awesome-slash 2.4.2

package/plugins/next-task/lib/utils/context-optimizer.js

@@ -0,0 +1,222 @@
+/**
+ * Context Optimizer Utilities
+ * Provides optimized git commands to minimize token usage while gathering context
+ *
+ * Target: Keep command execution under 50k tokens
+ *
+ * @author Avi Fenesh
+ * @license MIT
+ */
+
+/**
+ * Escape shell special characters for safe command interpolation
+ * @param {string} str - String to escape
+ * @returns {string} Escaped string safe for shell use
+ */
+function escapeShell(str) {
+  if (typeof str !== 'string') return '';
+  // Escape characters that have special meaning in shell
+  return str.replace(/["$`\\!]/g, '\\$&');
+}
+
+/**
+ * Escape single quotes for shell (replace ' with '\''
+ * @param {string} str - String to escape
+ * @returns {string} Escaped string safe for single-quoted shell use
+ */
+function escapeSingleQuotes(str) {
+  if (typeof str !== 'string') return '';
+  return str.replace(/'/g, "'\\''");
+}
+
+/**
+ * Validate and sanitize file extension
+ * @param {string} ext - Extension to validate
+ * @returns {string} Safe extension (alphanumeric only)
+ */
+function sanitizeExtension(ext) {
+  if (typeof ext !== 'string') return 'ts';
+  const safe = ext.replace(/[^a-zA-Z0-9]/g, '');
+  return safe || 'ts';
+}
+
+/**
+ * Git command optimization utilities for context efficiency
+ */
+const contextOptimizer = {
+  /**
+   * Get recent commits with minimal formatting
+   * @param {number} limit - Number of commits to retrieve (default: 10)
+   * @returns {string} Git command
+   */
+  recentCommits: (limit = 10) =>
+    `git log --oneline --no-decorate -${limit} --format="%h %s"`,
+
+  /**
+   * Get compact git status (untracked files excluded)
+   * @returns {string} Git command
+   */
+  compactStatus: () =>
+    'git status -uno --porcelain',
+
+  /**
+   * Get file changes between refs
+   * @param {string} ref - Reference to compare from (default: 'HEAD~5')
+   * @returns {string} Git command
+   */
+  fileChanges: (ref = 'HEAD~5') =>
+    `git diff ${ref}..HEAD --name-status`,
+
+  /**
+   * Get current branch name
+   * @returns {string} Git command
+   */
+  currentBranch: () =>
+    'git branch --show-current',
+
+  /**
+   * Get remote information (limited to 2 lines)
+   * @returns {string} Git command
+   */
+  remoteInfo: () =>
+    'git remote -v | head -2',
+
+  /**
+   * Check if there are stashed changes
+   * @returns {string} Git command
+   */
+  hasStashes: () =>
+    'git stash list --oneline | wc -l',
+
+  /**
+   * Get worktree list in porcelain format
+   * @returns {string} Git command
+   */
+  worktreeList: () =>
+    'git worktree list --porcelain',
+
+  /**
+   * Get the age of a specific line (for TODO checking)
+   * @param {string} file - File path
+   * @param {number} line - Line number
+   * @returns {string} Git command
+   */
+  lineAge: (file, line) => {
+    // Validate line is a positive integer
+    const lineNum = parseInt(line, 10);
+    if (!Number.isInteger(lineNum) || lineNum < 1) {
+      throw new Error('Line must be a positive integer');
+    }
+    // Escape file path for safe shell usage
+    const safeFile = escapeShell(file);
+    return `git blame -L ${lineNum},${lineNum} "${safeFile}" --porcelain | grep '^committer-time' | cut -d' ' -f2`;
+  },
+
+  /**
+   * Find source files by extension
+   * @param {string} extension - File extension (e.g., 'ts', 'py', 'rs')
+   * @returns {string} Git command
+   */
+  findSourceFiles: (extension = 'ts') => {
+    const safeExt = sanitizeExtension(extension);
+    return `git ls-files | grep '\\.${safeExt}$'`;
