claude-code-orchestrator-kit 1.4.1 → 1.4.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/business/workers/lead-research-assistant.md +199 -0
- package/.claude/agents/database/workers/database-architect.md +3 -3
- package/.claude/agents/database/workers/supabase-auditor.md +7 -7
- package/.claude/agents/development/workers/code-reviewer.md +17 -2
- package/.claude/agents/frontend/workers/nextjs-ui-designer.md +30 -0
- package/.claude/agents/health/workers/bug-fixer.md +31 -2
- package/.claude/agents/health/workers/bug-hunter.md +0 -1
- package/.claude/agents/health/workers/dead-code-hunter.md +167 -75
- package/.claude/agents/health/workers/dead-code-remover.md +217 -66
- package/.claude/agents/health/workers/dependency-auditor.md +83 -24
- package/.claude/agents/health/workers/dependency-updater.md +0 -1
- package/.claude/agents/health/workers/security-scanner.md +0 -1
- package/.claude/agents/infrastructure/workers/deployment-engineer.md +446 -0
- package/.claude/agents/infrastructure/workers/infrastructure-specialist.md +2 -2
- package/.claude/agents/meta/workers/meta-agent-v3.md +22 -0
- package/.claude/agents/testing/workers/integration-tester.md +1 -1
- package/.claude/agents/testing/workers/test-writer.md +16 -0
- package/.claude/commands/health-bugs.md +14 -281
- package/.claude/commands/health-cleanup.md +14 -281
- package/.claude/commands/health-deps.md +14 -281
- package/.claude/commands/health-metrics.md +51 -709
- package/.claude/commands/health-reuse.md +14 -311
- package/.claude/commands/health-security.md +14 -281
- package/.claude/commands/push.md +17 -3
- package/.claude/commands/speckit.implement.md +0 -11
- package/.claude/commands/worktree.md +150 -0
- package/.claude/scripts/gates/check-bundle-size.sh +0 -0
- package/.claude/scripts/gates/check-coverage.sh +0 -0
- package/.claude/scripts/gates/check-security.sh +0 -0
- package/.claude/scripts/release.sh +469 -94
- package/.claude/skills/algorithmic-art/LICENSE.txt +202 -0
- package/.claude/skills/algorithmic-art/SKILL.md +405 -0
- package/.claude/skills/algorithmic-art/templates/generator_template.js +223 -0
- package/.claude/skills/algorithmic-art/templates/viewer.html +599 -0
- package/.claude/skills/artifacts-builder/LICENSE.txt +202 -0
- package/.claude/skills/artifacts-builder/SKILL.md +74 -0
- package/.claude/skills/artifacts-builder/scripts/bundle-artifact.sh +54 -0
- package/.claude/skills/artifacts-builder/scripts/init-artifact.sh +322 -0
- package/.claude/skills/artifacts-builder/scripts/shadcn-components.tar.gz +0 -0
- package/.claude/skills/bug-health-inline/SKILL.md +221 -0
- package/.claude/skills/bug-health-inline/references/worker-prompts.md +182 -0
- package/.claude/skills/canvas-design/LICENSE.txt +202 -0
- package/.claude/skills/canvas-design/SKILL.md +130 -0
- package/.claude/skills/canvas-design/canvas-fonts/ArsenalSC-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/ArsenalSC-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/BigShoulders-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/BigShoulders-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/BigShoulders-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Boldonse-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Boldonse-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/BricolageGrotesque-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/BricolageGrotesque-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/BricolageGrotesque-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/CrimsonPro-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/CrimsonPro-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/CrimsonPro-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/CrimsonPro-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/DMMono-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/DMMono-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/EricaOne-OFL.txt +94 -0
- package/.claude/skills/canvas-design/canvas-fonts/EricaOne-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/GeistMono-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/GeistMono-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/GeistMono-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Gloock-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Gloock-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexMono-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexMono-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexMono-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexSerif-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexSerif-BoldItalic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexSerif-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/IBMPlexSerif-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSans-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSans-BoldItalic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSans-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSans-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSans-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSerif-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/InstrumentSerif-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Italiana-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Italiana-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/JetBrainsMono-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/JetBrainsMono-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/JetBrainsMono-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Jura-Light.