buildwright 0.0.11 → 0.0.13

package/templates/.buildwright/commands/bw-quick.md

@@ -1,336 +0,0 @@
----
-name: bw-quick
-description: Fast path for ad-hoc tasks (bug fixes, small features, config changes) without full planning
-arguments:
-  - name: task
-    description: What to do (inline description)
-    required: true
----
-
-## Quick Mode
-
-Fast path for ad-hoc tasks that don't need full planning.
-
-**Use for:**
-- Bug fixes
-- Small features (< 2 hours)
-- Config changes
-- One-off tasks
-- Refactors with clear scope
-
-**Don't use for:**
-- New features with unclear scope
-- Changes touching multiple systems
-- Anything needing architectural decisions
-
-```
-┌─────────────────────────────────────────────────────────────┐
-│                      QUICK MODE                             │
-├─────────────────────────────────────────────────────────────┤
-│  1. Understand task                                         │
-│  2. Quick research (relevant files only)                    │
-│  3. Implement with TDD                                      │
-│  4. Verify (typecheck, lint, test, build)                   │
-│  5. Security (OWASP + secrets + dependencies)               │
-│  6. Code Review (Staff Engineer)                            │
-│  7. Commit                                                  │
-└─────────────────────────────────────────────────────────────┘
-```
-
----
-
-## Step 1: Understand Task
-
-**First, run Tech Discovery Protocol** (Command Discovery in CLAUDE.md) to determine the project's
-test, lint, typecheck, and build commands. Cache the result for subsequent steps.
-
-If no project files are found (greenfield — no `package.json`, `Cargo.toml`, `go.mod`, etc.),
-ask for the product vision before proceeding. Quick tasks on a blank project need context.
-
-Parse: $ARGUMENTS.task
-
-Identify:
-- What needs to change
-- Why (bug, feature, refactor)
-- Expected outcome
-- Scope boundaries
-
-If scope is unclear or large, recommend:
-```
-This task seems complex. Consider using /bw-new-feature instead for:
-• Proper research phase
-• Technical specification
-• Staff Engineer review
-
-Continue with /bw-quick anyway? (say "continue" or use /bw-new-feature)
-```
-
----
-
-## Step 2: Quick Research
-
-**Lightweight research - only what's needed for this task.**
-
-**First, check for pre-analysed codebase docs:**
-
-```bash
-ls .buildwright/codebase/ 2>/dev/null
-```
-
-If present, read `CONVENTIONS.md` and `ARCHITECTURE.md` — they give you naming patterns
-and layer boundaries without scanning the whole codebase. Check `CONCERNS.md` to avoid
-introducing more of the same issues. Then narrow your search to the specific files for
-this task.
-
-```bash
-# Find directly relevant files
-grep -r "[relevant terms]" --include="*.ts" --include="*.tsx" -l .
-
-# Read the specific files that will change
-cat [files to modify]
-
-# Check for existing tests
-find . -name "*.test.*" -o -name "*.spec.*" | xargs grep -l "[relevant terms]"
-```
-
-Understand:
-- Current implementation
-- Patterns used in these files
-- Existing functions, types, and utilities that can be reused instead of reimplemented
-- Related tests
-
-**Do NOT write a research document. Keep it in context.**
-
----
-
-## Step 3: Implement with TDD
-
-### 3.1 Write/Update Tests First
-
-If bug fix:
-```bash
-# Write a failing test that reproduces the bug
-```
-
-If feature:
-```bash
-# Write tests for the expected behavior
-```
-
-Commit: `test: add test for [task]`
-
-### 3.2 Implement
-
-- Fix the bug / add the feature
-- Follow existing patterns in the file
-- Reuse existing functions and types — do NOT reimplement what already exists
-- Minimal changes only
-- KISS, YAGNI, DRY
-
-### 3.3 Update Documentation
-
-Based on what you just implemented, identify which documentation files are affected and update them.
-
-Common candidates:
-- **README.md** — new behaviour, changed commands, updated flags, usage examples
-- **docs/** — any guides or reference covering the changed functionality
-- **CHANGELOG.md** — add an entry for any user-facing change
-
-State up front which files you will update (e.g. "Updating README.md: correcting pipeline steps").
-Skip entirely if nothing user-facing changed (internal refactor, test-only changes).
-
-If docs were updated, commit them separately before the next step:
-```bash
-git add [doc files]
-git commit -m "docs: update documentation for [task]"
-```
-
-### 3.4 Verify (with retry)
-
-```bash
-# Run project's verification commands
-[typecheck]
-[lint]
-[test]
-[build]
-```
-
-- If fails → Fix and retry (up to BUILDWRIGHT_AGENT_RETRIES attempts, default 2)
-- If same error repeats → Not making progress — handle failure (see below)
-- If still failing after retries → Handle failure:
-  - **Autonomous** (`BUILDWRIGHT_AUTO_APPROVE=true`, default): Commit completed work, push branch, exit(1). No PR for quick tasks.
-  - **Interactive** (`BUILDWRIGHT_AUTO_APPROVE=false`): STOP and report blocker.
-
-### 3.5 Security Review
-
-Adopt Security Engineer persona from `.buildwright/agents/security-engineer.md`.
-
-Scope: `git diff HEAD` (uncommitted changes only).
-
-Run automated scans:
-- Dependency vulnerabilities (stack-appropriate audit tool) — skip gracefully if unavailable
-- Secrets detection (pattern scan for API keys, passwords, tokens, private keys)
-- SAST (`semgrep --config p/owasp-top-ten .` if available — skip gracefully if unavailable)
-
-Then perform manual OWASP Top 10 review of changed files only.
-
-**If CRITICAL vulnerabilities found → Handle failure:**
-- **Autonomous** (`BUILDWRIGHT_AUTO_APPROVE=true`, default): Commit completed work, push branch, exit(1).
-- **Interactive** (`BUILDWRIGHT_AUTO_APPROVE=false`): STOP immediately.
-
-```
-╔═══════════════════════════════════════════════════════════════╗
