blockmine 1.24.0 → 1.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (346) hide show
  1. package/CHANGELOG.md +32 -0
  2. package/README.en.md +427 -0
  3. package/README.md +40 -0
  4. package/backend/cli.js +1 -1
  5. package/backend/src/ai/plugin-assistant-system-prompt.md +664 -5
  6. package/backend/src/api/routes/bots.js +13 -0
  7. package/backend/src/api/routes/servers.js +14 -2
  8. package/backend/src/core/BotProcess.js +98 -2
  9. package/backend/src/core/PluginLoader.js +83 -3
  10. package/backend/src/core/PluginManager.js +75 -5
  11. package/backend/src/core/services/BotLifecycleService.js +186 -2
  12. package/backend/src/server.js +11 -1
  13. package/frontend/dist/assets/browser-ponyfill-DN7pwmHT.js +2 -0
  14. package/frontend/dist/assets/index-LSy71uwm.js +11261 -0
  15. package/frontend/dist/assets/index-SfhKxI4-.css +32 -0
  16. package/frontend/dist/flags/en.svg +32 -0
  17. package/frontend/dist/flags/ru.svg +5 -0
  18. package/frontend/dist/index.html +2 -2
  19. package/frontend/dist/locales/en/admin.json +100 -0
  20. package/frontend/dist/locales/en/api-keys.json +58 -0
  21. package/frontend/dist/locales/en/bots.json +110 -0
  22. package/frontend/dist/locales/en/common.json +47 -0
  23. package/frontend/dist/locales/en/configuration.json +22 -0
  24. package/frontend/dist/locales/en/console.json +10 -0
  25. package/frontend/dist/locales/en/dashboard.json +85 -0
  26. package/frontend/dist/locales/en/dialogs.json +70 -0
  27. package/frontend/dist/locales/en/event-graphs.json +50 -0
  28. package/frontend/dist/locales/en/graph-store.json +70 -0
  29. package/frontend/dist/locales/en/login.json +34 -0
  30. package/frontend/dist/locales/en/management.json +114 -0
  31. package/frontend/dist/locales/en/minecraft-viewer.json +27 -0
  32. package/frontend/dist/locales/en/nodes.json +1077 -0
  33. package/frontend/dist/locales/en/permissions.json +50 -0
  34. package/frontend/dist/locales/en/plugin-detail.json +49 -0
  35. package/frontend/dist/locales/en/plugins.json +110 -0
  36. package/frontend/dist/locales/en/proxies.json +81 -0
  37. package/frontend/dist/locales/en/servers.json +39 -0
  38. package/frontend/dist/locales/en/setup.json +17 -0
  39. package/frontend/dist/locales/en/sidebar.json +27 -0
  40. package/frontend/dist/locales/en/tasks.json +62 -0
  41. package/frontend/dist/locales/en/visual-editor.json +219 -0
  42. package/frontend/dist/locales/en/websocket.json +86 -0
  43. package/frontend/dist/locales/ru/admin.json +100 -0
  44. package/frontend/dist/locales/ru/api-keys.json +58 -0
  45. package/frontend/dist/locales/ru/bots.json +110 -0
  46. package/frontend/dist/locales/ru/common.json +49 -0
  47. package/frontend/dist/locales/ru/configuration.json +22 -0
  48. package/frontend/dist/locales/ru/console.json +10 -0
  49. package/frontend/dist/locales/ru/dashboard.json +85 -0
  50. package/frontend/dist/locales/ru/dialogs.json +70 -0
  51. package/frontend/dist/locales/ru/event-graphs.json +50 -0
  52. package/frontend/dist/locales/ru/graph-store.json +70 -0
  53. package/frontend/dist/locales/ru/login.json +34 -0
  54. package/frontend/dist/locales/ru/management.json +114 -0
  55. package/frontend/dist/locales/ru/minecraft-viewer.json +27 -0
  56. package/frontend/dist/locales/ru/nodes.json +1077 -0
  57. package/frontend/dist/locales/ru/permissions.json +50 -0
  58. package/frontend/dist/locales/ru/plugin-detail.json +49 -0
  59. package/frontend/dist/locales/ru/plugins.json +110 -0
  60. package/frontend/dist/locales/ru/proxies.json +81 -0
  61. package/frontend/dist/locales/ru/servers.json +39 -0
  62. package/frontend/dist/locales/ru/setup.json +17 -0
  63. package/frontend/dist/locales/ru/sidebar.json +27 -0
  64. package/frontend/dist/locales/ru/tasks.json +62 -0
  65. package/frontend/dist/locales/ru/visual-editor.json +221 -0
  66. package/frontend/dist/locales/ru/websocket.json +86 -0
  67. package/frontend/dist/monacoeditorwork/css.worker.bundle.js +7 -7
  68. package/frontend/dist/monacoeditorwork/html.worker.bundle.js +7 -7
  69. package/frontend/dist/monacoeditorwork/json.worker.bundle.js +7 -7
  70. package/frontend/dist/monacoeditorwork/ts.worker.bundle.js +3 -3
  71. package/frontend/package.json +4 -0
  72. package/package.json +1 -1
  73. package/screen/3dviewer.png +0 -0
  74. package/screen/console.png +0 -0
  75. package/screen/dashboard.png +0 -0
  76. package/screen/graph_collabe.png +0 -0
  77. package/screen/graph_live_debug.png +0 -0
  78. package/screen/language_selector.png +0 -0
  79. package/screen/management_command.png +0 -0
  80. package/screen/node_debug_trace.png +0 -0
  81. package/screen/plugin_/320/276/320/261/320/267/320/276/321/200.png +0 -0
  82. package/screen/websocket.png +0 -0
  83. package/screen//320/275/320/260/321/201/321/202/321/200/320/276/320/271/320/272/320/270_/320/276/321/202/320/264/320/265/320/273/321/214/320/275/321/213/321/205_/320/272/320/276/320/274/320/260/320/275/320/264_/320/272/320/260/320/266/320/264/321/203_/320/272/320/276/320/274/320/260/320/275/320/273/320/264/321/203_/320/274/320/276/320/266/320/275/320/276_/320/275/320/260/321/201/321/202/321/200/320/260/320/270/320/262/320/260/321/202/321/214.png +0 -0
