npm - autoworkflow - Versions diffs - 3.1.5 → 3.5.0 - Mend

autoworkflow 3.1.5 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/.claude/commands/analyze.md +19 -0
package/.claude/commands/audit.md +26 -0
package/.claude/commands/build.md +39 -0
package/.claude/commands/commit.md +25 -0
package/.claude/commands/fix.md +23 -0
package/.claude/commands/plan.md +18 -0
package/.claude/commands/suggest.md +23 -0
package/.claude/commands/verify.md +18 -0
package/.claude/hooks/post-bash-router.sh +20 -0
package/.claude/hooks/post-commit.sh +140 -0
package/.claude/hooks/pre-edit.sh +129 -0
package/.claude/hooks/session-check.sh +79 -0
package/.claude/settings.json +40 -6
package/.claude/settings.local.json +3 -1
package/.claude/skills/actix.md +337 -0
package/.claude/skills/alembic.md +504 -0
package/.claude/skills/angular.md +237 -0
package/.claude/skills/api-design.md +187 -0
package/.claude/skills/aspnet-core.md +377 -0
package/.claude/skills/astro.md +245 -0
package/.claude/skills/auth-clerk.md +327 -0
package/.claude/skills/auth-firebase.md +367 -0
package/.claude/skills/auth-nextauth.md +359 -0
package/.claude/skills/auth-supabase.md +368 -0
package/.claude/skills/axum.md +386 -0
package/.claude/skills/blazor.md +456 -0
package/.claude/skills/chi.md +348 -0
package/.claude/skills/code-review.md +133 -0
package/.claude/skills/csharp.md +296 -0
package/.claude/skills/css-modules.md +325 -0
package/.claude/skills/cypress.md +343 -0
package/.claude/skills/debugging.md +133 -0
package/.claude/skills/diesel.md +392 -0
package/.claude/skills/django.md +301 -0
package/.claude/skills/docker.md +319 -0
package/.claude/skills/doctrine.md +473 -0
package/.claude/skills/documentation.md +182 -0
package/.claude/skills/dotnet.md +409 -0
package/.claude/skills/drizzle.md +293 -0
package/.claude/skills/echo.md +321 -0
package/.claude/skills/eloquent.md +256 -0
package/.claude/skills/emotion.md +426 -0
package/.claude/skills/entity-framework.md +370 -0
package/.claude/skills/express.md +316 -0
package/.claude/skills/fastapi.md +329 -0
package/.claude/skills/fastify.md +299 -0
package/.claude/skills/fiber.md +315 -0
package/.claude/skills/flask.md +322 -0
package/.claude/skills/gin.md +342 -0
package/.claude/skills/git.md +116 -0
package/.claude/skills/github-actions.md +353 -0
package/.claude/skills/go.md +377 -0
package/.claude/skills/gorm.md +409 -0
package/.claude/skills/graphql.md +478 -0
package/.claude/skills/hibernate.md +379 -0
package/.claude/skills/hono.md +306 -0
package/.claude/skills/java.md +400 -0
package/.claude/skills/jest.md +313 -0
package/.claude/skills/jpa.md +282 -0
package/.claude/skills/kotlin.md +347 -0
package/.claude/skills/kubernetes.md +363 -0
package/.claude/skills/laravel.md +414 -0
package/.claude/skills/mcp-browser.md +320 -0
package/.claude/skills/mcp-database.md +219 -0
package/.claude/skills/mcp-fetch.md +241 -0
package/.claude/skills/mcp-filesystem.md +204 -0
package/.claude/skills/mcp-github.md +217 -0
package/.claude/skills/mcp-memory.md +240 -0
package/.claude/skills/mcp-search.md +218 -0
package/.claude/skills/mcp-slack.md +262 -0
package/.claude/skills/micronaut.md +388 -0
package/.claude/skills/mongodb.md +319 -0
package/.claude/skills/mongoose.md +355 -0
package/.claude/skills/mysql.md +281 -0
package/.claude/skills/nestjs.md +335 -0
package/.claude/skills/nextjs-app-router.md +260 -0
package/.claude/skills/nextjs-pages.md +172 -0
package/.claude/skills/nuxt.md +202 -0
package/.claude/skills/openapi.md +489 -0
package/.claude/skills/performance.md +199 -0
package/.claude/skills/php.md +398 -0
package/.claude/skills/playwright.md +371 -0
package/.claude/skills/postgresql.md +257 -0
package/.claude/skills/prisma.md +293 -0
package/.claude/skills/pydantic.md +304 -0
package/.claude/skills/pytest.md +313 -0
package/.claude/skills/python.md +272 -0
