berget 2.2.6 → 2.2.8

package/src/utils/opencode-validator.ts

@@ -1,134 +1,130 @@
-import Ajv from 'ajv'
-import addFormats from 'ajv-formats'
-import { readFileSync } from 'fs'
-import { join } from 'path'
-import { dirname } from 'path'
+import Ajv from 'ajv';
+import addFormats from 'ajv-formats';
+import { readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { dirname } from 'node:path';
 
 // Load the official OpenCode JSON Schema
-const __dirname = dirname(__filename)
-const schemaPath = join(__dirname, '..', 'schemas', 'opencode-schema.json')
+const __dirname = dirname(__filename);
+const schemaPath = join(__dirname, '..', 'schemas', 'opencode-schema.json');
 
-let ajv: Ajv
-let openCodeSchema: any
-let validateFunction: any
+let ajv: Ajv;
+let openCodeSchema: any;
+let validateFunction: any;
 
 try {
-  const schemaContent = readFileSync(schemaPath, 'utf-8')
-  openCodeSchema = JSON.parse(schemaContent)
+  const schemaContent = readFileSync(schemaPath, 'utf-8');
+  openCodeSchema = JSON.parse(schemaContent);
 
   // Initialize AJV with formats and options
   ajv = new Ajv({
     allErrors: true,
-    verbose: true,
-    strict: false,
     allowUnionTypes: true,
     removeAdditional: false,
-  })
+    strict: false,
+    verbose: true,
+  });
 
   // Add JSON Schema formats
-  addFormats(ajv)
+  addFormats(ajv);
 
   // Compile the schema
-  validateFunction = ajv.compile(openCodeSchema)
+  validateFunction = ajv.compile(openCodeSchema);
 } catch (error) {
-  console.error('Failed to load OpenCode schema:', error)
-  throw new Error('Could not initialize OpenCode validator')
+  console.error('Failed to load OpenCode schema:', error);
+  throw new Error('Could not initialize OpenCode validator');
 }
 
-export type OpenCodeConfig = any
-
-/**
- * Validate OpenCode configuration against the official JSON Schema
- */
-export function validateOpenCodeConfig(config: any): {
-  valid: boolean
-  errors?: string[]
-} {
-  try {
-    if (!validateFunction) {
-      return { valid: false, errors: ['Schema validator not initialized'] }
-    }
-
-    const isValid = validateFunction(config)
-
-    if (isValid) {
-      return { valid: true }
-    } else {
-      const errors = validateFunction.errors?.map((err: any) => {
-        const path = err.instancePath || err.schemaPath || 'root'
-        const message = err.message || 'Unknown error'
-        return `${path}: ${message}`
-      }) || ['Unknown validation error']
-
-      return { valid: false, errors }
-    }
-  } catch (error) {
-    console.error('Validation error:', error)
-    return { valid: false, errors: ['Validation process failed'] }
-  }
-}
+export type OpenCodeConfig = any;
 
 /**
  * Fix common OpenCode configuration issues
  */
 export function fixOpenCodeConfig(config: any): OpenCodeConfig {
-  const fixed = { ...config }
+  const fixed = { ...config };
 
   // Fix tools.compact - should be boolean, not object
   if (fixed.tools && typeof fixed.tools.compact === 'object') {
-    console.warn('⚠️  Converting tools.compact from object to boolean')
+    console.warn('⚠️  Converting tools.compact from object to boolean');
     // If it has properties, assume it should be enabled
-    fixed.tools.compact = true
+    fixed.tools.compact = true;
   }
 
   // Remove invalid properties
-  const invalidProps = ['maxTokens', 'contextWindow']
-  invalidProps.forEach((prop) => {
-    if (fixed[prop] !== undefined) {
-      console.warn(`⚠️  Removing invalid property: ${prop}`)
-      delete fixed[prop]
+  const invalidProperties = ['maxTokens', 'contextWindow'];
+  for (const property of invalidProperties) {
+    if (fixed[property] !== undefined) {
+      console.warn(`⚠️  Removing invalid property: ${property}`);
+      delete fixed[property];
     }
-  })
+  }
 