  84. package/screen//320/277/320/273/320/260/320/275/320/270/321/200/320/276/320/262/321/211/320/270/320/272_/320/274/320/276/320/266/320/275/320/276_/320/267/320/260/320/264/320/260/320/262/320/260/321/202/321/214_/320/264/320/265/320/271/321/201/321/202/320/262/320/270/321/217_/320/277/320/276_/320/262/321/200/320/265/320/274/320/265/320/275/320/270.png +0 -0
  85. package/.claude/agents/README.md +0 -469
  86. package/.claude/agents/auth-route-debugger.md +0 -118
  87. package/.claude/agents/auth-route-tester.md +0 -93
  88. package/.claude/agents/auto-error-resolver.md +0 -97
  89. package/.claude/agents/build-optimizer.md +0 -236
  90. package/.claude/agents/code-architect.md +0 -34
  91. package/.claude/agents/code-architecture-reviewer.md +0 -83
  92. package/.claude/agents/code-explorer.md +0 -51
  93. package/.claude/agents/code-refactor-master.md +0 -94
  94. package/.claude/agents/code-reviewer.md +0 -46
  95. package/.claude/agents/cost-optimizer.md +0 -134
  96. package/.claude/agents/deployment-orchestrator.md +0 -113
  97. package/.claude/agents/documentation-architect.md +0 -82
  98. package/.claude/agents/frontend-error-fixer.md +0 -77
  99. package/.claude/agents/iac-code-generator.md +0 -71
  100. package/.claude/agents/incident-responder.md +0 -346
  101. package/.claude/agents/infrastructure-architect.md +0 -31
  102. package/.claude/agents/kubernetes-specialist.md +0 -56
  103. package/.claude/agents/migration-planner.md +0 -181
  104. package/.claude/agents/network-architect.md +0 -196
  105. package/.claude/agents/plan-reviewer.md +0 -52
  106. package/.claude/agents/refactor-planner.md +0 -63
  107. package/.claude/agents/security-scanner.md +0 -102
  108. package/.claude/agents/web-research-specialist.md +0 -78
  109. package/.claude/commands/cost-analysis.md +0 -315
  110. package/.claude/commands/dev-docs-update.md +0 -55
  111. package/.claude/commands/dev-docs.md +0 -51
  112. package/.claude/commands/feature-dev.md +0 -125
  113. package/.claude/commands/incident-debug.md +0 -247
  114. package/.claude/commands/infra-plan.md +0 -81
  115. package/.claude/commands/migration-plan.md +0 -478
  116. package/.claude/commands/route-research-for-testing.md +0 -37
  117. package/.claude/commands/security-review.md +0 -66
  118. package/.claude/hooks/CONFIG.md +0 -448
  119. package/.claude/hooks/README.md +0 -163
  120. package/.claude/hooks/SKILL_ACTIVATION_COMPLETE.md +0 -226
  121. package/.claude/hooks/WINDOWS_HOOKS_README.md +0 -151
  122. package/.claude/hooks/add-skill-activation-banners.ts +0 -132
  123. package/.claude/hooks/comprehensive-skill-test.ts +0 -1315
  124. package/.claude/hooks/error-handling-reminder.sh +0 -12
  125. package/.claude/hooks/error-handling-reminder.ts +0 -222
  126. package/.claude/hooks/k8s-manifest-validator.sh +0 -56
  127. package/.claude/hooks/package-lock.json +0 -556
  128. package/.claude/hooks/package.json +0 -16
  129. package/.claude/hooks/post-tool-use-tracker.ps1 +0 -174
  130. package/.claude/hooks/post-tool-use-tracker.sh +0 -183
  131. package/.claude/hooks/security-policy-check.sh +0 -247
  132. package/.claude/hooks/skill-activation-prompt.ps1 +0 -10
  133. package/.claude/hooks/skill-activation-prompt.sh +0 -10
  134. package/.claude/hooks/skill-activation-prompt.ts +0 -141
  135. package/.claude/hooks/stop-build-check-enhanced.sh +0 -130
  136. package/.claude/hooks/terraform-validator.sh +0 -53
  137. package/.claude/hooks/test-input.json +0 -7
  138. package/.claude/hooks/test-skill-activation.ts +0 -427
  139. package/.claude/hooks/trigger-build-resolver.sh +0 -79
  140. package/.claude/hooks/tsc-check.sh +0 -173
  141. package/.claude/hooks/tsconfig.json +0 -19
  142. package/.claude/settings.json +0 -59
  143. package/.claude/settings.local.json +0 -67
  144. package/.claude/skills/README.md +0 -507
  145. package/.claude/skills/api-engineering/SKILL.md +0 -63
  146. package/.claude/skills/api-engineering/resources/api-versioning.md +0 -88
  147. package/.claude/skills/api-engineering/resources/graphql-patterns.md +0 -106
  148. package/.claude/skills/api-engineering/resources/rate-limiting.md +0 -118
  149. package/.claude/skills/api-engineering/resources/rest-api-design.md +0 -105
  150. package/.claude/skills/backend-dev-guidelines/SKILL.md +0 -306
  151. package/.claude/skills/backend-dev-guidelines/resources/architecture-overview.md +0 -451
  152. package/.claude/skills/backend-dev-guidelines/resources/async-and-errors.md +0 -307
  153. package/.claude/skills/backend-dev-guidelines/resources/complete-examples.md +0 -638
  154. package/.claude/skills/backend-dev-guidelines/resources/configuration.md +0 -275
  155. package/.claude/skills/backend-dev-guidelines/resources/database-patterns.md +0 -224
  156. package/.claude/skills/backend-dev-guidelines/resources/middleware-guide.md +0 -213
  157. package/.claude/skills/backend-dev-guidelines/resources/routing-and-controllers.md +0 -756
  158. package/.claude/skills/backend-dev-guidelines/resources/sentry-and-monitoring.md +0 -336
  159. package/.claude/skills/backend-dev-guidelines/resources/services-and-repositories.md +0 -789
  160. package/.claude/skills/backend-dev-guidelines/resources/testing-guide.md +0 -235
  161. package/.claude/skills/backend-dev-guidelines/resources/validation-patterns.md +0 -754
  162. package/.claude/skills/budget-and-cost-management/SKILL.md +0 -850
