autoworkflow 3.1.5 → 3.6.0

package/.claude/skills/entity-framework.md

@@ -0,0 +1,370 @@
+# Entity Framework Core Skill
+
+## DbContext Configuration
+\`\`\`csharp
+public class AppDbContext : DbContext
+{
+    public AppDbContext(DbContextOptions<AppDbContext> options) : base(options) { }
+
+    public DbSet<User> Users => Set<User>();
+    public DbSet<Post> Posts => Set<Post>();
+    public DbSet<Comment> Comments => Set<Comment>();
+
+    protected override void OnModelCreating(ModelBuilder builder)
+    {
+        // Apply all configurations from assembly
+        builder.ApplyConfigurationsFromAssembly(typeof(AppDbContext).Assembly);
+    }
+
+    // Override SaveChanges for auditing
+    public override async Task<int> SaveChangesAsync(CancellationToken ct = default)
+    {
+        foreach (var entry in ChangeTracker.Entries<IAuditable>())
+        {
+            if (entry.State == EntityState.Added)
+            {
+                entry.Entity.CreatedAt = DateTime.UtcNow;
+            }
+            entry.Entity.UpdatedAt = DateTime.UtcNow;
+        }
+        return await base.SaveChangesAsync(ct);
+    }
+}
+
+// Registration in Program.cs
+builder.Services.AddDbContext<AppDbContext>(options =>
+    options.UseNpgsql(builder.Configuration.GetConnectionString("Default"))
+        .EnableSensitiveDataLogging(builder.Environment.IsDevelopment())
+        .EnableDetailedErrors(builder.Environment.IsDevelopment()));
+\`\`\`
+
+## Entity Configuration (Fluent API)
+\`\`\`csharp
+// User entity
+public class User
+{
+    public string Id { get; set; } = Guid.NewGuid().ToString();
+    public string Email { get; set; } = null!;
+    public string Name { get; set; } = null!;
+    public string PasswordHash { get; set; } = null!;
+    public bool IsActive { get; set; } = true;
+    public DateTime CreatedAt { get; set; }
+    public DateTime UpdatedAt { get; set; }
+
+    // Navigation properties
+    public Profile? Profile { get; set; }
+    public ICollection<Post> Posts { get; set; } = new List<Post>();
+    public ICollection<Role> Roles { get; set; } = new List<Role>();
+}
+
+// Configuration class
+public class UserConfiguration : IEntityTypeConfiguration<User>
+{
+    public void Configure(EntityTypeBuilder<User> builder)
+    {
+        builder.ToTable("users");
+
+        builder.HasKey(u => u.Id);
+
+        builder.Property(u => u.Email)
+            .HasMaxLength(255)
+            .IsRequired();
+
+        builder.HasIndex(u => u.Email)
+            .IsUnique();
+
+        builder.Property(u => u.Name)
+            .HasMaxLength(100)
+            .IsRequired();
+
+        builder.Property(u => u.PasswordHash)
+            .HasColumnName("password_hash")
+            .IsRequired();
+
+        // One-to-one
+        builder.HasOne(u => u.Profile)
+            .WithOne(p => p.User)
+            .HasForeignKey<Profile>(p => p.UserId)
+            .OnDelete(DeleteBehavior.Cascade);
+
+        // One-to-many
+        builder.HasMany(u => u.Posts)
+            .WithOne(p => p.Author)
+            .HasForeignKey(p => p.AuthorId)
+            .OnDelete(DeleteBehavior.Cascade);
+
+        // Many-to-many
+        builder.HasMany(u => u.Roles)
+            .WithMany(r => r.Users)
+            .UsingEntity<Dictionary<string, object>>(
+                "user_roles",
+                j => j.HasOne<Role>().WithMany().HasForeignKey("role_id"),
+                j => j.HasOne<User>().WithMany().HasForeignKey("user_id"));
+    }
+}
+\`\`\`
+
+## Migrations
+\`\`\`bash
+# Add migration
+dotnet ef migrations add CreateUsersTable
+
+# Update database
+dotnet ef database update
+
+# Generate SQL script
+dotnet ef migrations script -o migrations.sql
+
+# Revert to specific migration
+dotnet ef database update PreviousMigration
+
+# Remove last migration (if not applied)