+  },
+
+  /**
+   * Get diff stat summary
+   * @param {string} ref - Reference to compare from (default: 'HEAD~5')
+   * @returns {string} Git command
+   */
+  diffStat: (ref = 'HEAD~5') =>
+    `git diff ${ref}..HEAD --stat | head -20`,
+
+  /**
+   * Get contributors list (limited to top 10)
+   * @returns {string} Git command
+   */
+  contributors: () =>
+    'git shortlog -sn --no-merges | head -10',
+
+  /**
+   * Get last commit message
+   * @returns {string} Git command
+   */
+  lastCommitMessage: () =>
+    'git log -1 --format=%s',
+
+  /**
+   * Get files changed in last commit
+   * @returns {string} Git command
+   */
+  lastCommitFiles: () =>
+    'git diff-tree --no-commit-id --name-only -r HEAD',
+
+  /**
+   * Get branch list (local only, limited)
+   * @param {number} limit - Number of branches (default: 10)
+   * @returns {string} Git command
+   */
+  branches: (limit = 10) =>
+    `git branch --format='%(refname:short)' | head -${limit}`,
+
+  /**
+   * Get tags list (limited)
+   * @param {number} limit - Number of tags (default: 10)
+   * @returns {string} Git command
+   */
+  tags: (limit = 10) =>
+    `git tag --sort=-creatordate | head -${limit}`,
+
+  /**
+   * Get count of commits on current branch since branching from main
+   * @param {string} mainBranch - Main branch name (default: 'main')
+   * @returns {string} Git command
+   */
+  commitsSinceBranch: (mainBranch = 'main') =>
+    `git rev-list --count ${mainBranch}..HEAD`,
+
+  /**
+   * Check if working directory is clean
+   * @returns {string} Git command
+   */
+  isClean: () =>
+    'git status --porcelain | wc -l',
+
+  /**
+   * Get merge base with main branch
+   * @param {string} mainBranch - Main branch name (default: 'main')
+   * @returns {string} Git command
+   */
+  mergeBase: (mainBranch = 'main') =>
+    `git merge-base ${mainBranch} HEAD`,
+
+  /**
+   * Get files modified in current branch (since branching)
+   * @param {string} mainBranch - Main branch name (default: 'main')
+   * @returns {string} Git command
+   */
+  branchChangedFiles: (mainBranch = 'main') =>
+    `git diff ${mainBranch}...HEAD --name-only`,
+
+  /**
+   * Get commit count by author
+   * @param {string} author - Author name or email
+   * @returns {string} Git command
+   */
+  authorCommitCount: (author) => {
+    const safeAuthor = escapeShell(author);
+    return `git log --author="${safeAuthor}" --oneline | wc -l`;
+  },
+
+  /**
+   * Check if file exists in repository
+   * @param {string} file - File path
+   * @returns {string} Git command
+   */
+  fileExists: (file) => {
+    const safeFile = escapeSingleQuotes(file);
+    return `git ls-files | grep -q '${safeFile}' && echo 'true' || echo 'false'`;
+  }
+};
+
+module.exports = contextOptimizer;

package/plugins/project-review/.claude-plugin/plugin.json

@@ -0,0 +1,20 @@
+{
+  "name": "project-review",
+  "version": "2.3.1",
+  "description": "Multi-agent iterative code review until zero issues remain",
+  "author": {
+    "name": "Avi Fenesh",
+    "email": "[email protected]",
+    "url": "https://github.com/avifenesh"
+  },
+  "homepage": "https://github.com/avifenesh/awesome-slash#project-review",
+  "repository": "https://github.com/avifenesh/awesome-slash",
+  "license": "MIT",
+  "keywords": [
+    "code-review",
+    "quality",
+    "multi-agent",
+    "framework-specific",
+    "iterative"
+  ]
+}

package/plugins/project-review/commands/project-review-agents.md

@@ -0,0 +1,286 @@
+# Phase 2: Multi-Agent Review - Reference
+
+This file contains detailed agent coordination for `/project-review`.