   // Fix provider models with invalid properties
   if (fixed.provider) {
     Object.values(fixed.provider).forEach((provider: any) => {
       if (provider?.models) {
         Object.values(provider.models).forEach((model: any) => {
-          if (model && typeof model === 'object') {
-            // Move maxTokens/contextWindow to proper structure if needed
-            if (model.maxTokens || model.contextWindow) {
-              if (!model.limit) model.limit = {}
-
-              // Use the larger of maxTokens/contextWindow for context
-              const contextValues = [
-                model.maxTokens,
-                model.contextWindow,
-              ].filter(Boolean)
-              if (contextValues.length > 0) {
-                const newContext = Math.max(...contextValues)
-                if (!model.limit.context || newContext > model.limit.context) {
-                  model.limit.context = newContext
-                }
-              }
-
-              // Set a reasonable default for output if not present
-              // (typically 1/4 to 1/8 of context window)
-              if (!model.limit.output && model.limit.context) {
-                model.limit.output = Math.floor(model.limit.context / 4)
+          if (
+            model &&
+            typeof model === 'object' && // Move maxTokens/contextWindow to proper structure if needed
+            (model.maxTokens || model.contextWindow)
+          ) {
+            if (!model.limit) model.limit = {};
+
+            // Use the larger of maxTokens/contextWindow for context
+            const contextValues = [model.maxTokens, model.contextWindow].filter(Boolean);
+            if (contextValues.length > 0) {
+              const newContext = Math.max(...contextValues);
+              if (!model.limit.context || newContext > model.limit.context) {
+                model.limit.context = newContext;
               }
+            }
 
-              delete model.maxTokens
-              delete model.contextWindow
-              console.warn(
-                '⚠️  Moved maxTokens/contextWindow to limit.context/output',
-              )
+            // Set a reasonable default for output if not present
+            // (typically 1/4 to 1/8 of context window)
+            if (!model.limit.output && model.limit.context) {
+              model.limit.output = Math.floor(model.limit.context / 4);
             }
+
+            delete model.maxTokens;
+            delete model.contextWindow;
+            console.warn('⚠️  Moved maxTokens/contextWindow to limit.context/output');
           }
-        })
+        });
       }
-    })
+    });
   }
 
-  return fixed
+  return fixed;
+}
+
+/**
+ * Validate OpenCode configuration against the official JSON Schema
+ */
+export function validateOpenCodeConfig(config: any): {
+  errors?: string[];
+  valid: boolean;
+} {
+  try {
+    if (!validateFunction) {
+      return { errors: ['Schema validator not initialized'], valid: false };
+    }
+
+    const isValid = validateFunction(config);
+
+    if (isValid) {
+      return { valid: true };
+    } else {
+      const errors = validateFunction.errors?.map((error: any) => {
+        const path = error.instancePath || error.schemaPath || 'root';
+        const message = error.message || 'Unknown error';
+        return `${path}: ${message}`;
+      }) || ['Unknown validation error'];
+
+      return { errors, valid: false };
+    }
+  } catch (error) {
+    console.error('Validation error:', error);
+    return { errors: ['Validation process failed'], valid: false };
+  }
 }

package/src/utils/token-manager.ts

@@ -1,94 +1,64 @@
-import * as fs from 'fs'
-import * as path from 'path'
-import * as os from 'os'
-import chalk from 'chalk'
-import { logger } from './logger'
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+
+import { logger } from './logger';
 
 interface TokenData {
-  access_token: string
-  refresh_token: string
-  expires_at: number // timestamp in milliseconds
+  access_token: string;
+  expires_at: number; // timestamp in milliseconds
+  refresh_token: string;
 }
 
 /**
  * Manages authentication tokens including refresh functionality
  */
 export class TokenManager {
-  private static instance: TokenManager
-  private tokenFilePath: string
-  private tokenData: TokenData | null = null
+  private static instance: TokenManager;
+  private tokenData: null | TokenData = null;
+  private tokenFilePath: string;
 
   private constructor() {
     // Set up token file path in user's home directory
-    const bergetDir = path.join(os.homedir(), '.berget')
+    const bergetDir = path.join(os.homedir(), '.berget');
     if (!fs.existsSync(bergetDir)) {
-      fs.mkdirSync(bergetDir, { recursive: true })
+      fs.mkdirSync(bergetDir, { recursive: true });
     }
-    this.tokenFilePath = path.join(bergetDir, 'auth.json')
-    this.loadToken()
+    this.tokenFilePath = path.join(bergetDir, 'auth.json');
+    this.loadToken();
   }
 
   public static getInstance(): TokenManager {
     if (!TokenManager.instance) {
-      TokenManager.instance = new TokenManager()
+      TokenManager.instance = new TokenManager();
     }
-    return TokenManager.instance
+    return TokenManager.instance;
   }
 
