autoworkflow 3.1.5 → 3.6.0

package/.claude/skills/mysql.md

@@ -0,0 +1,281 @@
+# MySQL Skill
+
+## Schema Design
+\`\`\`sql
+-- Table with constraints (MySQL 8.0+)
+CREATE TABLE users (
+  id BINARY(16) PRIMARY KEY DEFAULT (UUID_TO_BIN(UUID())),
+  email VARCHAR(255) NOT NULL,
+  name VARCHAR(100) NOT NULL,
+  password_hash VARCHAR(255) NOT NULL,
+  role ENUM('user', 'admin', 'moderator') DEFAULT 'user',
+  settings JSON DEFAULT '{}',
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  deleted_at TIMESTAMP NULL,
+  UNIQUE KEY uk_email (email),
+  INDEX idx_role_created (role, created_at)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+
+-- Foreign key with cascade
+CREATE TABLE posts (
+  id BINARY(16) PRIMARY KEY DEFAULT (UUID_TO_BIN(UUID())),
+  title VARCHAR(255) NOT NULL,
+  content TEXT,
+  published BOOLEAN DEFAULT FALSE,
+  author_id BINARY(16) NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  INDEX idx_author (author_id),
+  INDEX idx_published_created (published, created_at),
+  FOREIGN KEY (author_id) REFERENCES users(id) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+-- Junction table for many-to-many
+CREATE TABLE post_tags (
+  post_id BINARY(16) NOT NULL,
+  tag_id BINARY(16) NOT NULL,
+  PRIMARY KEY (post_id, tag_id),
+  FOREIGN KEY (post_id) REFERENCES posts(id) ON DELETE CASCADE,
+  FOREIGN KEY (tag_id) REFERENCES tags(id) ON DELETE CASCADE
+) ENGINE=InnoDB;
+\`\`\`
+
+## Indexes
+\`\`\`sql
+-- B-tree index (default)
+CREATE INDEX idx_users_email ON users(email);
+
+-- Compound index (leftmost prefix rule applies)
+CREATE INDEX idx_posts_author_created ON posts(author_id, created_at DESC);
+
+-- Covering index (MySQL 8.0+ functional indexes)
+CREATE INDEX idx_email_lower ON users((LOWER(email)));
+
+-- Full-text index
+ALTER TABLE posts ADD FULLTEXT INDEX ft_content (title, content);
+
+-- Prefix index for long columns
+CREATE INDEX idx_content_prefix ON posts(content(100));
+
+-- Invisible index (for testing removal impact)
+ALTER TABLE users ALTER INDEX idx_role INVISIBLE;
+-- Later: ALTER TABLE users ALTER INDEX idx_role VISIBLE;
+\`\`\`
+
+## Common Queries
+\`\`\`sql
+-- Pagination (offset-based)
+SELECT * FROM posts
+WHERE published = TRUE
+ORDER BY created_at DESC
+LIMIT 20 OFFSET 40;
+
+-- Pagination (cursor-based, more efficient)
+SELECT * FROM posts
+WHERE published = TRUE AND created_at < '2024-01-15 10:00:00'
+ORDER BY created_at DESC
+LIMIT 20;
+
+-- Upsert (INSERT ... ON DUPLICATE KEY)
+INSERT INTO users (email, name, updated_at)
+VALUES ('user@example.com', 'John', NOW())
+ON DUPLICATE KEY UPDATE
+  name = VALUES(name),
+  updated_at = NOW();
+
+-- Insert ignore (skip on conflict)
+INSERT IGNORE INTO users (email, name) VALUES ('user@example.com', 'John');
+
+-- Replace (delete + insert on conflict)
+REPLACE INTO users (email, name) VALUES ('user@example.com', 'New Name');
+\`\`\`
+