+dotnet ef migrations remove
+\`\`\`
+
+## Queries
+\`\`\`csharp
+public class UserRepository : IUserRepository
+{
+    private readonly AppDbContext _context;
+
+    public UserRepository(AppDbContext context)
+    {
+        _context = context;
+    }
+
+    // Basic queries
+    public async Task<User?> GetByIdAsync(string id, CancellationToken ct = default)
+    {
+        return await _context.Users.FindAsync(new object[] { id }, ct);
+    }
+
+    public async Task<User?> GetByEmailAsync(string email, CancellationToken ct = default)
+    {
+        return await _context.Users
+            .FirstOrDefaultAsync(u => u.Email == email, ct);
+    }
+
+    // Eager loading
+    public async Task<User?> GetWithPostsAsync(string id, CancellationToken ct = default)
+    {
+        return await _context.Users
+            .Include(u => u.Posts)
+            .Include(u => u.Profile)
+            .FirstOrDefaultAsync(u => u.Id == id, ct);
+    }
+
+    // Filtered include
+    public async Task<User?> GetWithActivePostsAsync(string id, CancellationToken ct = default)
+    {
+        return await _context.Users
+            .Include(u => u.Posts.Where(p => p.Published))
+            .FirstOrDefaultAsync(u => u.Id == id, ct);
+    }
+
+    // Pagination
+    public async Task<(List<User> Users, int Total)> GetPagedAsync(
+        int page, int pageSize, CancellationToken ct = default)
+    {
+        var query = _context.Users.Where(u => u.IsActive);
+
+        var total = await query.CountAsync(ct);
+        var users = await query
+            .OrderByDescending(u => u.CreatedAt)
+            .Skip((page - 1) * pageSize)
+            .Take(pageSize)
+            .ToListAsync(ct);
+
+        return (users, total);
+    }
+
+    // Projection
+    public async Task<List<UserSummary>> GetSummariesAsync(CancellationToken ct = default)
+    {
+        return await _context.Users
+            .Where(u => u.IsActive)
+            .Select(u => new UserSummary(u.Id, u.Email, u.Name))
+            .ToListAsync(ct);
+    }
+
+    // Raw SQL
+    public async Task<List<User>> SearchAsync(string query, CancellationToken ct = default)
+    {
+        return await _context.Users
+            .FromSqlInterpolated($"SELECT * FROM users WHERE name ILIKE {'%' + query + '%'}")
+            .ToListAsync(ct);
+    }
+}
+
+public record UserSummary(string Id, string Email, string Name);
+\`\`\`
+
+## CRUD Operations
+\`\`\`csharp
+// Create
+public async Task<User> CreateAsync(CreateUserRequest request, CancellationToken ct = default)
+{
+    var user = new User
+    {
+        Email = request.Email,
+        Name = request.Name,
+        PasswordHash = HashPassword(request.Password)
+    };
+
+    _context.Users.Add(user);
+    await _context.SaveChangesAsync(ct);
+
+    return user;
+}
+
+// Update
+public async Task<User?> UpdateAsync(
+    string id, UpdateUserRequest request, CancellationToken ct = default)
+{
+    var user = await _context.Users.FindAsync(new object[] { id }, ct);
+    if (user is null) return null;
+
+    if (request.Name is not null)
+        user.Name = request.Name;
+    if (request.Email is not null)
+        user.Email = request.Email;
+
+    await _context.SaveChangesAsync(ct);
+    return user;
+}
+
+// Delete
+public async Task<bool> DeleteAsync(string id, CancellationToken ct = default)
+{
+    var user = await _context.Users.FindAsync(new object[] { id }, ct);
+    if (user is null) return false;
+
+    _context.Users.Remove(user);
+    await _context.SaveChangesAsync(ct);
+    return true;
+}
+
+// Bulk update
+public async Task DeactivateOldUsersAsync(DateTime before, CancellationToken ct = default)
+{
+    await _context.Users
+        .Where(u => u.CreatedAt < before && u.IsActive)
+        .ExecuteUpdateAsync(s => s.SetProperty(u => u.IsActive, false), ct);