package/.claude/skills/quarkus.md +377 -0
package/.claude/skills/react.md +230 -0
package/.claude/skills/redis.md +391 -0
package/.claude/skills/refactoring.md +143 -0
package/.claude/skills/remix.md +246 -0
package/.claude/skills/rest-api.md +490 -0
package/.claude/skills/rocket.md +366 -0
package/.claude/skills/rust.md +341 -0
package/.claude/skills/sass.md +380 -0
package/.claude/skills/sea-orm.md +382 -0
package/.claude/skills/security.md +167 -0
package/.claude/skills/sequelize.md +395 -0
package/.claude/skills/spring-boot.md +416 -0
package/.claude/skills/sqlalchemy.md +269 -0
package/.claude/skills/sqlx-rust.md +408 -0
package/.claude/skills/state-jotai.md +346 -0
package/.claude/skills/state-mobx.md +353 -0
package/.claude/skills/state-pinia.md +431 -0
package/.claude/skills/state-redux.md +337 -0
package/.claude/skills/state-tanstack-query.md +434 -0
package/.claude/skills/state-zustand.md +340 -0
package/.claude/skills/styled-components.md +403 -0
package/.claude/skills/svelte.md +238 -0
package/.claude/skills/sveltekit.md +207 -0
package/.claude/skills/symfony.md +437 -0
package/.claude/skills/tailwind.md +279 -0
package/.claude/skills/terraform.md +394 -0
package/.claude/skills/testing-library.md +371 -0
package/.claude/skills/trpc.md +426 -0
package/.claude/skills/typeorm.md +368 -0
package/.claude/skills/vitest.md +330 -0
package/.claude/skills/vue.md +202 -0
package/.claude/skills/warp.md +365 -0
package/README.md +135 -52
package/package.json +1 -1
package/system/triggers.md +152 -11

package/.claude/skills/chi.md ADDED Viewed

@@ -0,0 +1,348 @@
+# Chi Router Skill
+## Application Setup
+\`\`\`go
+package main
+import (
+    "context"
+    "encoding/json"
+    "log"
+    "net/http"
+    "time"
+    "github.com/go-chi/chi/v5"
+    "github.com/go-chi/chi/v5/middleware"
+    "github.com/go-chi/cors"
+    "github.com/go-chi/httprate"
+)
+func main() {
+    r := chi.NewRouter()
+    // Global middleware stack
+    r.Use(middleware.RequestID)
+    r.Use(middleware.RealIP)
+    r.Use(middleware.Logger)
+    r.Use(middleware.Recoverer)
+    r.Use(middleware.Timeout(30 * time.Second))
+    r.Use(cors.Handler(cors.Options{
+        AllowedOrigins:   []string{"*"},
+        AllowedMethods:   []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
+        AllowedHeaders:   []string{"Authorization", "Content-Type"},
+        AllowCredentials: true,
+        MaxAge:           300,
+    }))
+    // Health check
+    r.Get("/health", func(w http.ResponseWriter, r *http.Request) {
+        respondJSON(w, http.StatusOK, map[string]string{"status": "ok"})
+    })
+    // Mount routes
+    r.Mount("/api/v1", apiRouter())
+    log.Println("Server starting on :8080")
+    log.Fatal(http.ListenAndServe(":8080", r))
+}
+\`\`\`
+## Route Groups and Subrouters
+\`\`\`go
+func apiRouter() http.Handler {
+    r := chi.NewRouter()
+    // Public routes
+    r.Group(func(r chi.Router) {
+        r.Post("/auth/login", loginHandler)
+        r.Post("/auth/register", registerHandler)
+    })
+    // Protected routes
+    r.Group(func(r chi.Router) {
+        r.Use(AuthMiddleware)
+        // Users routes
+        r.Route("/users", func(r chi.Router) {
+            r.Get("/", listUsersHandler)
+            r.Post("/", createUserHandler)
+            r.Route("/{userID}", func(r chi.Router) {
+                r.Use(UserCtx)  // Load user into context
+                r.Get("/", getUserHandler)
+                r.Put("/", updateUserHandler)
+                r.Delete("/", deleteUserHandler)
+            })
+        })
+        // Posts routes with rate limiting
+        r.Route("/posts", func(r chi.Router) {
+            r.Use(httprate.LimitByIP(10, time.Minute))
+            r.Get("/", listPostsHandler)
+            r.Post("/", createPostHandler)
+            r.Route("/{postID}", func(r chi.Router) {