   /**
-   * Load token data from file
-   */
-  private loadToken(): void {
-    try {
-      if (fs.existsSync(this.tokenFilePath)) {
-        const data = fs.readFileSync(this.tokenFilePath, 'utf8')
-        this.tokenData = JSON.parse(data)
-      }
-    } catch (error) {
-      logger.error('Failed to load authentication token')
-      this.tokenData = null
-    }
-  }
-
-  /**
-   * Save token data to file
+   * Clear all token data
    */
-  private saveToken(): void {
-    try {
-      if (this.tokenData) {
-        fs.writeFileSync(
-          this.tokenFilePath,
-          JSON.stringify(this.tokenData, null, 2),
-        )
-        // Set file permissions to be readable only by the owner
-        fs.chmodSync(this.tokenFilePath, 0o600)
-      } else {
-        // If token data is null, remove the file
-        if (fs.existsSync(this.tokenFilePath)) {
-          fs.unlinkSync(this.tokenFilePath)
-        }
-      }
-    } catch (error) {
-      logger.error('Failed to save authentication token')
-    }
+  public clearTokens(): void {
+    this.tokenData = null;
+    this.saveToken();
   }
 
   /**
    * Get the current access token
    * @returns The access token or null if not available
    */
-  public getAccessToken(): string | null {
-    if (!this.tokenData) return null
-    return this.tokenData.access_token
+  public getAccessToken(): null | string {
+    if (!this.tokenData) return null;
+    return this.tokenData.access_token;
   }
 
   /**
    * Get the refresh token
    * @returns The refresh token or null if not available
    */
-  public getRefreshToken(): string | null {
-    if (!this.tokenData) return null
-    return this.tokenData.refresh_token
+  public getRefreshToken(): null | string {
+    if (!this.tokenData) return null;
+    return this.tokenData.refresh_token;
   }
 
   /**
@@ -96,34 +66,34 @@ export class TokenManager {
    * @returns true if expired or about to expire (within 10% of lifetime or 30 seconds), false otherwise
    */
   public isTokenExpired(): boolean {
-    if (!this.tokenData || !this.tokenData.expires_at) return true
+    if (!this.tokenData || !this.tokenData.expires_at) return true;
 
     try {
-      const now = Date.now()
-      const expiresAt = this.tokenData.expires_at
-      const timeUntilExpiry = expiresAt - now
+      const now = Date.now();
+      const expiresAt = this.tokenData.expires_at;
+      const timeUntilExpiry = expiresAt - now;
 
       // Use 10% of remaining lifetime or 30 seconds, whichever is smaller
       // This ensures we don't refresh tokens that were just issued
-      const minBuffer = 30 * 1000 // 30 seconds minimum
-      const percentBuffer = timeUntilExpiry * 0.1 // 10% of lifetime
-      const expirationBuffer = Math.min(minBuffer, percentBuffer)
+      const minBuffer = 30 * 1000; // 30 seconds minimum
+      const percentBuffer = timeUntilExpiry * 0.1; // 10% of lifetime
+      const expirationBuffer = Math.min(minBuffer, percentBuffer);
 
-      const isExpired = now + expirationBuffer >= expiresAt
+      const isExpired = now + expirationBuffer >= expiresAt;
 
       if (isExpired) {
         logger.debug(
           `Token expired or expiring soon. Current time: ${new Date().toISOString()}, Expiry: ${new Date(expiresAt).toISOString()}`,
-        )
+        );
       }
 
-      return isExpired
+      return isExpired;
     } catch (error) {
       // If there's any error checking expiration, assume token is expired
       logger.error(
         `Error checking token expiration: ${error instanceof Error ? error.message : String(error)}`,
-      )
-      return true
+      );
+      return true;
     }
   }
 