-║  SECURITY                                                     ║
-╠═══════════════════════════════════════════════════════════════╣
-║  Dependencies:  ✅/❌  ([N] vulnerabilities)                   ║
-║  Secrets:       ✅/❌  ([N] found)                             ║
-║  OWASP Scan:    ✅/❌  ([N] issues)                            ║
-╠═══════════════════════════════════════════════════════════════╣
-║  Status: SECURE / CRITICAL VULNERABILITIES                    ║
-╚═══════════════════════════════════════════════════════════════╝
-```
-
----
-
-### 3.6 Code Review
-
-Adopt Staff Engineer persona from `.buildwright/agents/staff-engineer.md`.
-
-Scope: `git diff HEAD` (same diff as security step).
-
-Review changed code for:
-- Logic errors and edge cases
-- Error handling completeness
-- Missing validation at system boundaries
-- Unnecessary complexity introduced
-
-**If CHANGES REQUESTED → Handle failure:**
-- **Autonomous** (`BUILDWRIGHT_AUTO_APPROVE=true`, default): Commit completed work, push branch, exit(1).
-- **Interactive** (`BUILDWRIGHT_AUTO_APPROVE=false`): STOP immediately.
-
-```
-╔═══════════════════════════════════════════════════════════════╗
-║  CODE REVIEW                                                  ║
-╠═══════════════════════════════════════════════════════════════╣
-║  Logic:          ✅/❌                                         ║
-║  Error Handling: ✅/❌                                         ║
-║  Validation:     ✅/❌                                         ║
-╠═══════════════════════════════════════════════════════════════╣
-║  Status: APPROVED / CHANGES REQUESTED                         ║
-╚═══════════════════════════════════════════════════════════════╝
-```
-
----
-
-### 3.7 Commit
-
-```bash
-git add [changed files]
-git commit -m "[type]([scope]): [description]"
-```
-
-Commit types:
-- `fix:` for bug fixes
-- `feat:` for small features
-- `refactor:` for refactors
-- `chore:` for config/maintenance
-
----
-
-## Step 4: Report
-
-```
-╔═══════════════════════════════════════════════════════════════╗
-║                      QUICK TASK COMPLETE                      ║
-╠═══════════════════════════════════════════════════════════════╣
-║                                                               ║
-║  Task: [description]                                          ║
-║  Type: [bug fix / feature / refactor / chore]                 ║
-║                                                               ║
-║  Changes:                                                     ║
-║  • [file1]: [what changed]                                    ║
-║  • [file2]: [what changed]                                    ║
-║                                                               ║
-║  Verification:                                                ║
-║  ✅ Type Check                                                ║
-║  ✅ Lint                                                      ║
-║  ✅ Tests                                                     ║
-║  ✅ Build                                                     ║
-║  ✅ Security                                                  ║
-║  ✅ Code Review                                               ║
-║                                                               ║
-║  Commit: [hash] [message]                                     ║
-║                                                               ║
-╠═══════════════════════════════════════════════════════════════╣
-║                                                               ║
-║  Ready to push? Run: git push                                 ║
-║  Or run /bw-ship to push + open PR                              ║
-║                                                               ║
-╚═══════════════════════════════════════════════════════════════╝
-```
-
----
-
-## When to Escalate
-
-If during implementation you discover:
-- Task is larger than expected
-- Changes needed in multiple systems
-- Architectural decisions required
-- Unclear requirements
-
-**STOP and recommend:**
-
-```
-╔═══════════════════════════════════════════════════════════════╗
-║                    SCOPE ESCALATION                           ║
-╠═══════════════════════════════════════════════════════════════╣
-║                                                               ║
-║  This task is more complex than expected:                     ║
-║  • [Reason 1]                                                 ║
-║  • [Reason 2]                                                 ║
-║                                                               ║
-║  Recommendation: Use /bw-new-feature for proper planning         ║
-║                                                               ║
-║  /bw-new-feature "[task description with discovered context]"    ║
-║                                                               ║
-╚═══════════════════════════════════════════════════════════════╝
-```
-
----
-
-## Examples
-
-### Bug Fix
-```
-/bw-quick "Fix login timeout - session expires after 5 minutes instead of 30"
-```
-
-### Small Feature
-```
-/bw-quick "Add loading spinner to the submit button"
-```
-
-### Config Change
-```
-/bw-quick "Increase rate limit from 100 to 500 requests per minute"
-```
-
-### Refactor
-```
-/bw-quick "Extract the validation logic from UserForm into a separate hook"
-```
-
----
-
-## Difference from /bw-new-feature
-
-| Aspect | /bw-quick | /bw-new-feature |
-|--------|--------|--------------|
-| Research | Quick (in-context) | Full (research.md) |
-| Spec | None | Full spec.md |
-| Staff Engineer Review | Required (diff-scoped) | Spec + Code |
-| Security Review | Required (diff-scoped) | Required |
-| Estimated Time | < 2 hours | Any |
-| Scope | Clear, bounded | Any |
-| Commits | 1-2 | Per milestone |