+
+**Parent document**: `project-review.md`
+
+## Agent Specialization
+
+### File Filtering by Agent
+
+Each agent reviews only relevant files:
+
+| Agent | File Patterns |
+|-------|--------------|
+| security-expert | Auth, validation, API endpoints, config |
+| performance-engineer | Hot paths, algorithms, loops, queries |
+| test-quality-guardian | Test files only |
+| architecture-reviewer | All source files |
+| database-specialist | Models, queries, migrations |
+| api-designer | API routes, controllers, handlers |
+| frontend-specialist | Components, state management |
+| devops-reviewer | CI/CD configs, Dockerfiles |
+
+## Agent Coordination
+
+Use Task tool to launch agents in parallel:
+
+```javascript
+const agents = [];
+
+// Always active agents
+agents.push(Task({
+  subagent_type: "Explore",
+  prompt: `You are security-expert. Review ${SCOPE} for security issues.
+
+Framework: ${FRAMEWORK}
+Patterns: ${frameworkPatterns?.security}
+
+Focus on:
+- SQL injection, XSS, CSRF vulnerabilities
+- Authentication and authorization flaws
+- Secrets exposure, insecure configurations
+- Input validation, output encoding
+
+Provide findings in evidence-based format with file:line.`
+}));
+
+agents.push(Task({
+  subagent_type: "Explore",
+  prompt: `You are performance-engineer. Review ${SCOPE} for performance issues.
+
+Framework: ${FRAMEWORK}
+Patterns: ${frameworkPatterns?.performance}
+
+Focus on:
+- N+1 queries, inefficient algorithms
+- Memory leaks, unnecessary allocations
+- Blocking operations, missing async
+- Bundle size, lazy loading
+
+Provide findings in evidence-based format.`
+}));
+
+// Conditional agents
+if (HAS_TESTS) {
+  agents.push(Task({
+    subagent_type: "Explore",
+    prompt: `You are test-quality-guardian. Review test files.
+
+Framework: ${FRAMEWORK}
+
+Focus on:
+- Test coverage for new code
+- Edge case coverage
+- Test design and maintainability
+- Mocking appropriateness
+
+Provide findings in evidence-based format.`
+  }));
+}
+
+if (FILE_COUNT > 50) {
+  agents.push(Task({
+    subagent_type: "Explore",
+    prompt: `You are architecture-reviewer. Review ${SCOPE} for design issues.
+
+Framework: ${FRAMEWORK}
+
+Focus on:
+- Code organization and modularity
+- Design pattern violations
+- Dependency management
+- SOLID principles
+
+Provide findings in evidence-based format.`
+  }));
+}
+
+if (HAS_DB) {
+  agents.push(Task({
+    subagent_type: "Explore",
+    prompt: `You are database-specialist. Review ${SCOPE} for database issues.
+
+Framework: ${FRAMEWORK}
+
+Focus on:
+- Query optimization, N+1 queries
+- Missing indexes
+- Transaction handling
+- Connection pooling
+
+Provide findings in evidence-based format.`
+  }));
+}
+
+if (HAS_API) {
+  agents.push(Task({
+    subagent_type: "Explore",
+    prompt: `You are api-designer. Review ${SCOPE} for API issues.