@@ -131,39 +101,90 @@ export class TokenManager {
    * Set new token data
    * @param accessToken The new access token
    * @param refreshToken The new refresh token
-   * @param expiresIn Expiration time in seconds
+   * @param expiresIn Expiration time in seconds (fallback if JWT parsing fails)
    */
-  public setTokens(
-    accessToken: string,
-    refreshToken: string,
-    expiresIn: number,
-  ): void {
+  public setTokens(accessToken: string, refreshToken: string, expiresIn: number): void {
+    // Extract the actual expiry time from the JWT token
+    const jwtExpiresAt = extractJwtExpiresAt(accessToken);
+    const expiresAt = jwtExpiresAt > 0 ? jwtExpiresAt : Date.now() + expiresIn * 1000;
+
     this.tokenData = {
       access_token: accessToken,
+      expires_at: expiresAt,
       refresh_token: refreshToken,
-      expires_at: Date.now() + expiresIn * 1000,
-    }
-    this.saveToken()
+    };
+    this.saveToken();
   }
 
   /**
    * Update just the access token and its expiration
    * @param accessToken The new access token
-   * @param expiresIn Expiration time in seconds
+   * @param expiresIn Expiration time in seconds (fallback if JWT parsing fails)
    */
   public updateAccessToken(accessToken: string, expiresIn: number): void {
-    if (!this.tokenData) return
+    if (!this.tokenData) return;
+
+    // Extract the actual expiry time from the JWT token
+    const jwtExpiresAt = extractJwtExpiresAt(accessToken);
+    const expiresAt = jwtExpiresAt > 0 ? jwtExpiresAt : Date.now() + expiresIn * 1000;
 
-    this.tokenData.access_token = accessToken
-    this.tokenData.expires_at = Date.now() + expiresIn * 1000
-    this.saveToken()
+    this.tokenData.access_token = accessToken;
+    this.tokenData.expires_at = expiresAt;
+    this.saveToken();
   }
 
   /**
-   * Clear all token data
+   * Load token data from file
    */
-  public clearTokens(): void {
-    this.tokenData = null
-    this.saveToken()
+  private loadToken(): void {
+    try {
+      if (fs.existsSync(this.tokenFilePath)) {
+        const data = fs.readFileSync(this.tokenFilePath, 'utf8');
+        this.tokenData = JSON.parse(data);
+      }
+    } catch {
+      logger.error('Failed to load authentication token');
+      this.tokenData = null;
+    }
+  }
+
+  /**
+   * Save token data to file
+   */
+  private saveToken(): void {
+    try {
+      if (this.tokenData) {
+        fs.writeFileSync(this.tokenFilePath, JSON.stringify(this.tokenData, null, 2));
+        // Set file permissions to be readable only by the owner
+        fs.chmodSync(this.tokenFilePath, 0o600);
+      } else {
+        // If token data is null, remove the file
+        if (fs.existsSync(this.tokenFilePath)) {
+          fs.unlinkSync(this.tokenFilePath);
+        }
+      }
+    } catch {
+      logger.error('Failed to save authentication token');
+    }
+  }
+}
+
+/**
+ * Extract the expiration time from a JWT token
+ * @param accessToken The JWT access token
+ * @returns The expiration timestamp in milliseconds, or 0 if invalid
+ */
+function extractJwtExpiresAt(accessToken: string): number {
+  try {
+    const parts = accessToken.split('.');
+    if (parts.length !== 3) return 0;
+    const payload = Buffer.from(parts[1], 'base64url').toString('utf8');
+    const decoded = JSON.parse(payload);
+    if (typeof decoded.exp === 'number') {
+      return decoded.exp * 1000; // JWT exp is in seconds, convert to milliseconds
+    }
+  } catch {
+    // If decoding fails, return 0 (treated as expired)
   }
+  return 0;
 }

package/templates/agents/app.md

@@ -12,6 +12,7 @@ permission:
 You are Berget Code App agent. Voice: Scandinavian calm—precise, concise, confident. Expo + React Native + TypeScript. Structure by components/hooks/services/navigation. Components are pure; data via props; refactor shared logic into hooks/stores. Share tokens with frontend. Mock data in /data via typed hooks; later replace with live APIs. Offline via SQLite/MMKV; notifications via Expo. Request permissions only when needed. Subtle, meaningful motion; light/dark parity.
 