package/templates/.buildwright/steering/naming-conventions.md

@@ -1,40 +0,0 @@
-# Naming Conventions
-
-Shared vocabulary across all agents and claws. When any agent adds a new field, endpoint, or concept, it MUST be registered here so all other agents derive their naming from this registry.
-
-## Layer-Specific Naming Rules
-
-| Layer | Convention | Example |
-|-------|-----------|---------|
-| Database columns | `snake_case` | `photo_url`, `created_at` |
-| API (JSON keys) | `camelCase` | `photoUrl`, `createdAt` |
-| UI (JavaScript) | `camelCase` | `photoUrl`, `createdAt` |
-| CSS classes | `kebab-case` | `photo-upload`, `member-card` |
-| URL paths | `kebab-case` | `/api/team-members/:id/photo` |
-| Environment vars | `SCREAMING_SNAKE` | `BUILDWRIGHT_AUTO_APPROVE` |
-| File names | `kebab-case` | `photo-upload.tsx`, `team-members.ts` |
-
-## Canonical Field Registry
-
-Register new fields here when they cross domain boundaries.
-
-| Concept | Database | API (JSON) | UI (JS) | Notes |
-|---------|----------|------------|---------|-------|
-| — | `snake_case` | `camelCase` | `camelCase` | Convention |
-<!-- Add new fields below this line -->
-
-## Canonical Endpoint Registry
-
-Register new endpoints here when they're defined by the Architect.
-
-| Purpose | Method | Path | Request Body | Response Body |
-|---------|--------|------|-------------|--------------|
-<!-- Add new endpoints below this line -->
-
-## Rules
-
-1. **Architect registers first** — Before spawning claws, the Architect adds new fields/endpoints to this file
-2. **Claws derive, never invent** — Each claw looks up naming from this registry, never creates its own
-3. **One source of truth** — If a name isn't here, ask the Architect before proceeding
-4. **No abbreviations** — Use `photo_url` not `pic_url`, `description` not `desc`
-5. **Consistent pluralization** — Collections are plural (`members`), single items are singular (`member`)