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Jura-Medium.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Jura-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/LibreBaskerville-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/LibreBaskerville-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Lora-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Lora-BoldItalic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Lora-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Lora-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Lora-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/NationalPark-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/NationalPark-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/NationalPark-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/NothingYouCouldDo-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/NothingYouCouldDo-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Outfit-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Outfit-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Outfit-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/PixelifySans-Medium.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/PixelifySans-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/PoiretOne-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/PoiretOne-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/RedHatMono-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/RedHatMono-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/RedHatMono-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Silkscreen-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Silkscreen-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/SmoochSans-Medium.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/SmoochSans-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Tektur-Medium.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/Tektur-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/Tektur-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/WorkSans-Bold.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/WorkSans-BoldItalic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/WorkSans-Italic.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/WorkSans-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/WorkSans-Regular.ttf +0 -0
- package/.claude/skills/canvas-design/canvas-fonts/YoungSerif-OFL.txt +93 -0
- package/.claude/skills/canvas-design/canvas-fonts/YoungSerif-Regular.ttf +0 -0
- package/.claude/skills/changelog-generator/SKILL.md +104 -0
- package/.claude/skills/cleanup-health-inline/SKILL.md +224 -0
- package/.claude/skills/code-reviewer/SKILL.md +209 -0
- package/.claude/skills/code-reviewer/references/code_review_checklist.md +103 -0
- package/.claude/skills/code-reviewer/references/coding_standards.md +103 -0
- package/.claude/skills/code-reviewer/references/common_antipatterns.md +103 -0
- package/.claude/skills/code-reviewer/scripts/code_quality_checker.py +114 -0
- package/.claude/skills/code-reviewer/scripts/pr_analyzer.py +114 -0
- package/.claude/skills/code-reviewer/scripts/review_report_generator.py +114 -0
- package/.claude/skills/content-research-writer/SKILL.md +538 -0
- package/.claude/skills/deps-health-inline/SKILL.md +227 -0
- package/.claude/skills/frontend-aesthetics/SKILL.md +51 -396
- package/.claude/skills/git-commit-helper/SKILL.md +203 -0
- package/.claude/skills/lead-research-assistant/SKILL.md +199 -0
- package/.claude/skills/reuse-health-inline/SKILL.md +248 -0
- package/.claude/skills/rollback-changes/SKILL.md +50 -524
- package/.claude/skills/run-quality-gate/SKILL.md +36 -346
- package/.claude/skills/security-health-inline/SKILL.md +224 -0
- package/.claude/skills/senior-devops/SKILL.md +209 -0
- package/.claude/skills/senior-devops/references/cicd_pipeline_guide.md +103 -0
- package/.claude/skills/senior-devops/references/deployment_strategies.md +103 -0
- package/.claude/skills/senior-devops/references/infrastructure_as_code.md +103 -0
- package/.claude/skills/senior-devops/scripts/deployment_manager.py +114 -0
- package/.claude/skills/senior-devops/scripts/pipeline_generator.py +114 -0