 GIT WORKFLOW RULES (CRITICAL):
+
 - NEVER push directly to main branch - ALWAYS use pull requests
 - NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
 - ALWAYS clean up test files, documentation files, and temporary artifacts before committing

package/templates/agents/backend.md

@@ -12,6 +12,7 @@ permission:
 You are Berget Code Backend agent. Voice: Scandinavian calm—precise, concise, confident. TypeScript + Koa. Prefer many small pure functions; avoid big try/catch blocks. Routes thin; logic in services/adapters/domain. Validate with Zod; auto-generate OpenAPI. Adapters isolate external systems; domain never depends on framework. Test with supertest; idempotent and stateless by default. Each microservice emits an OpenAPI contract; changes propagate upward to types. Code Quality & Refactoring Principles: Apply Single Responsibility Principle, fail fast with explicit errors, eliminate code duplication, remove nested complexity, use descriptive error codes, keep functions under 30 lines. Always leave code cleaner and more readable than you found it.
 
 GIT WORKFLOW RULES (CRITICAL):
+
 - NEVER push directly to main branch - ALWAYS use pull requests
 - NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
 - ALWAYS clean up test files, documentation files, and temporary artifacts before committing

package/templates/agents/devops.md

@@ -12,6 +12,7 @@ permission:
 You are Berget Code DevOps agent. Voice: Scandinavian calm—precise, concise, confident. Start simple: k8s/{deployment,service,ingress}. Add FluxCD sync to repo and image automation. Use Kustomize bases/overlays (staging, production). Add dependencies via Helm from upstream sources; prefer native operators when available (CloudNativePG, cert-manager, external-dns). SemVer with -rc tags keeps CI environments current. Observability with Prometheus/Grafana. No manual kubectl in production—Git is the source of truth.
 
 GIT WORKFLOW RULES (CRITICAL):
+
 - NEVER push directly to main branch - ALWAYS use pull requests
 - NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
 - ALWAYS clean up test files, documentation files, and temporary artifacts before committing
@@ -20,6 +21,7 @@ GIT WORKFLOW RULES (CRITICAL):
 - ALWAYS run tests and build before creating PR
 
 Helm Values Configuration Process:
+
 1. Documentation First Approach: Always fetch official documentation from Artifact Hub/GitHub for the specific chart version before writing values. Search Artifact Hub for exact chart version documentation, check the chart's GitHub repository for official docs and examples, verify the exact version being used in the deployment.
 2. Validation Requirements: Check for available validation schemas before committing YAML files. Use Helm's built-in validation tools (helm lint, helm template). Validate against JSON schema if available for the chart. Ensure YAML syntax correctness with linters.
 3. Standard Workflow: Identify chart name and exact version. Fetch official documentation from Artifact Hub/GitHub. Check for available schemas and validation tools. Write values according to official documentation. Validate against schema (if available). Test with helm template or helm lint. Commit validated YAML files.

package/templates/agents/frontend.md

@@ -14,6 +14,7 @@ You are Berget Code Frontend agent. Voice: Scandinavian calm—precise, concise,
 IMPORTANT: You have NO bash access and cannot run git commands. When your frontend implementation tasks are complete, inform the user that changes are ready and suggest using /pr command to create a pull request with proper testing and quality checks.
 
 CODE QUALITY RULES:
+
 - Write clean, production-ready code
 - Follow React and TypeScript best practices
 - Ensure accessibility and responsive design

package/templates/agents/fullstack.md

@@ -12,6 +12,7 @@ permission:
 Voice: Scandinavian calm—precise, concise, confident; no fluff. You are Berget Code Fullstack agent. Act as a router and coordinator in a monorepo. Bottom-up schema: database → OpenAPI → generated types. Top-down types: API → UI → components. Use openapi-fetch and Zod at every boundary; compile-time errors are desired when contracts change. Routing rules: if task/paths match /apps/frontend or React (.tsx) → use frontend; if /apps/app or Expo/React Native → app; if /infra, /k8s, flux-system, kustomization.yaml, Helm values → devops; if /services, Koa routers, services/adapters/domain → backend. If ambiguous, remain fullstack and outline the end-to-end plan, then delegate subtasks to the right persona. Security: validate inputs; secrets via FluxCD SOPS/Sealed Secrets. Documentation is generated from code—never duplicated.
 
 GIT WORKFLOW RULES (CRITICAL):
+
 - NEVER push directly to main branch - ALWAYS use pull requests
 - NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
 - ALWAYS clean up test files, documentation files, and temporary artifacts before committing

package/templates/agents/quality.md

@@ -12,53 +12,58 @@ permission:
 Voice: Scandinavian calm—precise, concise, confident. You are Berget Code Quality agent. Specialist in code quality assurance, testing, building, and pull request lifecycle management.
 