+}
+
+// Bulk delete
+public async Task DeleteInactiveAsync(CancellationToken ct = default)
+{
+    await _context.Users
+        .Where(u => !u.IsActive)
+        .ExecuteDeleteAsync(ct);
+}
+\`\`\`
+
+## Transactions
+\`\`\`csharp
+public async Task CreateUserWithProfileAsync(
+    CreateUserRequest request, CreateProfileRequest profileRequest, CancellationToken ct = default)
+{
+    await using var transaction = await _context.Database.BeginTransactionAsync(ct);
+
+    try
+    {
+        var user = new User
+        {
+            Email = request.Email,
+            Name = request.Name,
+            PasswordHash = HashPassword(request.Password)
+        };
+        _context.Users.Add(user);
+        await _context.SaveChangesAsync(ct);
+
+        var profile = new Profile
+        {
+            UserId = user.Id,
+            Bio = profileRequest.Bio
+        };
+        _context.Profiles.Add(profile);
+        await _context.SaveChangesAsync(ct);
+
+        await transaction.CommitAsync(ct);
+    }
+    catch
+    {
+        await transaction.RollbackAsync(ct);
+        throw;
+    }
+}
+
+// With execution strategy (for retries)
+public async Task CreateWithRetryAsync(User user, CancellationToken ct = default)
+{
+    var strategy = _context.Database.CreateExecutionStrategy();
+
+    await strategy.ExecuteAsync(async () =>
+    {
+        await using var transaction = await _context.Database.BeginTransactionAsync(ct);
+
+        _context.Users.Add(user);
+        await _context.SaveChangesAsync(ct);
+        // More operations...
+
+        await transaction.CommitAsync(ct);
+    });
+}
+\`\`\`
+
+## Change Tracking
+\`\`\`csharp
+// No-tracking queries (read-only, better performance)
+public async Task<List<User>> GetAllReadOnlyAsync(CancellationToken ct = default)
+{
+    return await _context.Users
+        .AsNoTracking()
+        .ToListAsync(ct);
+}
+
+// Disable tracking globally for read-heavy scenarios
+services.AddDbContext<AppDbContext>(options =>
+    options.UseNpgsql(connectionString)
+        .UseQueryTrackingBehavior(QueryTrackingBehavior.NoTracking));
+
+// Check entity state
+var entry = _context.Entry(user);
+var state = entry.State;  // Added, Modified, Deleted, Unchanged, Detached
+
+// Explicit state change
+_context.Entry(user).State = EntityState.Modified;
+
+// Attach detached entity
+_context.Users.Attach(user);
+\`\`\`
+
+## Compiled Queries
+\`\`\`csharp
+// For frequently executed queries
+private static readonly Func<AppDbContext, string, Task<User?>> GetByEmailQuery =
+    EF.CompileAsyncQuery((AppDbContext ctx, string email) =>
+        ctx.Users.FirstOrDefault(u => u.Email == email));
+
+public async Task<User?> GetByEmailOptimizedAsync(string email)
+{
+    return await GetByEmailQuery(_context, email);
+}
+\`\`\`
+
+## ✅ DO
+- Use \`IEntityTypeConfiguration<T>\` for entity configuration
+- Use \`AsNoTracking()\` for read-only queries
+- Use projections (\`Select\`) to fetch only needed fields
+- Use \`Include\` for eager loading to avoid N+1
+- Use \`ExecuteUpdateAsync\`/\`ExecuteDeleteAsync\` for bulk operations
+- Pass \`CancellationToken\` to all async methods
+
+## ❌ DON'T
+- Don't call \`ToList()\` before \`Where()\` (fetches all rows)
+- Don't use lazy loading (enabled by default in some versions)
+- Don't forget \`AsNoTracking()\` for read-only queries
+- Don't use \`Find()\` with includes (use \`FirstOrDefault\`)
+- Don't expose \`DbContext\` outside repository layer
+- Don't ignore migration conflicts - resolve them properly

package/.claude/skills/express.md

@@ -0,0 +1,316 @@
+# Express.js Skill
+
+## Project Structure
+\`\`\`
+src/
+├── index.ts              # App entry
+├── app.ts                # Express app setup
+├── routes/
+│   ├── index.ts          # Route aggregator