  163. package/.claude/skills/build-engineering/SKILL.md +0 -431
  164. package/.claude/skills/build-engineering/resources/artifact-repositories.md +0 -72
  165. package/.claude/skills/build-engineering/resources/build-caching.md +0 -96
  166. package/.claude/skills/build-engineering/resources/build-pipelines.md +0 -105
  167. package/.claude/skills/build-engineering/resources/build-security.md +0 -95
  168. package/.claude/skills/build-engineering/resources/build-systems.md +0 -389
  169. package/.claude/skills/build-engineering/resources/compilation-optimization.md +0 -201
  170. package/.claude/skills/build-engineering/resources/dependency-management.md +0 -73
  171. package/.claude/skills/build-engineering/resources/monorepo-builds.md +0 -110
  172. package/.claude/skills/build-engineering/resources/performance-optimization.md +0 -113
  173. package/.claude/skills/build-engineering/resources/reproducible-builds.md +0 -82
  174. package/.claude/skills/cloud-engineering/SKILL.md +0 -675
  175. package/.claude/skills/cloud-engineering/resources/aws-patterns.md +0 -742
  176. package/.claude/skills/cloud-engineering/resources/azure-patterns.md +0 -714
  177. package/.claude/skills/cloud-engineering/resources/cleared-cloud-environments.md +0 -987
  178. package/.claude/skills/cloud-engineering/resources/cloud-cost-optimization.md +0 -757
  179. package/.claude/skills/cloud-engineering/resources/cloud-networking.md +0 -1058
  180. package/.claude/skills/cloud-engineering/resources/cloud-security-tools.md +0 -1530
  181. package/.claude/skills/cloud-engineering/resources/cloud-security.md +0 -990
  182. package/.claude/skills/cloud-engineering/resources/gcp-patterns.md +0 -758
  183. package/.claude/skills/cloud-engineering/resources/migration-strategies.md +0 -820
  184. package/.claude/skills/cloud-engineering/resources/multi-cloud-strategies.md +0 -670
  185. package/.claude/skills/cloud-engineering/resources/oci-patterns.md +0 -1198
  186. package/.claude/skills/cloud-engineering/resources/serverless-patterns.md +0 -795
  187. package/.claude/skills/cloud-engineering/resources/well-architected-frameworks.md +0 -966
  188. package/.claude/skills/cybersecurity/SKILL.md +0 -409
  189. package/.claude/skills/cybersecurity/resources/security-architecture.md +0 -266
  190. package/.claude/skills/database-engineering/SKILL.md +0 -61
  191. package/.claude/skills/database-engineering/resources/backup-and-recovery.md +0 -72
  192. package/.claude/skills/database-engineering/resources/database-replication.md +0 -63
  193. package/.claude/skills/database-engineering/resources/postgresql-fundamentals.md +0 -70
  194. package/.claude/skills/database-engineering/resources/query-optimization.md +0 -68
  195. package/.claude/skills/devsecops/SKILL.md +0 -374
  196. package/.claude/skills/devsecops/resources/ci-cd-security.md +0 -204
  197. package/.claude/skills/devsecops/resources/compliance-automation.md +0 -530
  198. package/.claude/skills/devsecops/resources/compliance-frameworks.md +0 -2322
  199. package/.claude/skills/devsecops/resources/container-security.md +0 -915
  200. package/.claude/skills/devsecops/resources/cspm-integration.md +0 -1440
  201. package/.claude/skills/devsecops/resources/policy-enforcement.md +0 -619
  202. package/.claude/skills/devsecops/resources/secrets-management.md +0 -755
  203. package/.claude/skills/devsecops/resources/security-monitoring.md +0 -146
  204. package/.claude/skills/devsecops/resources/security-scanning.md +0 -887
  205. package/.claude/skills/devsecops/resources/security-testing.md +0 -203
  206. package/.claude/skills/devsecops/resources/supply-chain-security.md +0 -518
  207. package/.claude/skills/devsecops/resources/vulnerability-management.md +0 -481
  208. package/.claude/skills/devsecops/resources/zero-trust-architecture.md +0 -177
  209. package/.claude/skills/documentation-as-code/SKILL.md +0 -323
  210. package/.claude/skills/documentation-as-code/resources/api-documentation.md +0 -90
  211. package/.claude/skills/documentation-as-code/resources/changelog-management.md +0 -79
  212. package/.claude/skills/documentation-as-code/resources/diagram-generation.md +0 -44
  213. package/.claude/skills/documentation-as-code/resources/docs-as-code-workflow.md +0 -99
  214. package/.claude/skills/documentation-as-code/resources/documentation-automation.md +0 -68
  215. package/.claude/skills/documentation-as-code/resources/documentation-sites.md +0 -79
  216. package/.claude/skills/documentation-as-code/resources/markdown-best-practices.md +0 -162
  217. package/.claude/skills/documentation-as-code/resources/openapi-specification.md +0 -77
  218. package/.claude/skills/documentation-as-code/resources/readme-engineering.md +0 -60
  219. package/.claude/skills/documentation-as-code/resources/technical-writing-guide.md +0 -202
  220. package/.claude/skills/engineering-management/SKILL.md +0 -356
  221. package/.claude/skills/engineering-management/resources/career-ladders.md +0 -609
  222. package/.claude/skills/engineering-management/resources/hiring-and-assessment.md +0 -555
  223. package/.claude/skills/engineering-management/resources/one-on-one-guides.md +0 -609
  224. package/.claude/skills/engineering-management/resources/resource-planning.md +0 -557
  225. package/.claude/skills/engineering-management/resources/team-organization-patterns.md +0 -491