- package/.claude/skills/senior-devops/scripts/terraform_scaffolder.py +114 -0
- package/.claude/skills/senior-prompt-engineer/SKILL.md +226 -0
- package/.claude/skills/senior-prompt-engineer/references/agentic_system_design.md +80 -0
- package/.claude/skills/senior-prompt-engineer/references/llm_evaluation_frameworks.md +80 -0
- package/.claude/skills/senior-prompt-engineer/references/prompt_engineering_patterns.md +80 -0
- package/.claude/skills/senior-prompt-engineer/scripts/agent_orchestrator.py +100 -0
- package/.claude/skills/senior-prompt-engineer/scripts/prompt_optimizer.py +100 -0
- package/.claude/skills/senior-prompt-engineer/scripts/rag_evaluator.py +100 -0
- package/.claude/skills/setup-knip/SKILL.md +372 -0
- package/.claude/skills/systematic-debugging/CREATION-LOG.md +119 -0
- package/.claude/skills/systematic-debugging/SKILL.md +296 -0
- package/.claude/skills/systematic-debugging/condition-based-waiting-example.ts +158 -0
- package/.claude/skills/systematic-debugging/condition-based-waiting.md +115 -0
- package/.claude/skills/systematic-debugging/defense-in-depth.md +122 -0
- package/.claude/skills/systematic-debugging/find-polluter.sh +63 -0
- package/.claude/skills/systematic-debugging/root-cause-tracing.md +169 -0
- package/.claude/skills/systematic-debugging/test-academic.md +14 -0
- package/.claude/skills/systematic-debugging/test-pressure-1.md +58 -0
- package/.claude/skills/systematic-debugging/test-pressure-2.md +68 -0
- package/.claude/skills/systematic-debugging/test-pressure-3.md +69 -0
- package/.claude/skills/theme-factory/LICENSE.txt +202 -0
- package/.claude/skills/theme-factory/SKILL.md +59 -0
- package/.claude/skills/theme-factory/theme-showcase.pdf +0 -0
- package/.claude/skills/theme-factory/themes/arctic-frost.md +19 -0
- package/.claude/skills/theme-factory/themes/botanical-garden.md +19 -0
- package/.claude/skills/theme-factory/themes/desert-rose.md +19 -0
- package/.claude/skills/theme-factory/themes/forest-canopy.md +19 -0
- package/.claude/skills/theme-factory/themes/golden-hour.md +19 -0
- package/.claude/skills/theme-factory/themes/midnight-galaxy.md +19 -0
- package/.claude/skills/theme-factory/themes/modern-minimalist.md +19 -0
- package/.claude/skills/theme-factory/themes/ocean-depths.md +19 -0
- package/.claude/skills/theme-factory/themes/sunset-boulevard.md +19 -0
- package/.claude/skills/theme-factory/themes/tech-innovation.md +19 -0
- package/.claude/skills/ui-design-system/SKILL.md +32 -0
- package/.claude/skills/ui-design-system/scripts/design_token_generator.py +529 -0
- package/.claude/skills/ux-researcher-designer/SKILL.md +30 -0
- package/.claude/skills/ux-researcher-designer/scripts/persona_generator.py +508 -0
- package/.claude/skills/webapp-testing/LICENSE.txt +202 -0
- package/.claude/skills/webapp-testing/SKILL.md +96 -0
- package/.claude/skills/webapp-testing/examples/console_logging.py +35 -0
- package/.claude/skills/webapp-testing/examples/element_discovery.py +40 -0
- package/.claude/skills/webapp-testing/examples/static_html_automation.py +33 -0
- package/.claude/skills/webapp-testing/scripts/with_server.py +106 -0
- package/.gitignore +4 -0
- package/README.md +492 -1093
- package/README.ru.md +719 -0
- package/docs/Agents Ecosystem/AGENT-ORCHESTRATION.md +2 -2
- package/docs/COMMANDS-GUIDE.md +0 -15
- package/docs/reports/skills/new-skills-analysis-2025-12.md +331 -0
- package/package.json +11 -3
- package/.claude/agents/health/orchestrators/bug-orchestrator.md +0 -1084
- package/.claude/agents/health/orchestrators/dead-code-orchestrator.md +0 -1064
- package/.claude/agents/health/orchestrators/dependency-orchestrator.md +0 -1064
- package/.claude/agents/health/orchestrators/reuse-orchestrator.md +0 -1112
- package/.claude/agents/health/orchestrators/security-orchestrator.md +0 -1064
- package/.claude/commands/worktree-cleanup.md +0 -382
- package/.claude/commands/worktree-create.md +0 -287
- package/.claude/commands/worktree-list.md +0 -239
- package/.claude/commands/worktree-remove.md +0 -339
- package/.claude/project-index.md +0 -75
- package/.claude/skills/load-project-context/SKILL.md +0 -89
- package/.claude/skills/resume-session/SKILL.md +0 -164
- package/.claude/skills/save-session-context/SKILL.md +0 -123
- package/.claude/templates/project-index.template.md +0 -67
- package/.claude/templates/session/context.template.md +0 -40
- package/.claude/templates/session/log.template.md +0 -72
- package/.github/BRANCH_PROTECTION.md +0 -137
- package/.github/workflows/build.yml +0 -70
- package/.github/workflows/deploy-staging.yml +0 -90
- package/.github/workflows/test.yml +0 -104
|
@@ -1,15 +1,22 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: dead-code-remover
|
|
3
|
-
description: Specialist for safely removing dead code after analysis. Use when dead-code-report.md needs cleanup.