+│   └── users.ts          # User routes
+├── controllers/
+│   └── users.ts          # Route handlers
+├── middleware/
+│   ├── auth.ts           # Authentication
+│   ├── validate.ts       # Validation
+│   └── errorHandler.ts   # Error handling
+├── services/
+│   └── users.ts          # Business logic
+└── types/
+    └── express.d.ts      # Type extensions
+\`\`\`
+
+## App Setup
+\`\`\`typescript
+import express from 'express';
+import cors from 'cors';
+import helmet from 'helmet';
+import { router } from './routes';
+import { errorHandler } from './middleware/errorHandler';
+
+const app = express();
+
+// Security middleware
+app.use(helmet());
+app.use(cors({ origin: process.env.ALLOWED_ORIGINS?.split(',') }));
+
+// Body parsing
+app.use(express.json({ limit: '10kb' }));
+app.use(express.urlencoded({ extended: true }));
+
+// Request logging
+app.use((req, res, next) => {
+  console.log(\`\${req.method} \${req.path}\`);
+  next();
+});
+
+// Routes
+app.use('/api', router);
+
+// 404 handler
+app.use((req, res) => {
+  res.status(404).json({ error: 'Not found' });
+});
+
+// Error handler (must be last)
+app.use(errorHandler);
+
+export { app };
+\`\`\`
+
+## Router Pattern
+\`\`\`typescript
+// routes/users.ts
+import { Router } from 'express';
+import { auth } from '../middleware/auth';
+import { validate } from '../middleware/validate';
+import { createUserSchema, updateUserSchema } from '../schemas/user';
+import * as userController from '../controllers/users';
+
+const router = Router();
+
+router.get('/', userController.getUsers);
+router.get('/:id', userController.getUser);
+router.post('/', validate(createUserSchema), userController.createUser);
+router.put('/:id', auth, validate(updateUserSchema), userController.updateUser);
+router.delete('/:id', auth, userController.deleteUser);
+
+export { router as userRouter };
+
+// routes/index.ts
+import { Router } from 'express';
+import { userRouter } from './users';
+
+const router = Router();
+
+router.use('/users', userRouter);
+
+export { router };
+\`\`\`
+
+## Controller Pattern
+\`\`\`typescript
+// controllers/users.ts
+import type { Request, Response, NextFunction } from 'express';
+import { userService } from '../services/users';
+
+export const getUsers = async (req: Request, res: Response, next: NextFunction) => {
+  try {
+    const { page = 1, limit = 10 } = req.query;
+    const users = await userService.findAll({ page: +page, limit: +limit });
+    res.json(users);
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const getUser = async (req: Request, res: Response, next: NextFunction) => {
+  try {
+    const user = await userService.findById(req.params.id);
+    if (!user) {
+      return res.status(404).json({ error: 'User not found' });
+    }
+    res.json(user);
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const createUser = async (req: Request, res: Response, next: NextFunction) => {
+  try {
+    const user = await userService.create(req.body);
+    res.status(201).json(user);
+  } catch (error) {
+    next(error);
+  }
+};
+\`\`\`
+
+## Validation Middleware
+\`\`\`typescript
+// middleware/validate.ts
+import { z, ZodSchema } from 'zod';
+import type { Request, Response, NextFunction } from 'express';
+
+export const validate = (schema: ZodSchema) => {
+  return (req: Request, res: Response, next: NextFunction) => {
+    const result = schema.safeParse({
+      body: req.body,
+      query: req.query,
+      params: req.params,
+    });
+
+    if (!result.success) {
+      return res.status(400).json({
+        error: 'Validation failed',
+        details: result.error.flatten(),
+      });
+    }
+
+    req.body = result.data.body;
+    next();
+  };
+};
+
+// schemas/user.ts
+export const createUserSchema = z.object({
+  body: z.object({
+    email: z.string().email(),