  226. package/.claude/skills/engineering-management/resources/technical-interviews.md +0 -474
  227. package/.claude/skills/engineering-operations-management/SKILL.md +0 -817
  228. package/.claude/skills/error-tracking/SKILL.md +0 -379
  229. package/.claude/skills/frontend-design/SKILL.md +0 -42
  230. package/.claude/skills/frontend-dev-guidelines/SKILL.md +0 -403
  231. package/.claude/skills/frontend-dev-guidelines/resources/common-patterns.md +0 -331
  232. package/.claude/skills/frontend-dev-guidelines/resources/complete-examples.md +0 -872
  233. package/.claude/skills/frontend-dev-guidelines/resources/component-patterns.md +0 -502
  234. package/.claude/skills/frontend-dev-guidelines/resources/data-fetching.md +0 -767
  235. package/.claude/skills/frontend-dev-guidelines/resources/file-organization.md +0 -502
  236. package/.claude/skills/frontend-dev-guidelines/resources/loading-and-error-states.md +0 -501
  237. package/.claude/skills/frontend-dev-guidelines/resources/performance.md +0 -406
  238. package/.claude/skills/frontend-dev-guidelines/resources/routing-guide.md +0 -364
  239. package/.claude/skills/frontend-dev-guidelines/resources/styling-guide.md +0 -428
  240. package/.claude/skills/frontend-dev-guidelines/resources/typescript-standards.md +0 -418
  241. package/.claude/skills/general-it-engineering/SKILL.md +0 -393
  242. package/.claude/skills/general-it-engineering/resources/asset-management.md +0 -712
  243. package/.claude/skills/general-it-engineering/resources/automation-orchestration.md +0 -817
  244. package/.claude/skills/general-it-engineering/resources/business-continuity.md +0 -786
  245. package/.claude/skills/general-it-engineering/resources/change-management.md +0 -715
  246. package/.claude/skills/general-it-engineering/resources/enterprise-monitoring.md +0 -729
  247. package/.claude/skills/general-it-engineering/resources/help-desk-operations.md +0 -738
  248. package/.claude/skills/general-it-engineering/resources/incident-service-management.md +0 -834
  249. package/.claude/skills/general-it-engineering/resources/it-governance.md +0 -753
  250. package/.claude/skills/general-it-engineering/resources/itil-framework.md +0 -503
  251. package/.claude/skills/general-it-engineering/resources/service-management.md +0 -669
  252. package/.claude/skills/infrastructure-architecture/SKILL.md +0 -328
  253. package/.claude/skills/infrastructure-architecture/resources/architecture-decision-records.md +0 -505
  254. package/.claude/skills/infrastructure-architecture/resources/architecture-patterns.md +0 -528
  255. package/.claude/skills/infrastructure-architecture/resources/capacity-planning.md +0 -453
  256. package/.claude/skills/infrastructure-architecture/resources/cleared-environment-architecture.md +0 -773
  257. package/.claude/skills/infrastructure-architecture/resources/cost-architecture.md +0 -499
  258. package/.claude/skills/infrastructure-architecture/resources/data-architecture.md +0 -501
  259. package/.claude/skills/infrastructure-architecture/resources/disaster-recovery.md +0 -535
  260. package/.claude/skills/infrastructure-architecture/resources/migration-architecture.md +0 -512
  261. package/.claude/skills/infrastructure-architecture/resources/multi-region-design.md +0 -608
  262. package/.claude/skills/infrastructure-architecture/resources/reference-architectures.md +0 -562
  263. package/.claude/skills/infrastructure-architecture/resources/security-architecture.md +0 -538
  264. package/.claude/skills/infrastructure-architecture/resources/system-design-principles.md +0 -489
  265. package/.claude/skills/infrastructure-architecture/resources/workload-classification.md +0 -1000
  266. package/.claude/skills/infrastructure-strategy/SKILL.md +0 -924
  267. package/.claude/skills/network-engineering/SKILL.md +0 -385
  268. package/.claude/skills/network-engineering/resources/dns-management.md +0 -738
  269. package/.claude/skills/network-engineering/resources/load-balancing.md +0 -820
  270. package/.claude/skills/network-engineering/resources/network-architecture.md +0 -546
  271. package/.claude/skills/network-engineering/resources/network-security.md +0 -921
  272. package/.claude/skills/network-engineering/resources/network-troubleshooting.md +0 -749
  273. package/.claude/skills/network-engineering/resources/routing-switching.md +0 -373
  274. package/.claude/skills/network-engineering/resources/sdn-networking.md +0 -695
  275. package/.claude/skills/network-engineering/resources/service-mesh-networking.md +0 -777
  276. package/.claude/skills/network-engineering/resources/tcp-ip-protocols.md +0 -444
  277. package/.claude/skills/network-engineering/resources/vpn-connectivity.md +0 -672
  278. package/.claude/skills/node-development/SKILL.md +0 -317
  279. package/.claude/skills/observability-engineering/SKILL.md +0 -101
  280. package/.claude/skills/observability-engineering/resources/apm-tools.md +0 -97
  281. package/.claude/skills/observability-engineering/resources/correlation-strategies.md +0 -87
  282. package/.claude/skills/observability-engineering/resources/distributed-tracing.md +0 -98
  283. package/.claude/skills/observability-engineering/resources/logs-aggregation.md +0 -118
  284. package/.claude/skills/observability-engineering/resources/observability-cost-optimization.md +0 -141
