----
-description: Generate or refactor code with best practices and security
-argument-hint: [plan-path or task description]
----
-
-**THINK HARDER** - Follow plan or implement with security-first approach.
-
-**Objective:** $ARGUMENTS
-
-## Workflow
-
-### Step 0: Check for Plan (IMPORTANT)
-
-**If argument contains a plan path (e.g., `ai_context/ai-sprint-plans/...`):**
-1. Read the plan: `plan.md` and `phase-*.md` files
-2. Follow implementation phases in order
-3. Mark phases complete as you progress
-
-**If no plan exists:**
-- Ask: "No plan found. Run `/ai-sprint-plan` first or proceed with direct implementation?"
-- If direct implementation requested, continue to Step 1
-
----
-
-### Step 1: Understand Requirements
-
-- Read plan phases if available
-- Clarify what needs to be built or refactored
-- Ask questions if requirements unclear
-- Identify affected files and components
-
----
-
-### Step 2: Delegate to Implementer Agent
-
-```
-Task(subagent_type="implementer", prompt="Implement: $ARGUMENTS. Follow security-first principles, YAGNI/KISS/DRY. Handle errors properly.", description="Implement code")
-```
-
-Agent responsibilities:
-- Follow plan phases if provided
-- Security-first implementation
-- Proper error handling
-- Type safety
-
-### 3. Code Generation
-- Generate clean, maintainable code
-- Follow YAGNI, KISS, DRY principles
-- Include proper TypeScript types
-- Add necessary error handling
-- Implement input validation
-
-### 4. Security Checklist
-**Automatically enforced:**
-- ✅ No hardcoded secrets
-- ✅ Input validation on all user inputs
-- ✅ Parameterized queries (no SQL injection)
-- ✅ Output encoding (no XSS)
-- ✅ Proper authentication/authorization
-- ✅ Error messages don't leak information
-- ✅ OWASP Top 10 compliance
-
-### 5. Quality Standards
-**Code must be:**
-- ✅ Type-safe (TypeScript/proper types)
-- ✅ Well-structured (clear responsibilities)
-- ✅ Properly tested (test cases generated)
-- ✅ Documented (comments where needed)
-- ✅ Performance-optimized (no N+1 queries)
-
-## Code Generation Principles
-
-### Security-First
-```typescript
-// ✅ Good - Secure
-export async function createUser(data: CreateUserInput) {
-  // Input validation
-  const validated = validateUserInput(data);
-
-  // Parameterized query (no SQL injection)
-  const user = await db.users.create({
-    data: {
-      email: validated.email,
-      password: await hash(validated.password, 10)
-    }
-  });
-
-  return user;
-}
-
-// ❌ Bad - Insecure
-export async function createUser(email, password) {
-  const query = `INSERT INTO users (email, password) VALUES ('${email}', '${password}')`;
-  await db.query(query); // SQL injection!
-  return email;
-}
-```
-
-### Error Handling
-```typescript
-// ✅ Good
-export async function getUser(id: string) {
-  try {
-    const user = await db.users.findUnique({ where: { id } });
-
-    if (!user) {
-      throw new NotFoundError(`User ${id} not found`);
-    }
-
-    return user;
-  } catch (error) {
-    logger.error('Failed to get user', { error, id });
-    throw error;
-  }
-}
-
-// ❌ Bad - No error handling
-export async function getUser(id) {
-  return await db.users.findUnique({ where: { id } });
-}
-```
-
-### Type Safety
-```typescript
-// ✅ Good - Typed
-interface CreateUserInput {
-  email: string;
-  password: string;
-  name?: string;
-}
-
-export async function createUser(data: CreateUserInput): Promise<User> {
-  // Implementation
-}
-
-// ❌ Bad - No types
-export async function createUser(data) {
-  // Implementation
-}
-```
-
-## Examples
-
-### Example 1: API Endpoint
-```
-/ai-sprint-code "create REST API endpoint for user registration with email verification"
-```
-
-**Generated:**
-```typescript
-// api/auth/register/route.ts
-import { hash } from 'bcrypt';
-import { z } from 'zod';
-
-const registerSchema = z.object({
-  email: z.string().email(),
-  password: z.string().min(8),
-  name: z.string().min(1)
-});
-
-export async function POST(request: Request) {
-  try {
-    const body = await request.json();
-
-    // Input validation
-    const validated = registerSchema.parse(body);
-
-    // Check if user exists
-    const existing = await db.users.findUnique({
-      where: { email: validated.email }
-    });
-
-    if (existing) {
-      return Response.json(
-        { error: 'Email already registered' },
-        { status: 400 }
-      );
-    }
-
-    // Create user
-    const user = await db.users.create({
-      data: {
-        email: validated.email,
-        password: await hash(validated.password, 10),
-        name: validated.name,
-        verified: false
-      }
-    });
-
-    // Send verification email
-    await sendVerificationEmail(user.email, user.id);
-
-    return Response.json({
-      message: 'Registration successful. Check your email to verify.'