package/templates/.buildwright/steering/product.md

@@ -1,16 +0,0 @@
-# Product Context
-
-## What We're Building
-[Describe your product/project here]
-
-## Key Features
-[List main features]
-
-## User Personas
-[Describe target users]
-
-## Business Constraints
-[Timeline, compliance, integrations]
-
-## Current Focus
-[What's being worked on now]

package/templates/.buildwright/steering/quality-gates.md

@@ -1,35 +0,0 @@
-# Quality Gates
-
-These automated gates replace human code review. ALL must pass for merge.
-
-## Gate 1: Static Analysis
-- [ ] Type check passes (zero errors)
-- [ ] Lint passes (zero errors, warnings acceptable)
-- [ ] No new lint warnings introduced
-
-## Gate 2: Tests
-- [ ] All existing tests pass
-- [ ] New code has tests
-- [ ] Coverage does not decrease
-- [ ] Critical paths have >80% coverage
-
-## Gate 3: Security
-- [ ] No high/critical vulnerabilities in dependencies
-- [ ] No secrets in code
-- [ ] SAST scan passes (if configured)
-
-## Gate 4: Build
-- [ ] Production build succeeds
-- [ ] No build warnings
-
-## Gate 5: AI Review (Optional)
-- [ ] No blocking issues from AI reviewer
-
-## Financial/Trading Code (Additional)
-- [ ] No floating-point for currency
-- [ ] All inputs validated
-- [ ] Rate limiting on sensitive endpoints
-- [ ] Audit logging for transactions
-
-## Merge Policy
-When ALL gates pass → PR is ready for merge (team follows their own merge process)

package/templates/.buildwright/steering/tech.md

@@ -1,27 +0,0 @@
-# Technical Context
-
-## Stack
-[List your tech stack]
-
-## Project Commands
-
-Fill in these slots with your project's actual commands. If left empty, Buildwright
-auto-detects from project files (package.json, Cargo.toml, go.mod, pyproject.toml,
-Makefile) and populates this section on the first run.
-
-```
-typecheck: [command]  # Examples: npx tsc --noEmit | cargo check | go build ./... | mypy .
-lint:      [command]  # Examples: npx eslint . | cargo clippy | golangci-lint run | ruff check .
-test:      [command]  # Examples: npm test | cargo test | go test ./... | pytest
-build:     [command]  # Examples: npm run build | cargo build --release | go build ./...
-dev:       [command]  # Examples: npm run dev | cargo run | go run ./... | uvicorn app:main
-```
-
-## Architecture
-[High-level architecture notes]
-
-## Code Patterns
-[Patterns used in this codebase]
-
-## Dependencies
-[Key dependencies and why]

package/templates/.buildwright/tasks/TEMPLATE.md

@@ -1,79 +0,0 @@
-# Task: [Feature Name]
-
-## Quick Reference
-- **Status**: DRAFTING | SPEC_REVIEW | IMPLEMENTING | CODE_REVIEW | COMPLETE | BLOCKED
-- **Branch**: feature/[name]
-- **Spec**: docs/specs/[name]/spec.md
-- **Current Owner**: [agent-role or "unassigned"]
-
----
-
-## Status: DRAFTING
-
-## Branch: feature/[name]
-
-## Current Owner: unassigned
-
----
-
-## Phases
-
-### Phase 1: Specification
-| Field | Value |
-|-------|-------|
-| Owner | architect-agent |
-| Status | ⏳ PENDING |
-| Output | docs/specs/[name]/spec.md |
-| Started | - |
-| Completed | - |
-
-### Phase 2: Implementation
-| Field | Value |
-|-------|-------|
-| Owner | implementer-agent |
-| Status | ⏳ WAITING |
-| Branch | feature/[name] |
-| Started | - |
-| Completed | - |
-
-**Milestones**:
-- [ ] Milestone 1: [description]
-- [ ] Milestone 2: [description]
-- [ ] Milestone 3: [description]
-
-### Phase 3: Review & Ship
-| Field | Value |
-|-------|-------|
-| Owner | reviewer-agent |
-| Status | ⏳ WAITING |
-| PR | - |
-| Started | - |
-| Completed | - |
-
----
-
-## Context for Next Agent
-
-### Decisions Made
-- 
-
-### Key Files Modified
-- 
-
-### Known Issues / TODOs
-- 
-
-### Test Commands
-```bash
-npm run test
-```
-
----
-
-## Blockers
-None currently.
-
----
-
-## Communication Log
-- [timestamp] [agent]: Starting work