  285. package/.claude/skills/observability-engineering/resources/opentelemetry.md +0 -110
  286. package/.claude/skills/platform-engineering/SKILL.md +0 -555
  287. package/.claude/skills/platform-engineering/resources/architecture-overview.md +0 -600
  288. package/.claude/skills/platform-engineering/resources/container-orchestration.md +0 -916
  289. package/.claude/skills/platform-engineering/resources/cost-optimization.md +0 -634
  290. package/.claude/skills/platform-engineering/resources/developer-platforms.md +0 -670
  291. package/.claude/skills/platform-engineering/resources/gitops-automation.md +0 -650
  292. package/.claude/skills/platform-engineering/resources/infrastructure-as-code.md +0 -778
  293. package/.claude/skills/platform-engineering/resources/infrastructure-standards.md +0 -708
  294. package/.claude/skills/platform-engineering/resources/multi-tenancy.md +0 -602
  295. package/.claude/skills/platform-engineering/resources/platform-security.md +0 -711
  296. package/.claude/skills/platform-engineering/resources/resource-management.md +0 -592
  297. package/.claude/skills/platform-engineering/resources/service-mesh.md +0 -628
  298. package/.claude/skills/release-engineering/SKILL.md +0 -393
  299. package/.claude/skills/release-engineering/resources/artifact-management.md +0 -108
  300. package/.claude/skills/release-engineering/resources/build-optimization.md +0 -84
  301. package/.claude/skills/release-engineering/resources/ci-cd-pipelines.md +0 -411
  302. package/.claude/skills/release-engineering/resources/deployment-strategies.md +0 -197
  303. package/.claude/skills/release-engineering/resources/pipeline-security.md +0 -62
  304. package/.claude/skills/release-engineering/resources/progressive-delivery.md +0 -83
  305. package/.claude/skills/release-engineering/resources/release-automation.md +0 -68
  306. package/.claude/skills/release-engineering/resources/release-orchestration.md +0 -77
  307. package/.claude/skills/release-engineering/resources/rollback-strategies.md +0 -66
  308. package/.claude/skills/release-engineering/resources/versioning-strategies.md +0 -59
  309. package/.claude/skills/route-tester/SKILL.md +0 -392
  310. package/.claude/skills/skill-developer/ADVANCED.md +0 -197
  311. package/.claude/skills/skill-developer/HOOK_MECHANISMS.md +0 -306
  312. package/.claude/skills/skill-developer/PATTERNS_LIBRARY.md +0 -152
  313. package/.claude/skills/skill-developer/SKILL.md +0 -430
  314. package/.claude/skills/skill-developer/SKILL_RULES_REFERENCE.md +0 -315
  315. package/.claude/skills/skill-developer/TRIGGER_TYPES.md +0 -305
  316. package/.claude/skills/skill-developer/TROUBLESHOOTING.md +0 -514
  317. package/.claude/skills/skill-rules.json +0 -2989
  318. package/.claude/skills/sre/SKILL.md +0 -464
  319. package/.claude/skills/sre/resources/alerting-best-practices.md +0 -282
  320. package/.claude/skills/sre/resources/capacity-planning.md +0 -226
  321. package/.claude/skills/sre/resources/chaos-engineering.md +0 -193
  322. package/.claude/skills/sre/resources/disaster-recovery.md +0 -232
  323. package/.claude/skills/sre/resources/incident-management.md +0 -436
  324. package/.claude/skills/sre/resources/observability-stack.md +0 -240
  325. package/.claude/skills/sre/resources/on-call-runbooks.md +0 -167
  326. package/.claude/skills/sre/resources/performance-optimization.md +0 -108
  327. package/.claude/skills/sre/resources/reliability-patterns.md +0 -183
  328. package/.claude/skills/sre/resources/slo-sli-sla.md +0 -464
  329. package/.claude/skills/sre/resources/toil-reduction.md +0 -145
  330. package/.claude/skills/systems-engineering/SKILL.md +0 -648
  331. package/.claude/skills/systems-engineering/resources/automation-patterns.md +0 -771
  332. package/.claude/skills/systems-engineering/resources/configuration-management.md +0 -998
  333. package/.claude/skills/systems-engineering/resources/linux-administration.md +0 -672
  334. package/.claude/skills/systems-engineering/resources/networking-fundamentals.md +0 -982
  335. package/.claude/skills/systems-engineering/resources/performance-tuning.md +0 -871
  336. package/.claude/skills/systems-engineering/resources/powershell-scripting.md +0 -482
  337. package/.claude/skills/systems-engineering/resources/security-hardening.md +0 -739
  338. package/.claude/skills/systems-engineering/resources/shell-scripting.md +0 -915
  339. package/.claude/skills/systems-engineering/resources/storage-management.md +0 -628
  340. package/.claude/skills/systems-engineering/resources/system-monitoring.md +0 -787
  341. package/.claude/skills/systems-engineering/resources/troubleshooting-guide.md +0 -753
  342. package/.claude/skills/systems-engineering/resources/windows-administration.md +0 -738
  343. package/.claude/skills/technical-leadership/SKILL.md +0 -728
  344. package/backend/docs/SECRETS_DOCUMENTATION.md +0 -327
  345. package/frontend/dist/assets/index-BC-NbKXi.css +0 -32
  346. package/frontend/dist/assets/index-DqJXZMHY.js +0 -11266
package/.claude/skills/infrastructure-architecture/resources/security-architecture.md DELETED
@@ -1,538 +0,0 @@
1
- # Security Architecture
2
-
3
- Comprehensive guide to designing secure infrastructure with zero trust, defense in depth, and threat modeling.