+                r.Use(PostCtx)
+                r.Get("/", getPostHandler)
+                r.Put("/", updatePostHandler)
+                r.Delete("/", deletePostHandler)
+            })
+        })
+    })
+    return r
+}
+\`\`\`
+## Context Middleware Pattern
+\`\`\`go
+// Context keys
+type contextKey string
+const (
+    userCtxKey contextKey = "user"
+    postCtxKey contextKey = "post"
+)
+// UserCtx loads user from URL param into context
+func UserCtx(next http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        userID := chi.URLParam(r, "userID")
+        user, err := userService.GetByID(r.Context(), userID)
+        if err != nil {
+            if errors.Is(err, ErrNotFound) {
+                respondError(w, http.StatusNotFound, "user not found")
+                return
+            }
+            respondError(w, http.StatusInternalServerError, "internal error")
+            return
+        }
+        ctx := context.WithValue(r.Context(), userCtxKey, user)
+        next.ServeHTTP(w, r.WithContext(ctx))
+    })
+}
+// Helper to get user from context
+func UserFromContext(ctx context.Context) *model.User {
+    user, _ := ctx.Value(userCtxKey).(*model.User)
+    return user
+}
+// Handler using context
+func getUserHandler(w http.ResponseWriter, r *http.Request) {
+    user := UserFromContext(r.Context())
+    respondJSON(w, http.StatusOK, user)
+}
+\`\`\`
+## Request Handling
+\`\`\`go
+type CreateUserRequest struct {
+    Email    string \`json:"email" validate:"required,email"\`
+    Name     string \`json:"name" validate:"required,min=2,max=100"\`
+    Password string \`json:"password" validate:"required,min=8"\`
+}
+type QueryParams struct {
+    Page    int    \`json:"page"\`
+    PerPage int    \`json:"per_page"\`
+    Sort    string \`json:"sort"\`
+}
+func createUserHandler(w http.ResponseWriter, r *http.Request) {
+    var req CreateUserRequest
+    if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+        respondError(w, http.StatusBadRequest, "invalid request body")
+        return
+    }
+    if err := validate.Struct(&req); err != nil {
+        respondError(w, http.StatusBadRequest, formatValidationErrors(err))
+        return
+    }
+    user, err := userService.Create(r.Context(), req)
+    if err != nil {
+        handleError(w, err)
+        return
+    }
+    respondJSON(w, http.StatusCreated, user)
+}
+func listUsersHandler(w http.ResponseWriter, r *http.Request) {
+    // Parse query params
+    page, _ := strconv.Atoi(r.URL.Query().Get("page"))
+    perPage, _ := strconv.Atoi(r.URL.Query().Get("per_page"))
+    if page == 0 {
+        page = 1
+    }
+    if perPage == 0 {
+        perPage = 20
+    }
+    users, total, err := userService.List(r.Context(), page, perPage)
+    if err != nil {
+        handleError(w, err)
+        return
+    }
+    respondJSON(w, http.StatusOK, map[string]interface{}{
+        "data":     users,
+        "total":    total,
+        "page":     page,
+        "per_page": perPage,
+    })
+}
+\`\`\`
+## Auth Middleware
+\`\`\`go
+type authContextKey struct{}
+type AuthInfo struct {
+    UserID string
+    Role   string
+}
+func AuthMiddleware(next http.Handler) http.Handler {
+    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+        authHeader := r.Header.Get("Authorization")
+        if authHeader == "" {
+            respondError(w, http.StatusUnauthorized, "missing authorization header")
+            return
+        }
+        tokenString := strings.TrimPrefix(authHeader, "Bearer ")
+        claims, err := validateToken(tokenString)
+        if err != nil {
+            respondError(w, http.StatusUnauthorized, "invalid token")
+            return
+        }
+        // Store auth info in context
+        authInfo := &AuthInfo{
+            UserID: claims.UserID,
+            Role:   claims.Role,