-    }, { status: 201 });
-
-  } catch (error) {
-    if (error instanceof z.ZodError) {
-      return Response.json(
-        { error: 'Invalid input', details: error.errors },
-        { status: 400 }
-      );
-    }
-
-    logger.error('Registration failed', { error });
-    return Response.json(
-      { error: 'Internal server error' },
-      { status: 500 }
-    );
-  }
-}
-```
-
-### Example 2: Refactoring
-```
-/ai-sprint-code "refactor this callback-based code to use async/await"
-```
-
-**Before:**
-```javascript
-function getUser(id, callback) {
-  db.query('SELECT * FROM users WHERE id = ?', [id], (err, result) => {
-    if (err) return callback(err);
-    callback(null, result);
-  });
-}
-```
-
-**After:**
-```typescript
-async function getUser(id: string): Promise<User> {
-  const user = await db.users.findUnique({
-    where: { id }
-  });
-
-  if (!user) {
-    throw new NotFoundError(`User ${id} not found`);
-  }
-
-  return user;
-}
-```
-
-## Output
-
-### Code Generated
-- Clean, production-ready code
-- Following project conventions
-- With proper error handling
-- Type-safe and secure
-
-### Tests Suggested
-- Unit tests for business logic
-- Integration tests for APIs
-- Edge cases covered
-
-### Documentation Added
-- Function/class comments
-- Usage examples
-- API endpoint docs (if applicable)
-
-## Next Steps
-
-After `/ai-sprint-code` completion:
-1. Review generated code
-2. Run `/ai-sprint-test` to generate tests
-3. Run `/ai-sprint-review` for quality check
-4. Run `/ai-sprint-secure` for security scan
-5. Commit changes
-
-## Common Use Cases
-
-### New Features
-```
-/ai-sprint-code "add pagination to the products API"
-/ai-sprint-code "implement password reset functionality"
-/ai-sprint-code "create admin dashboard with user management"
-```
-
-### Refactoring
-```
-/ai-sprint-code "convert class components to functional components"
-/ai-sprint-code "split this 500-line file into smaller modules"
-/ai-sprint-code "replace REST with GraphQL for user API"
-```
-
-### Bug Fixes
-```
-/ai-sprint-code "fix the race condition in payment processing"
-/ai-sprint-code "resolve memory leak in WebSocket handler"
-```
-
-### Performance
-```
-/ai-sprint-code "optimize this N+1 query problem"
-/ai-sprint-code "add caching to frequently accessed data"
-/ai-sprint-code "implement lazy loading for images"
-```
-
-## Remember
-
-**Code generation follows:**
-- Security-first approach
-- YAGNI, KISS, DRY principles
-- Production-grade quality
-- Comprehensive error handling
-- Type safety
-- Performance optimization
-- Best practices (2025)
-
-**Never generates:**
-- Hardcoded secrets
-- Unsafe SQL queries
-- Unvalidated user inputs
-- Missing error handling
-- Type-unsafe code