4
-
5
- ## Security Principles
6
-
7
- ### 1. Zero Trust Architecture
8
-
9
- **"Never trust, always verify"**
10
-
11
- ```
12
- Traditional: Trust inside network
13
- Zero Trust: Verify every request, regardless of source
14
- ```
15
-
16
- **Core Principles:**
17
- - Verify explicitly (authenticate + authorize every request)
18
- - Least privilege access
19
- - Assume breach (isolate, detect, respond)
20
-
21
- **Implementation:**
22
- ```yaml
23
- # Every service verifies JWT, even internal
24
- apiVersion: security.istio.io/v1beta1
25
- kind: AuthorizationPolicy
26
- metadata:
27
- name: require-jwt
28
- spec:
29
- action: DENY
30
- rules:
31
- - from:
32
- - source:
33
- notRequestPrincipals: ["*"] # Deny if no JWT
34
- ```
35
-
36
- ---
37
-
38
- ### 2. Defense in Depth
39
-
40
- **Multiple security layers:**
41
-
42
- ```
43
- ┌─────────────────────────────────────────┐
44
- │ Layer 7: Application (Auth, Input Validation)
45
- │ Layer 6: API Gateway (Rate Limiting, WAF)
46
- │ Layer 5: Service Mesh (mTLS, RBAC)
47
- │ Layer 4: Network (Security Groups, NACLs)
48
- │ Layer 3: Encryption (TLS, At-Rest)
49
- │ Layer 2: Identity (IAM, OIDC)
50
- │ Layer 1: Physical (Data Center Security)
51
- └─────────────────────────────────────────┘
52
- ```
53
-
54
- **If one layer breached, others still protect**
55
-
56
- ---
57
-
58
- ### 3. Least Privilege Access
59
-
60
- ```
61
- Grant minimum permissions necessary
62
-
63
- ❌ Bad: Full admin access for all engineers
64
- ✅ Good: Read-only by default, elevated access via time-limited approvals
65
- ```
66
-
67
- ```yaml
68
- # IAM policy: Least privilege
69
- {
70
- "Version": "2012-10-17",
71
- "Statement": [
72
- {
73
- "Effect": "Allow",
74
- "Action": [
75
- "s3:GetObject",
76
- "s3:ListBucket"
77
- ],
78
- "Resource": [
79
- "arn:aws:s3:::app-logs/*",
80
- "arn:aws:s3:::app-logs"
81
- ]
82
- }
83
- ]
84
- }
85
- # No write, no delete, only specific bucket
86
- ```
87
-
88
- ---
89
-
90
- ## Authentication & Authorization
91
-
92
- ### Authentication (Who are you?)
93
-
94
- **OAuth 2.0 + OpenID Connect:**
95
- ```typescript
96
- // JWT-based authentication
97
- import jwt from 'jsonwebtoken';
98
-
99
- function authenticateRequest(req) {
100
- const token = req.headers.authorization?.split(' ')[1];
101
- if (!token) throw new UnauthorizedError();
102
-
103
- try {
104
- const payload = jwt.verify(token, process.env.JWT_PUBLIC_KEY, {
105
- algorithms: ['RS256'],
106
- issuer: 'https://auth.example.com',
107
- audience: 'api.example.com'
108
- });
109
-
110
- return payload; // { sub: 'user-123', exp: ..., iat: ... }
111
- } catch (error) {
112
- throw new UnauthorizedError('Invalid token');
113
- }
114
- }
115
- ```
116
-
117
- **mTLS (Mutual TLS):**
118
- ```yaml
119
- # Service-to-service authentication
120
- apiVersion: security.istio.io/v1beta1
121
- kind: PeerAuthentication
122
- metadata:
123
- name: default
124
- spec:
125
- mtls:
126
- mode: STRICT # Require mTLS for all traffic
127
- ```
128
-
129
- ---
130
-
131
- ### Authorization (What can you do?)