+        }
+        ctx := context.WithValue(r.Context(), authContextKey{}, authInfo)
+        next.ServeHTTP(w, r.WithContext(ctx))
+    })
+}
+func AuthFromContext(ctx context.Context) *AuthInfo {
+    auth, _ := ctx.Value(authContextKey{}).(*AuthInfo)
+    return auth
+}
+\`\`\`
+## Response Helpers
+\`\`\`go
+func respondJSON(w http.ResponseWriter, status int, data interface{}) {
+    w.Header().Set("Content-Type", "application/json")
+    w.WriteHeader(status)
+    if data != nil {
+        json.NewEncoder(w).Encode(data)
+    }
+}
+func respondError(w http.ResponseWriter, status int, message interface{}) {
+    respondJSON(w, status, map[string]interface{}{"error": message})
+}
+func handleError(w http.ResponseWriter, err error) {
+    switch {
+    case errors.Is(err, ErrNotFound):
+        respondError(w, http.StatusNotFound, "resource not found")
+    case errors.Is(err, ErrUnauthorized):
+        respondError(w, http.StatusUnauthorized, "unauthorized")
+    case errors.Is(err, ErrForbidden):
+        respondError(w, http.StatusForbidden, "forbidden")
+    case errors.Is(err, ErrConflict):
+        respondError(w, http.StatusConflict, "resource already exists")
+    default:
+        log.Printf("internal error: %v", err)
+        respondError(w, http.StatusInternalServerError, "internal server error")
+    }
+}
+\`\`\`
+## Testing
+\`\`\`go
+package handler_test
+import (
+    "bytes"
+    "encoding/json"
+    "net/http"
+    "net/http/httptest"
+    "testing"
+    "github.com/go-chi/chi/v5"
+    "github.com/stretchr/testify/assert"
+)
+func setupTestRouter() *chi.Mux {
+    r := chi.NewRouter()
+    r.Mount("/api/v1", apiRouter())
+    return r
+}
+func TestCreateUser(t *testing.T) {
+    router := setupTestRouter()
+    tests := []struct {
+        name       string
+        body       map[string]interface{}
+        wantStatus int
+    }{
+        {
+            name: "valid user",
+            body: map[string]interface{}{
+                "email":    "test@example.com",
+                "name":     "Test User",
+                "password": "password123",
+            },
+            wantStatus: http.StatusCreated,
+        },
+        {
+            name: "missing email",
+            body: map[string]interface{}{
+                "name":     "Test User",
+                "password": "password123",
+            },
+            wantStatus: http.StatusBadRequest,
+        },
+    }
+    for _, tt := range tests {
+        t.Run(tt.name, func(t *testing.T) {
+            body, _ := json.Marshal(tt.body)
+            req := httptest.NewRequest("POST", "/api/v1/users", bytes.NewBuffer(body))
+            req.Header.Set("Content-Type", "application/json")
+            rec := httptest.NewRecorder()
+            router.ServeHTTP(rec, req)
+            assert.Equal(t, tt.wantStatus, rec.Code)
+        })
+    }
+}
+\`\`\`
+## ✅ DO
+- Use \`chi.URLParam()\` to get URL parameters
+- Use context middleware pattern for loading resources
+- Use \`r.Group()\` for applying middleware to route groups
+- Use \`r.Mount()\` for modular subrouters
+- Use \`middleware.Timeout\` to prevent hanging requests
+- Pass \`r.Context()\` to service layer
+## ❌ DON'T
+- Don't forget to call \`next.ServeHTTP()\` in middleware
+- Don't use global state - pass dependencies through context or closures
+- Don't ignore errors from \`json.NewDecoder().Decode()\`
+- Don't write to response after calling \`next.ServeHTTP()\`

package/.claude/skills/code-review.md ADDED Viewed

@@ -0,0 +1,133 @@
+# Code Review Skill
+## PR Size Guidelines
+- **Ideal**: < 400 lines changed
+- **Acceptable**: 400-800 lines
+- **Too Large**: > 800 lines (request split)
+- **Exception**: Generated files, migrations, dependencies
+## Review Checklist
+### Correctness
+- [ ] Does the code do what it's supposed to?