+
+Framework: ${FRAMEWORK}
+
+Focus on:
+- REST best practices
+- Error handling and status codes
+- Rate limiting, pagination
+- API versioning
+
+Provide findings in evidence-based format.`
+  }));
+}
+```
+
+## Finding Consolidation
+
+After all agents complete:
+
+```javascript
+function consolidateFindings(agentResults) {
+  const allFindings = [];
+
+  for (const result of agentResults) {
+    if (result.findings) {
+      allFindings.push(...result.findings);
+    }
+  }
+
+  // Deduplicate by file:line
+  const seen = new Set();
+  const deduped = allFindings.filter(f => {
+    const key = `${f.file}:${f.line}`;
+    if (seen.has(key)) return false;
+    seen.add(key);
+    return true;
+  });
+
+  // Sort by severity
+  const severityOrder = { critical: 0, high: 1, medium: 2, low: 3 };
+  deduped.sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
+
+  // Group by file
+  const byFile = {};
+  for (const f of deduped) {
+    if (!byFile[f.file]) byFile[f.file] = [];
+    byFile[f.file].push(f);
+  }
+
+  return {
+    all: deduped,
+    byFile,
+    counts: {
+      critical: deduped.filter(f => f.severity === 'critical').length,
+      high: deduped.filter(f => f.severity === 'high').length,
+      medium: deduped.filter(f => f.severity === 'medium').length,
+      low: deduped.filter(f => f.severity === 'low').length
+    }
+  };
+}
+```
+
+## Framework-Specific Patterns
+
+### React Patterns
+
+```javascript
+const reactPatterns = {
+  hooks_rules: {
+    description: "React hooks must be called at top level",
+    pattern: /use[A-Z]\w+\(/,
+    context: "inside conditionals or loops"
+  },
+  state_management: {
+    description: "Avoid prop drilling, use context or state management",
+    pattern: /props\.\w+\.\w+\.\w+/
+  },
+  performance: {
+    description: "Use memo/useMemo for expensive computations",
+    pattern: /\.map\(.*=>.*\.map\(/
+  }
+};
+```
+
+### Express Patterns
+
+```javascript
+const expressPatterns = {
+  error_handling: {
+    description: "Express routes must have error handling",
+    pattern: /app\.(get|post|put|delete)\(/,
+    check: "next(err) in catch block"
+  },
+  async_handlers: {
+    description: "Async handlers need try-catch or wrapper",
+    pattern: /async\s*\(req,\s*res/
+  }
+};
+```
+
+### Django Patterns
+
+```javascript
+const djangoPatterns = {
+  n_plus_one: {
+    description: "Use select_related/prefetch_related",
+    pattern: /\.objects\.(all|filter)\(\)/
+  },
+  raw_queries: {
+    description: "Avoid raw SQL, use ORM",
+    pattern: /\.raw\(|connection\.cursor\(\)/
+  }
+};
+```
+
+## Pattern Application
+
+```javascript
+function applyPatterns(findings, frameworkPatterns) {
+  if (!frameworkPatterns) return findings;
+
+  for (const pattern of Object.values(frameworkPatterns)) {
+    // Check each finding against framework patterns
+    for (const finding of findings) {
+      if (pattern.pattern.test(finding.codeQuote)) {
+        finding.frameworkContext = pattern.description;
+      }
+    }
+  }
+
+  return findings;
+}
+```
+
+## Review Output Format
+
+```markdown
+## Agent Reports
+
+### security-expert
+**Files Reviewed**: X
+**Issues Found**: Y (Z critical, A high)
+
+Findings:
+1. [Finding details with file:line]
+2. [Finding details with file:line]
+
+### performance-engineer
+**Files Reviewed**: X
+**Issues Found**: Y
+
+Findings:
+1. [Finding details with file:line]
+
+[... per agent]
+
+## Consolidated Summary
+
+**Total Issues**: X
+- Critical: Y (must fix)
+- High: Z (should fix)
+- Medium: A (consider)
+- Low: B (nice to have)
+
+**Top Files by Issue Count**:
+1. src/api/users.ts: 5 issues
+2. src/auth/session.ts: 3 issues
+```

package/plugins/project-review/commands/project-review-github.md

@@ -0,0 +1,142 @@
+# Phase 8: GitHub Issue Creation - Reference
+
+This file contains GitHub integration for `/project-review`.
+
+**Parent document**: `project-review.md`
+
+## Pre-Conditions
+
+```bash
+# Check if git and gh are available
+GIT_AVAILABLE=$(command -v git >/dev/null 2>&1 && echo "true" || echo "false")
+GH_AVAILABLE=$(command -v gh >/dev/null 2>&1 && echo "true" || echo "false")
+
+# Check if this is a GitHub repository
+IS_GITHUB_REPO="false"
+if [ "$GIT_AVAILABLE" = "true" ]; then
+  REMOTE_URL=$(git remote get-url origin 2>/dev/null || echo "")
+  if echo "$REMOTE_URL" | grep -q "github.com"; then
+    IS_GITHUB_REPO="true"
+  fi
+fi
+```
+
+## Creating GitHub Issues
+
+If `git` and `gh` are available, create issues for **non-security** deferred items:
+
+```bash
+if [ "$GH_AVAILABLE" = "true" ] && [ "$IS_GITHUB_REPO" = "true" ]; then
+  echo "Creating GitHub issues for deferred items..."