132
-
133
- **RBAC (Role-Based Access Control):**
134
- ```typescript
135
- // Express middleware
136
- function requireRole(role: string) {
137
- return (req, res, next) => {
138
- if (!req.user.roles.includes(role)) {
139
- return res.status(403).json({ error: 'Forbidden' });
140
- }
141
- next();
142
- };
143
- }
144
-
145
- app.delete('/users/:id', requireRole('admin'), deleteUser);
146
- app.get('/users/:id', requireRole('user'), getUser);
147
- ```
148
-
149
- **ABAC (Attribute-Based Access Control):**
150
- ```typescript
151
- // Policy-based authorization
152
- function canAccessResource(user, resource) {
153
- // Check attributes: user department, resource classification, time of day
154
- return user.department === resource.department &&
155
- user.clearanceLevel >= resource.classificationLevel &&
156
- isBusinessHours();
157
- }
158
- ```
159
-
160
- ---
161
-
162
- ## Network Security
163
-
164
- ### VPC Design
165
-
166
- ```
167
- ┌─────────────────── VPC ───────────────────┐
168
- │ Public Subnet (DMZ) │
169
- │ - Load Balancer (internet-facing) │
170
- │ - NAT Gateway │
171
- │ │
172
- │ Private Subnet (Application) │
173
- │ - Application Servers (no public IP) │
174
- │ - Can reach internet via NAT │
175
- │ │
176
- │ Private Subnet (Database) │
177
- │ - Database (isolated) │
178
- │ - No internet access │
179
- └────────────────────────────────────────────┘
180
- ```
181
-
182
- ```terraform
183
- # Security group: Database only accessible from app tier
184
- resource "aws_security_group" "database" {
185
- name = "database-sg"
186
-
187
- # Only allow PostgreSQL from application tier
188
- ingress {
189
- from_port = 5432
190
- to_port = 5432
191
- protocol = "tcp"
192
- security_groups = [aws_security_group.application.id]
193
- }
194
-
195
- # No outbound internet access
196
- egress {
197
- from_port = 0
198
- to_port = 0
199
- protocol = "-1"
200
- cidr_blocks = ["10.0.0.0/16"] # Only VPC
201
- }
202
- }
203
- ```
204
-
205
- ---
206
-
207
- ### WAF (Web Application Firewall)
208
-
209
- ```terraform
210
- # AWS WAF rules
211
- resource "aws_wafv2_web_acl" "main" {
212
- name = "api-waf"
213
- scope = "REGIONAL"
214
-
215
- default_action {
216
- allow {}
217
- }
218
-
219
- # Block SQL injection
220
- rule {
221
- name = "block-sqli"
222
- priority = 1
223
-
224
- statement {
225
- sqli_match_statement {
226
- field_to_match {
227
- body {}
228
- }
229
- text_transformation {
230
- priority = 0
231
- type = "URL_DECODE"
232
- }
233
- }
234
- }
235
-
236
- action {
237
- block {}
238
- }
239
- }
240
-
241
- # Rate limiting
242
- rule {
243
- name = "rate-limit"
244
- priority = 2
245
-
246
- statement {
247
- rate_based_statement {
248
- limit = 2000 # Per IP
249
- aggregate_key_type = "IP"
250
- }
251
- }
252
-
253
- action {
254
- block {}
255
- }
256
- }
257
- }
258
- ```
259
-
260
- ---
261
-
262
- ## Encryption
263
-
264
- ### At Rest
265
-
266
- ```terraform
267
- # RDS encryption
268
- resource "aws_db_instance" "main" {
269
- storage_encrypted = true
270
- kms_key_id = aws_kms_key.rds.arn
271
- }
272
-
273
- # S3 encryption
274
- resource "aws_s3_bucket" "uploads" {
275
- bucket = "user-uploads"
276
- }
277
-
278
- resource "aws_s3_bucket_server_side_encryption_configuration" "uploads" {
279
- bucket = aws_s3_bucket.uploads.id
280
-
281
- rule {
282
- apply_server_side_encryption_by_default {
283
- sse_algorithm = "aws:kms"
284
- kms_master_key_id = aws_kms_key.s3.arn
285
- }
286
- }
287
- }
288
-
289
- # EBS encryption
290
- resource "aws_ebs_volume" "data" {
291
- encrypted = true
292
- kms_key_id = aws_kms_key.ebs.arn
293
- }
294
- ```
295
-
296
- ---
297
-
298
- ### In Transit
299
-
300
- ```yaml
301
- # TLS 1.3 only
302
- apiVersion: v1
303
- kind: Service
304
- metadata:
305
- name: api
306
- annotations:
307
- service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
308
- service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:..."
309
- service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy: "ELBSecurityPolicy-TLS-1-2-2017-01"
310
- ```
311
-
312
- ---
313
-
314
- ## Secrets Management
315
-
316
- **Never hardcode secrets:**
317
-
318
- ```typescript
319
- // ❌ BAD
320
- const dbPassword = 'mypassword123';
321
-
322
- // ✅ GOOD - Environment variable
323
- const dbPassword = process.env.DATABASE_PASSWORD;
324
-
325
- // ✅ BETTER - Secrets manager
326
- import { SecretsManager } from '@aws-sdk/client-secrets-manager';
327
-
328
- const secrets = new SecretsManager({ region: 'us-east-1' });
329
- const secret = await secrets.getSecretValue({ SecretId: 'prod/db/password' });
330
- const dbPassword = JSON.parse(secret.SecretString).password;
331
- ```
332
-
333
- **Kubernetes Secrets with External Secrets Operator:**
334
- ```yaml
335
- apiVersion: external-secrets.io/v1beta1
336
- kind: ExternalSecret
337
- metadata:
338
- name: app-secrets
339
- spec:
340
- refreshInterval: 1h
341
- secretStoreRef:
342
- name: aws-secrets-manager
343
- kind: SecretStore
344
- target:
345
- name: app-secrets
346
- data:
347
- - secretKey: DATABASE_PASSWORD
348