+    name: z.string().min(1).max(100),
+    password: z.string().min(8),
+  }),
+});
+\`\`\`
+
+## Authentication Middleware
+\`\`\`typescript
+// middleware/auth.ts
+import type { Request, Response, NextFunction } from 'express';
+import jwt from 'jsonwebtoken';
+
+// Extend Express Request type
+declare global {
+  namespace Express {
+    interface Request {
+      user?: { id: string; email: string };
+    }
+  }
+}
+
+export const auth = async (req: Request, res: Response, next: NextFunction) => {
+  const authHeader = req.headers.authorization;
+
+  if (!authHeader?.startsWith('Bearer ')) {
+    return res.status(401).json({ error: 'No token provided' });
+  }
+
+  const token = authHeader.split(' ')[1];
+
+  try {
+    const payload = jwt.verify(token, process.env.JWT_SECRET!) as { id: string; email: string };
+    req.user = payload;
+    next();
+  } catch {
+    return res.status(401).json({ error: 'Invalid token' });
+  }
+};
+
+// Optional auth (doesn't fail if no token)
+export const optionalAuth = async (req: Request, res: Response, next: NextFunction) => {
+  const authHeader = req.headers.authorization;
+
+  if (authHeader?.startsWith('Bearer ')) {
+    try {
+      const token = authHeader.split(' ')[1];
+      req.user = jwt.verify(token, process.env.JWT_SECRET!) as any;
+    } catch {
+      // Ignore invalid tokens for optional auth
+    }
+  }
+
+  next();
+};
+\`\`\`
+
+## Error Handler
+\`\`\`typescript
+// middleware/errorHandler.ts
+import type { Request, Response, NextFunction } from 'express';
+
+class AppError extends Error {
+  constructor(
+    public statusCode: number,
+    public message: string,
+    public isOperational = true
+  ) {
+    super(message);
+  }
+}
+
+export const errorHandler = (
+  err: Error,
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  // Log error
+  console.error(err);
+
+  if (err instanceof AppError) {
+    return res.status(err.statusCode).json({
+      error: err.message,
+    });
+  }
+
+  // Don't leak error details in production
+  res.status(500).json({
+    error: process.env.NODE_ENV === 'production'
+      ? 'Internal server error'
+      : err.message,
+  });
+};
+
+export { AppError };
+\`\`\`
+
+## Async Handler Wrapper
+\`\`\`typescript
+// utils/asyncHandler.ts
+import type { Request, Response, NextFunction, RequestHandler } from 'express';
+
+type AsyncHandler = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => Promise<any>;
+
+export const asyncHandler = (fn: AsyncHandler): RequestHandler => {
+  return (req, res, next) => {
+    Promise.resolve(fn(req, res, next)).catch(next);
+  };
+};
+
+// Usage
+router.get('/users', asyncHandler(async (req, res) => {
+  const users = await userService.findAll();
+  res.json(users);
+}));
+\`\`\`
+
+## File Upload
+\`\`\`typescript
+import multer from 'multer';
+
+const upload = multer({
+  storage: multer.memoryStorage(),
+  limits: { fileSize: 5 * 1024 * 1024 }, // 5MB
+  fileFilter: (req, file, cb) => {
+    if (file.mimetype.startsWith('image/')) {
+      cb(null, true);
+    } else {
+      cb(new Error('Only images allowed'));
+    }
+  },
+});
+
+router.post('/upload', upload.single('image'), async (req, res) => {
+  const file = req.file;
+  // Process file...
+  res.json({ url: uploadedUrl });
+});
+\`\`\`
+
+## ❌ DON'T
+- Use synchronous error handling (use async/await + next)
+- Forget to call next(error) in catch blocks
+- Put business logic in controllers
+- Trust req.body without validation
+- Expose stack traces in production
+
+## ✅ DO
+- Use middleware for cross-cutting concerns
+- Validate all request bodies with Zod
+- Handle errors centrally with error middleware
+- Use async wrapper or try/catch with next(error)
+- Extend Request type for custom properties
+- Separate routes, controllers, and services