package/templates/.github/workflows/quality-gates.yml

@@ -1,135 +0,0 @@
-name: Quality Gates
-
-on:
-  pull_request:
-    branches: [main, master]
-  push:
-    branches: [main, master]
-
-jobs:
-  quality:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      # Verify sync script runs without errors (catches broken scripts or missing deps)
-      - name: Verify sync script
-        run: make sync
-
-      # Detect package manager and project type
-      - name: Detect project type
-        id: detect
-        run: |
-          if [ -f "package.json" ]; then
-            echo "type=node" >> $GITHUB_OUTPUT
-            if [ -f "pnpm-lock.yaml" ]; then
-              echo "pm=pnpm" >> $GITHUB_OUTPUT
-            elif [ -f "yarn.lock" ]; then
-              echo "pm=yarn" >> $GITHUB_OUTPUT
-            elif [ -f "bun.lockb" ]; then
-              echo "pm=bun" >> $GITHUB_OUTPUT
-            else
-              echo "pm=npm" >> $GITHUB_OUTPUT
-            fi
-          elif [ -f "Cargo.toml" ]; then
-            echo "type=rust" >> $GITHUB_OUTPUT
-          elif [ -f "go.mod" ]; then
-            echo "type=go" >> $GITHUB_OUTPUT
-          elif [ -f "pyproject.toml" ] || [ -f "setup.py" ]; then
-            echo "type=python" >> $GITHUB_OUTPUT
-          fi
-
-      # Node.js setup
-      - name: Setup Node.js
-        if: steps.detect.outputs.type == 'node'
-        uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-
-      - name: Setup pnpm
-        if: steps.detect.outputs.pm == 'pnpm'
-        uses: pnpm/action-setup@v2
-        with:
-          version: 8
-
-      - name: Install dependencies (Node)
-        if: steps.detect.outputs.type == 'node'
-        run: |
-          case "${{ steps.detect.outputs.pm }}" in
-            pnpm) pnpm install --frozen-lockfile ;;
-            yarn) yarn install --frozen-lockfile ;;
-            bun) bun install ;;
-            *) npm ci ;;
-          esac
-
-      # Rust setup
-      - name: Setup Rust
-        if: steps.detect.outputs.type == 'rust'
-        uses: dtolnay/rust-toolchain@stable
-        with:
-          components: clippy
-
-      # Go setup
-      - name: Setup Go
-        if: steps.detect.outputs.type == 'go'
-        uses: actions/setup-go@v5
-        with:
-          go-version: '1.21'
-
-      # Python setup
-      - name: Setup Python
-        if: steps.detect.outputs.type == 'python'
-        uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-
-      - name: Install dependencies (Python)
-        if: steps.detect.outputs.type == 'python'
-        run: |
-          pip install -e ".[dev]" || pip install -r requirements.txt
-
-      # Quality checks
-      - name: Type Check
-        run: |
-          case "${{ steps.detect.outputs.type }}" in
-            node) ${{ steps.detect.outputs.pm }} run typecheck || npx tsc --noEmit ;;
-            rust) cargo check ;;
-            go) go build ./... ;;
-            python) mypy . || pyright || echo "No type checker configured" ;;
-          esac
-
-      - name: Lint
-        run: |
-          case "${{ steps.detect.outputs.type }}" in
-            node) ${{ steps.detect.outputs.pm }} run lint || npx eslint . ;;
-            rust) cargo clippy -- -D warnings ;;
-            go) golangci-lint run || echo "golangci-lint not installed" ;;
-            python) ruff check . || flake8 ;;
-          esac
-
-      - name: Test
-        run: |
-          case "${{ steps.detect.outputs.type }}" in
-            node) ${{ steps.detect.outputs.pm }} test ;;
-            rust) cargo test ;;
-            go) go test ./... ;;
-            python) pytest ;;
-          esac
-
-      - name: Build
-        run: |
-          case "${{ steps.detect.outputs.type }}" in
-            node) ${{ steps.detect.outputs.pm }} run build ;;
-            rust) cargo build --release ;;
-            go) go build ./... ;;
-            python) echo "No build step" ;;
-          esac
-
-      - name: Security Audit
-        run: |
-          case "${{ steps.detect.outputs.type }}" in
-            node) ${{ steps.detect.outputs.pm }} audit --audit-level=high || true ;;
-            rust) cargo audit || echo "cargo-audit not installed" ;;
-            go) govulncheck ./... || echo "govulncheck not installed" ;;
-            python) pip-audit || safety check || echo "No Python audit tool" ;;
-          esac