+- [ ] Are edge cases handled?
+- [ ] Are error cases handled?
+- [ ] Does it match the requirements/ticket?
+### Security (OWASP Top 10)
+- [ ] Input validation present? (Injection prevention)
+- [ ] Authentication/authorization correct?
+- [ ] No sensitive data exposure? (logs, errors, responses)
+- [ ] No SQL injection risks? (parameterized queries)
+- [ ] No XSS vulnerabilities? (output encoding)
+- [ ] Secrets not hardcoded? (use env vars)
+- [ ] CSRF protection for state-changing operations?
+- [ ] Dependencies up to date? (known vulnerabilities)
+### Performance
+- [ ] No N+1 queries?
+- [ ] Large lists paginated?
+- [ ] Expensive operations cached?
+- [ ] No blocking operations in hot paths?
+- [ ] Indexes added for new queries?
+### Maintainability
+- [ ] Code is readable?
+- [ ] Functions are focused (single responsibility)?
+- [ ] Names are meaningful?
+- [ ] No magic numbers?
+- [ ] Complex logic has comments explaining "why"?
+### Testing
+- [ ] Tests cover happy path?
+- [ ] Tests cover error cases?
+- [ ] Tests are maintainable?
+- [ ] No flaky tests introduced?
+## Automation (Let Tools Handle These)
+\`\`\`yaml
+# .github/workflows/pr-checks.yml
+name: PR Checks
+on: [pull_request]
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: npm ci
+      - run: npm run lint        # Code style
+      - run: npm run typecheck   # Type errors
+      - run: npm run test        # Unit tests
+      - run: npm audit           # Security vulnerabilities
+\`\`\`
+## Giving Feedback
+### Feedback Prefixes
+\`\`\`markdown
+[MUST]    → Required change, blocking
+[SHOULD]  → Strong recommendation
+[NIT]     → Minor suggestion, non-blocking
+[Q]       → Question for clarification
+[PRAISE]  → Highlight good code
+\`\`\`
+### Good Feedback Examples
+\`\`\`markdown
+# ✅ GOOD FEEDBACK
+"[SHOULD] Consider using early return here to reduce nesting - it makes the happy path clearer"
+"[NIT] This could be extracted to a constant, but not blocking"
+"[Q] What happens if the user array is empty here?"
+"[PRAISE] Nice use of the builder pattern here!"
+# ❌ BAD FEEDBACK
+"This code is bad"
+"You should know better"
+"Why didn't you...?"
+\`\`\`
+## Response Templates
+### Requesting Changes
+\`\`\`markdown
+Thanks for the PR! I have a few suggestions:
+1. **Security**: [specific issue]
+2. **Performance**: [specific issue]
+Happy to discuss any of these!
+\`\`\`
+### Approving with Comments
+\`\`\`markdown
+LGTM! 🚀
+A few optional suggestions for future consideration:
+- [non-blocking suggestion]
+Nice work on [specific positive aspect].
+\`\`\`
+## Review Time Guidelines
+- Respond within 24 hours (business days)
+- Small PRs: Review immediately if possible
+- Large PRs: Schedule dedicated time
+- Time-box reviews: 30-60 min max per session
+## ❌ DON'T
+- Be harsh or personal
+- Nitpick style (use linters)
+- Approve without reading
+- Let PRs sit for days
+- Request changes without explanation
+## ✅ DO
+- Be specific and constructive
+- Explain the "why"
+- Suggest alternatives with code examples
+- Acknowledge good code
+- Use automation for style/formatting
+- Prioritize blocking issues first