+## JSON Operations (MySQL 8.0+)
+\`\`\`sql
+-- Query JSON field
+SELECT * FROM users WHERE JSON_EXTRACT(settings, '$.theme') = 'dark';
+-- Shorthand: settings->>'$.theme' = 'dark'
+
+SELECT * FROM users WHERE JSON_CONTAINS(settings, '"premium"', '$.tags');
+
+-- Update JSON field
+UPDATE users
+SET settings = JSON_SET(settings, '$.theme', 'light')
+WHERE id = ?;
+
+-- Remove JSON key
+UPDATE users
+SET settings = JSON_REMOVE(settings, '$.oldKey')
+WHERE id = ?;
+
+-- Merge JSON objects
+UPDATE users
+SET settings = JSON_MERGE_PATCH(settings, '{"newKey": "value"}')
+WHERE id = ?;
+
+-- Index JSON values (generated column)
+ALTER TABLE users
+  ADD COLUMN theme VARCHAR(50) GENERATED ALWAYS AS (settings->>'$.theme') STORED,
+  ADD INDEX idx_theme (theme);
+\`\`\`
+
+## CTEs & Window Functions (MySQL 8.0+)
+\`\`\`sql
+-- CTE for readability
+WITH active_users AS (
+  SELECT * FROM users WHERE deleted_at IS NULL
+)
+SELECT u.*, COUNT(p.id) as post_count
+FROM active_users u
+LEFT JOIN posts p ON u.id = p.author_id
+GROUP BY u.id;
+
+-- Recursive CTE (hierarchical data)
+WITH RECURSIVE category_tree AS (
+  SELECT id, name, parent_id, 0 as depth
+  FROM categories
+  WHERE parent_id IS NULL
+
+  UNION ALL
+
+  SELECT c.id, c.name, c.parent_id, ct.depth + 1
+  FROM categories c
+  JOIN category_tree ct ON c.parent_id = ct.id
+)
+SELECT * FROM category_tree ORDER BY depth, name;
+
+-- Window functions
+SELECT
+  author_id,
+  title,
+  created_at,
+  ROW_NUMBER() OVER (PARTITION BY author_id ORDER BY created_at DESC) as post_rank,
+  LAG(title) OVER (ORDER BY created_at) as prev_title
+FROM posts;
+\`\`\`
+
+## Full-Text Search
+\`\`\`sql
+-- Natural language mode (default)
+SELECT *, MATCH(title, content) AGAINST('search terms') as relevance
+FROM posts
+WHERE MATCH(title, content) AGAINST('search terms')
+ORDER BY relevance DESC;
+
+-- Boolean mode (more control)
+SELECT * FROM posts
+WHERE MATCH(title, content) AGAINST('+required -excluded "exact phrase"' IN BOOLEAN MODE);
+
+-- Query expansion (find related)
+SELECT * FROM posts
+WHERE MATCH(title, content) AGAINST('database' WITH QUERY EXPANSION);
+\`\`\`
+
+## Query Optimization
+\`\`\`sql
+-- Analyze query plan
+EXPLAIN SELECT * FROM users WHERE email = 'test@example.com';
+
+-- Extended explain with more details
+EXPLAIN ANALYZE SELECT * FROM posts WHERE author_id = ?;
+
+-- Update table statistics
+ANALYZE TABLE users;
+
+-- Show index usage
+SHOW INDEX FROM users;
+
+-- Check slow queries (enable slow_query_log)
+SELECT * FROM mysql.slow_log ORDER BY start_time DESC LIMIT 10;
+
+-- Profile query execution
+SET profiling = 1;
+SELECT * FROM users WHERE role = 'admin';
+SHOW PROFILES;
+SHOW PROFILE FOR QUERY 1;
+\`\`\`
+
+## Transactions & Locking
+\`\`\`sql
+-- Transaction with isolation level
+SET TRANSACTION ISOLATION LEVEL REPEATABLE READ;
+START TRANSACTION;
+-- ... operations ...