- remoteRef:
349
- key: prod/db/password
350
- property: password
351
- ```
352
-
353
- ---
354
-
355
- ## Threat Modeling
356
-
357
- ### STRIDE Framework
358
-
359
- ```
360
- Spoofing → Authentication
361
- Tampering → Integrity
362
- Repudiation → Logging/Audit
363
- Info Disclosure → Encryption
364
- Denial of Service → Rate Limiting
365
- Elevation of Privilege → Authorization
366
- ```
367
-
368
- **Example Threat Model:**
369
- ```markdown
370
- # Threat: SQL Injection
371
-
372
- ## Description
373
- Attacker injects malicious SQL via API input
374
-
375
- ## Attack Vector
376
- POST /users with payload: { "name": "'; DROP TABLE users;--" }
377
-
378
- ## Impact
379
- Data loss, unauthorized access
380
-
381
- ## Mitigations
382
- 1. Parameterized queries (Prisma ORM) ✅
383
- 2. Input validation ✅
384
- 3. WAF rules ✅
385
- 4. Least privilege DB user ✅
386
-
387
- ## Residual Risk
388
- LOW (multiple layers)
389
- ```
390
-
391
- ---
392
-
393
- ## Security Monitoring
394
-
395
- ### Audit Logging
396
-
397
- ```typescript
398
- // Log all security events
399
- logger.info('Authentication success', {
400
- userId: user.id,
401
- ipAddress: req.ip,
402
- userAgent: req.headers['user-agent'],
403
- timestamp: new Date().toISOString()
404
- });
405
-
406
- logger.warn('Failed login attempt', {
407
- email: req.body.email,
408
- ipAddress: req.ip,
409
- reason: 'Invalid password',
410
- timestamp: new Date().toISOString()
411
- });
412
- ```
413
-
414
- **CloudTrail (AWS):**
415
- ```terraform
416
- resource "aws_cloudtrail" "main" {
417
- name = "security-trail"
418
- s3_bucket_name = aws_s3_bucket.cloudtrail.id
419
- include_global_service_events = true
420
- is_multi_region_trail = true
421
- enable_log_file_validation = true
422
-
423
- event_selector {
424
- read_write_type = "All"
425
- include_management_events = true
426
- }
427
- }
428
- ```
429
-
430
- ---
431
-
432
- ### Intrusion Detection
433
-
434
- ```yaml
435
- # Falco: Runtime security for Kubernetes
436
- - rule: Unexpected outbound connection
437
- desc: Detect pod making unexpected external connections
438
- condition: >
439
- outbound and
440
- not proc.name in (known_processes) and
441
- fd.rip != "0.0.0.0"
442
- output: >
443
- Unexpected outbound connection
444
- (pod=%k8s.pod.name ip=%fd.rip port=%fd.rport)
445
- priority: WARNING
446
- ```
447
-
448
- ---
449
-
450
- ## Compliance & Frameworks
451
-
452
- ### SOC 2 Requirements
453
-
454
- - Access controls (RBAC)
455
- - Encryption (at rest, in transit)
456
- - Audit logging
457
- - Incident response plan
458
- - Vulnerability management
459
- - Change management
460
-
461
- ### PCI-DSS (Payment Card)
462
-
463
- - Network segmentation
464
- - Strong authentication (MFA)
465
- - Regular security testing
466
- - Logging and monitoring
467
- - Encryption of cardholder data
468
-
469
- ### HIPAA (Healthcare)
470
-
471
- - PHI encryption
472
- - Access controls
473
- - Audit logs
474
- - Breach notification procedures
475
- - Business associate agreements
476
-
477
- ---
478
-
479
- ## Security Checklist
480
-
481
- **Infrastructure:**
482
- - [ ] VPC with private subnets
483
- - [ ] Security groups (least privilege)
484
- - [ ] Encryption at rest (KMS)
485
- - [ ] Encryption in transit (TLS 1.3+)
486
- - [ ] WAF enabled
487
- - [ ] DDoS protection (CloudFront, Shield)
488
-
489
- **Application:**
490
- - [ ] Authentication (OAuth 2.0 / OIDC)
491
- - [ ] Authorization (RBAC/ABAC)
492
- - [ ] Input validation
493
- - [ ] Parameterized queries (no SQL injection)
494
- - [ ] CSRF protection
495
- - [ ] Rate limiting
496
- - [ ] Security headers (CSP, HSTS, etc.)
497
-
498
- **Secrets:**
499
- - [ ] No hardcoded secrets
500
- - [ ] Secrets manager (Vault, AWS SM)
501
- - [ ] Secret rotation enabled
502
- - [ ] Least privilege IAM roles
503
-
504
- **Monitoring:**
505
- - [ ] Audit logging enabled
506
- - [ ] CloudTrail / equivalent
507
- - [ ] Intrusion detection (Falco, GuardDuty)
508
- - [ ] Vulnerability scanning (Trivy, Snyk)
509
- - [ ] Incident response plan
510
-
511
- ---
512
-
513
- ## Best Practices
514
-
515
- ✅ **Shift left** - Security in design phase
516
- ✅ **Automate** - Security scanning in CI/CD
517
- ✅ **Least privilege** - Grant minimal permissions
518
- ✅ **Defense in depth** - Multiple layers
519
- ✅ **Encrypt everything** - At rest + in transit
520
- ✅ **Zero trust** - Verify every request
521
- ✅ **Monitor continuously** - Detect anomalies
522
- ✅ **Patch regularly** - Keep dependencies updated
523
-
524
- ## Anti-Patterns
525
-
526
- ❌ **Security by obscurity** - Hiding secrets in code
527
- ❌ **Single point of failure** - No defense in depth
528
- ❌ **Ignoring CVEs** - Outdated dependencies
529
- ❌ **No logging** - Can't detect breaches
530
- ❌ **Overprivileged** - Admin access for all
531
- ❌ **Unencrypted data** - Plaintext sensitive data
532
-
533
- ---
534
-
535
- **Related Resources:**
536
- - devsecops/security-scanning.md - SAST, DAST, SCA
537
- - devsecops/secrets-management.md - Vault, rotation
538
- - devsecops/zero-trust-architecture.md - Deep dive