+
+  # DO NOT create public issues for security-sensitive findings
+  for issue in "${DEFERRED_NON_SECURITY_ISSUES[@]}"; do
+    gh issue create \
+      --title "${issue.title}" \
+      --body "${issue.body}"
+  done
+
+  echo "Created ${#DEFERRED_NON_SECURITY_ISSUES[@]} GitHub issues"
+fi
+```
+
+## Issue Format
+
+Each created issue includes:
+
+```markdown
+## Issue from /project-review
+
+**Severity**: [Critical|High|Medium|Low]
+**Category**: [Performance|Architecture|Code Quality|Enhancement]
+**Effort**: [Small|Medium|Large] (~X hours)
+
+### Description
+[Description of the issue]
+
+### Current Behavior
+\`\`\`[language]
+[Code showing the problem]
+\`\`\`
+
+### Proposed Fix
+[Specific remediation approach]
+
+### Impact
+[Why this matters]
+
+### Files
+- [List of affected files]
+```
+
+## Security Issue Handling
+
+```
+╔══════════════════════════════════════════════════════════════════╗
+║  ⚠️ SECURITY ISSUES MUST NOT BE PUBLIC                          ║
+╠══════════════════════════════════════════════════════════════════╣
+║                                                                  ║
+║  The following must NOT be created as GitHub issues:             ║
+║  - Token/credential exposure                                    ║
+║  - Authentication vulnerabilities                               ║
+║  - Authorization bypasses                                       ║
+║  - Injection vulnerabilities                                    ║
+║  - Any exploitable security finding                             ║
+║                                                                  ║
+║  For security issues:                                           ║
+║  1. Fix immediately if possible                                 ║
+║  2. Keep documented internally only                             ║
+║  3. Note in completion report (no details)                      ║
+║                                                                  ║
+╚══════════════════════════════════════════════════════════════════╝
+```
+
+## TECHNICAL_DEBT.md Cleanup
+
+After all issues are handled, remove TECHNICAL_DEBT.md:
+
+```bash
+if [ "$GH_AVAILABLE" = "true" ] && [ "$IS_GITHUB_REPO" = "true" ]; then
+  if [ -f "TECHNICAL_DEBT.md" ]; then
+    rm TECHNICAL_DEBT.md
+    git add TECHNICAL_DEBT.md
+    git commit -m "chore: remove TECHNICAL_DEBT.md - issues tracked in GitHub
+
+Created GitHub issues for all deferred non-security items.
+Security-sensitive issues kept internal."
+    echo "Removed TECHNICAL_DEBT.md - issues now in GitHub"
+  fi
+else
+  echo "TECHNICAL_DEBT.md retained - no GitHub integration"
+fi
+```
+
+## Cleanup Conditions
+
+**Remove TECHNICAL_DEBT.md when ALL true:**
+1. `git` is available
+2. `gh` CLI is available and authenticated
+3. Repository has GitHub remote
+4. All non-security issues created as GitHub issues
+
+**Keep TECHNICAL_DEBT.md when ANY true:**
+1. No GitHub integration available
+2. `gh` CLI not authenticated
+3. User requested `--create-tech-debt` flag
+4. Security issues exist
+
+## Final Commit
+
+If issues were created:
+
+```bash
+git add -A
+git commit -m "chore: project-review complete - issues tracked in GitHub
+
+Created X GitHub issues for deferred items:
+- #N: [issue title]
+- #N: [issue title]
+
+Security-sensitive issues (Y total) kept internal.
+Fixed Z issues in this review session."
+```