+COMMIT;
+-- Or ROLLBACK;
+
+-- Row-level lock (InnoDB)
+SELECT * FROM accounts WHERE id = ? FOR UPDATE;
+-- Other transactions wait
+
+-- Shared lock (read lock)
+SELECT * FROM accounts WHERE id = ? FOR SHARE;
+
+-- Named lock (application-level)
+SELECT GET_LOCK('resource_name', 10); -- 10 second timeout
+-- ... do work ...
+SELECT RELEASE_LOCK('resource_name');
+\`\`\`
+
+## Prepared Statements (Node.js example)
+\`\`\`typescript
+import mysql from 'mysql2/promise';
+
+const pool = mysql.createPool({
+  host: process.env.DB_HOST,
+  user: process.env.DB_USER,
+  password: process.env.DB_PASSWORD,
+  database: process.env.DB_NAME,
+  waitForConnections: true,
+  connectionLimit: 10,
+  queueLimit: 0,
+});
+
+// Parameterized query (prevents SQL injection)
+const [rows] = await pool.execute(
+  'SELECT * FROM users WHERE email = ? AND role = ?',
+  [email, 'user']
+);
+
+// Named placeholders
+const [rows] = await pool.execute(
+  'SELECT * FROM users WHERE email = :email',
+  { email: 'user@example.com' }
+);
+\`\`\`
+
+## Performance Tips
+\`\`\`sql
+-- Check InnoDB status
+SHOW ENGINE INNODB STATUS;
+
+-- Buffer pool hit ratio (should be > 99%)
+SHOW GLOBAL STATUS LIKE 'Innodb_buffer_pool_read%';
+
+-- Table statistics
+SELECT
+  table_name,
+  table_rows,
+  data_length / 1024 / 1024 as data_mb,
+  index_length / 1024 / 1024 as index_mb
+FROM information_schema.tables
+WHERE table_schema = DATABASE();
+\`\`\`
+
+## ❌ DON'T
+- Use MyISAM for transactional tables
+- Store UUIDs as VARCHAR (use BINARY(16))
+- Use SELECT * in production
+- Create indexes on every column
+- Use OFFSET for deep pagination
+- Skip parameterized queries (SQL injection risk)
+
+## ✅ DO
+- Use InnoDB for all tables
+- Use utf8mb4 charset for proper Unicode support
+- Create compound indexes matching query patterns
+- Use prepared statements for all queries
+- Monitor slow query log regularly
+- Use connection pooling
+- Prefer cursor-based pagination
+- Use JSON columns for flexible schemas (MySQL 8.0+)

package/.claude/skills/nestjs.md

@@ -0,0 +1,335 @@
+# NestJS Skill
+
+## Project Structure
+\`\`\`
+src/
+├── main.ts                    # Bootstrap
+├── app.module.ts              # Root module
+├── common/
+│   ├── decorators/            # Custom decorators
+│   ├── guards/                # Auth guards
+│   ├── interceptors/          # Response transforms
+│   ├── filters/               # Exception filters
+│   └── pipes/                 # Validation pipes
+└── modules/
+    └── users/
+        ├── users.module.ts
+        ├── users.controller.ts
+        ├── users.service.ts
+        ├── dto/
+        │   ├── create-user.dto.ts
+        │   └── update-user.dto.ts
+        └── entities/
+            └── user.entity.ts
+\`\`\`
+
+## Module & Controller
+\`\`\`typescript
+// users.module.ts
+@Module({
+  imports: [TypeOrmModule.forFeature([User])],
+  controllers: [UsersController],
+  providers: [UsersService],
+  exports: [UsersService],
+})
+export class UsersModule {}
+
+// users.controller.ts
+@Controller('users')
+@UseGuards(JwtAuthGuard)
+export class UsersController {
+  constructor(private readonly usersService: UsersService) {}
+
+  @Get()
+  findAll(@Query() query: PaginationDto) {
+    return this.usersService.findAll(query);
+  }
+
+  @Get(':id')
+  findOne(@Param('id', ParseUUIDPipe) id: string) {
+    return this.usersService.findOne(id);
+  }
+
+  @Post()
+  @HttpCode(HttpStatus.CREATED)
+  create(@Body() createUserDto: CreateUserDto) {