 Core responsibilities:
-  - Run comprehensive test suites (npm test, npm run test, jest, vitest)
-  - Execute build processes (npm run build, webpack, vite, tsc)
-  - Create and manage pull requests with proper descriptions
-  - Handle merge conflicts and keep main updated
-  - Monitor GitHub for reviewer comments and address them
-  - Ensure code quality standards are met
-  - Validate linting and formatting (npm run lint, prettier)
-  - Check test coverage and performance benchmarks
-  - Handle CI/CD pipeline validation
+
+- Run comprehensive test suites (npm test, npm run test, jest, vitest)
+- Execute build processes (npm run build, webpack, vite, tsc)
+- Create and manage pull requests with proper descriptions
+- Handle merge conflicts and keep main updated
+- Monitor GitHub for reviewer comments and address them
+- Ensure code quality standards are met
+- Validate linting and formatting (npm run lint, prettier)
+- Check test coverage and performance benchmarks
+- Handle CI/CD pipeline validation
 
 Complete PR Workflow:
-  1. Ensure all tests pass: npm test
-  2. Build successfully: npm run build
-  3. Commit all changes with proper message
-  4. Push to feature branch
-  5. Update main branch and handle merge conflicts
-  6. Create or update PR with comprehensive description
-  7. Monitor for reviewer comments
-  8. Address feedback and push updates
-  9. Always provide PR URL for user review
+
+1. Ensure all tests pass: npm test
+2. Build successfully: npm run build
+3. Commit all changes with proper message
+4. Push to feature branch
+5. Update main branch and handle merge conflicts
+6. Create or update PR with comprehensive description
+7. Monitor for reviewer comments
+8. Address feedback and push updates
+9. Always provide PR URL for user review
 
 Essential CLI commands:
-  - npm test or npm run test (run test suite)
-  - npm run build (build project)
-  - npm run lint (run linting)
-  - npm run format (format code)
-  - npm run test:coverage (check coverage)
-  - git add <specific-files> && git commit -m "message" && git push (commit and push)
-  - git checkout main && git pull origin main (update main)
-  - git checkout feature-branch && git merge main (handle conflicts)
-  - gh pr create --title "title" --body "body" (create PR)
-  - gh pr view --comments (check PR comments)
-  - gh pr edit --title "title" --body "body" (update PR)
+
+- npm test or npm run test (run test suite)
+- npm run build (build project)
+- npm run lint (run linting)
+- npm run format (format code)
+- npm run test:coverage (check coverage)
+- git add <specific-files> && git commit -m "message" && git push (commit and push)
+- git checkout main && git pull origin main (update main)
+- git checkout feature-branch && git merge main (handle conflicts)
+- gh pr create --title "title" --body "body" (create PR)
+- gh pr view --comments (check PR comments)
+- gh pr edit --title "title" --body "body" (update PR)
 
 PR Creation Process:
-  - Always include clear summary of changes
-  - List technical details and improvements
-  - Include testing and validation results
-  - Add any breaking changes or migration notes
-  - Provide PR URL immediately after creation
+
+- Always include clear summary of changes
+- List technical details and improvements
+- Include testing and validation results
+- Add any breaking changes or migration notes
+- Provide PR URL immediately after creation
 
 GIT WORKFLOW RULES (CRITICAL - ENFORCE STRICTLY):
-  - NEVER push directly to main branch - ALWAYS use pull requests
-  - NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
-  - ALWAYS clean up test files, documentation files, and temporary artifacts before committing
-  - ALWAYS ensure git history maintains production quality - no test commits, no debugging code
-  - ALWAYS create descriptive commit messages following project conventions
-  - ALWAYS run tests and build before creating PR
+
+- NEVER push directly to main branch - ALWAYS use pull requests
+- NEVER use 'git add .' - ALWAYS add specific files with 'git add path/to/file'
+- ALWAYS clean up test files, documentation files, and temporary artifacts before committing
+- ALWAYS ensure git history maintains production quality - no test commits, no debugging code
+- ALWAYS create descriptive commit messages following project conventions
+- ALWAYS run tests and build before creating PR
 
 Always provide specific command examples and wait for processes to complete before proceeding.