+    return this.usersService.create(createUserDto);
+  }
+
+  @Patch(':id')
+  update(
+    @Param('id', ParseUUIDPipe) id: string,
+    @Body() updateUserDto: UpdateUserDto,
+  ) {
+    return this.usersService.update(id, updateUserDto);
+  }
+
+  @Delete(':id')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  remove(@Param('id', ParseUUIDPipe) id: string) {
+    return this.usersService.remove(id);
+  }
+}
+\`\`\`
+
+## DTOs with Validation
+\`\`\`typescript
+// dto/create-user.dto.ts
+import { IsEmail, IsString, MinLength, IsOptional } from 'class-validator';
+
+export class CreateUserDto {
+  @IsEmail()
+  email: string;
+
+  @IsString()
+  @MinLength(1)
+  name: string;
+
+  @IsString()
+  @MinLength(8)
+  password: string;
+}
+
+// dto/update-user.dto.ts
+import { PartialType } from '@nestjs/mapped-types';
+
+export class UpdateUserDto extends PartialType(CreateUserDto) {}
+
+// Enable global validation in main.ts
+app.useGlobalPipes(new ValidationPipe({
+  whitelist: true,           // Strip unknown properties
+  forbidNonWhitelisted: true, // Throw on unknown properties
+  transform: true,            // Auto-transform types
+}));
+\`\`\`
+
+## Guards
+\`\`\`typescript
+// guards/jwt-auth.guard.ts
+@Injectable()
+export class JwtAuthGuard implements CanActivate {
+  constructor(private jwtService: JwtService) {}
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    const request = context.switchToHttp().getRequest();
+    const token = this.extractToken(request);
+
+    if (!token) {
+      throw new UnauthorizedException();
+    }
+
+    try {
+      const payload = await this.jwtService.verifyAsync(token);
+      request.user = payload;
+    } catch {
+      throw new UnauthorizedException();
+    }
+
+    return true;
+  }
+
+  private extractToken(request: Request): string | undefined {
+    const [type, token] = request.headers.authorization?.split(' ') ?? [];
+    return type === 'Bearer' ? token : undefined;
+  }
+}
+
+// guards/roles.guard.ts
+@Injectable()
+export class RolesGuard implements CanActivate {
+  constructor(private reflector: Reflector) {}
+
+  canActivate(context: ExecutionContext): boolean {
+    const requiredRoles = this.reflector.getAllAndOverride<Role[]>(ROLES_KEY, [
+      context.getHandler(),
+      context.getClass(),
+    ]);
+
+    if (!requiredRoles) return true;
+
+    const { user } = context.switchToHttp().getRequest();
+    return requiredRoles.some((role) => user.roles?.includes(role));
+  }
+}
+
+// Usage
+@Roles(Role.Admin)
+@UseGuards(JwtAuthGuard, RolesGuard)
+@Delete(':id')
+remove(@Param('id') id: string) {}
+\`\`\`
+
+## Custom Decorators
+\`\`\`typescript
+// decorators/current-user.decorator.ts
+export const CurrentUser = createParamDecorator(
+  (data: keyof User | undefined, ctx: ExecutionContext) => {
+    const request = ctx.switchToHttp().getRequest();
+    const user = request.user;
+    return data ? user?.[data] : user;
+  },
+);
+
+// decorators/roles.decorator.ts
+export const ROLES_KEY = 'roles';
+export const Roles = (...roles: Role[]) => SetMetadata(ROLES_KEY, roles);
+
+// Usage
+@Get('me')
+getProfile(@CurrentUser() user: User) {
+  return user;
+}
+
+@Get('email')
+getEmail(@CurrentUser('email') email: string) {
+  return { email };
+}
+\`\`\`
+
+## Exception Filters
+\`\`\`typescript
+// filters/http-exception.filter.ts
+@Catch(HttpException)
+export class HttpExceptionFilter implements ExceptionFilter {
+  catch(exception: HttpException, host: ArgumentsHost) {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+    const request = ctx.getRequest<Request>();
+    const status = exception.getStatus();
+    const exceptionResponse = exception.getResponse();
+
+    response.status(status).json({
+      statusCode: status,
+      timestamp: new Date().toISOString(),
+      path: request.url,
+      message: typeof exceptionResponse === 'string'
+        ? exceptionResponse
+        : (exceptionResponse as any).message,
+    });
+  }
+}
+
+// Apply globally in main.ts
+app.useGlobalFilters(new HttpExceptionFilter());
+\`\`\`
+
+## Interceptors
+\`\`\`typescript
+// interceptors/transform.interceptor.ts
+@Injectable()
+export class TransformInterceptor<T> implements NestInterceptor<T, Response<T>> {
+  intercept(context: ExecutionContext, next: CallHandler): Observable<Response<T>> {
+    return next.handle().pipe(
+      map((data) => ({
+        success: true,
+        data,
+        timestamp: new Date().toISOString(),
+      })),
+    );
+  }
+}
+
+// interceptors/logging.interceptor.ts
+@Injectable()
+export class LoggingInterceptor implements NestInterceptor {
+  private readonly logger = new Logger(LoggingInterceptor.name);
+
+  intercept(context: ExecutionContext, next: CallHandler): Observable<any> {
+    const request = context.switchToHttp().getRequest();
+    const { method, url } = request;
+    const now = Date.now();
+
+    return next.handle().pipe(
+      tap(() => {
+        this.logger.log(\`\${method} \${url} - \${Date.now() - now}ms\`);
+      }),
+    );
+  }
+}
+\`\`\`
+
+## Config Module
+\`\`\`typescript
+// config/configuration.ts
+export default () => ({
+  port: parseInt(process.env.PORT, 10) || 3000,
+  database: {
+    host: process.env.DB_HOST,
+    port: parseInt(process.env.DB_PORT, 10) || 5432,
+  },
+  jwt: {
+    secret: process.env.JWT_SECRET,
+    expiresIn: '1h',
+  },
+});
+
+// app.module.ts
+@Module({
+  imports: [
+    ConfigModule.forRoot({
+      isGlobal: true,
+      load: [configuration],
+    }),
+  ],
+})
+export class AppModule {}
+
+// Usage
+@Injectable()
+export class AuthService {
+  constructor(private configService: ConfigService) {}
+
+  getJwtSecret() {
+    return this.configService.get<string>('jwt.secret');
+  }
+}
+\`\`\`
+
+## Testing
+\`\`\`typescript
+describe('UsersController', () => {
+  let controller: UsersController;
+  let service: UsersService;
+
+  beforeEach(async () => {
+    const module: TestingModule = await Test.createTestingModule({
+      controllers: [UsersController],
+      providers: [
+        {
+          provide: UsersService,
+          useValue: {
+            findAll: jest.fn(),
+            findOne: jest.fn(),
+            create: jest.fn(),
+          },
+        },
+      ],
+    }).compile();
+
+    controller = module.get<UsersController>(UsersController);
+    service = module.get<UsersService>(UsersService);
+  });
+
+  it('should return all users', async () => {
+    const result = [{ id: '1', name: 'Test' }];
+    jest.spyOn(service, 'findAll').mockResolvedValue(result);
+
+    expect(await controller.findAll({})).toBe(result);
+  });
+});
+\`\`\`
+
+## ❌ DON'T
+- Put business logic in controllers
+- Skip validation on DTOs
+- Use any for types
+- Forget to handle exceptions
+
+## ✅ DO
+- Use DTOs for validation
+- Use dependency injection
+- Organize by feature modules
+- Use guards for authentication
+- Use interceptors for response transforms
+- Use exception filters for error handling
+- Write unit tests for services