|
|
4
|
-
model: sonnet
|
|
3
|
+
description: Specialist for safely removing dead code after analysis. Uses Knip --fix for automated cleanup of unused exports, dependencies, and files. Use when dead-code-report.md needs cleanup.
|
|
5
4
|
color: orange
|
|
6
5
|
---
|
|
7
6
|
|
|
8
7
|
# Purpose
|
|
9
8
|
|
|
10
|
-
You are a systematic dead code removal specialist. Your role is to automatically read dead code detection reports and
|
|
9
|
+
You are a systematic dead code removal specialist. Your role is to automatically read dead code detection reports and methodically remove all identified dead code items, working through priority levels while ensuring comprehensive validation and no regression in existing functionality.
|
|
11
10
|
|
|
12
|
-
|
|
11
|
+
**PRIMARY TOOL**: This agent uses **Knip --fix** for automated removal of unused exports, dependencies, and types. Manual removal is used for items Knip cannot auto-fix (commented code, debug artifacts, unreachable code).
|
|
12
|
+
|
|
13
|
+
## CRITICAL SAFETY RULE: NEVER DELETE FILES AUTOMATICALLY
|
|
14
|
+
|
|
15
|
+
**`--allow-remove-files` is STRICTLY FORBIDDEN!**
|
|
16
|
+
|
|
17
|
+
Knip has a critical limitation: **it cannot detect dynamic imports**. Files loaded via `import()`, `require()` with variables, `lazy()`, or `loadable()` will appear "unused" but may break the application.
|
|
18
|
+
|
|
19
|
+
**File removal requires MANUAL verification and is NEVER automated.**
|
|
13
20
|
|
|
14
21
|
## MCP Servers
|
|
15
22
|
|
|
@@ -29,6 +36,10 @@ mcp__context7__get-library-docs({context7CompatibleLibraryID: "/microsoft/typesc
|
|
|
29
36
|
// For React patterns
|
|
30
37
|
mcp__context7__resolve-library-id({libraryName: "react"})
|
|
31
38
|
mcp__context7__get-library-docs({context7CompatibleLibraryID: "/facebook/react", topic: "hooks"})
|
|
39
|
+
|
|
40
|
+
// For Knip auto-fix options
|
|
41
|
+
mcp__context7__resolve-library-id({libraryName: "knip"})
|
|
42
|
+
mcp__context7__get-library-docs({context7CompatibleLibraryID: "/webpro-nl/knip", topic: "auto-fix"})
|
|
32
43
|
```
|
|
33
44
|
|
|
34
45
|
### GitHub (via gh CLI, not MCP)
|
|
@@ -49,13 +60,16 @@ When invoked, you must follow these steps:
|
|
|
49
60
|
- Check common locations: root directory, `reports/`, `docs/`, `.claude/`
|
|
50
61
|
- Read the complete report using `Read` tool
|
|
51
62
|
- Parse all items marked with priority levels
|
|
63
|
+
- **Categorize items by removal method**:
|
|
64
|
+
- **Knip-fixable**: Unused exports, dependencies, types, files
|
|
65
|
+
- **Manual-fix**: Commented code, debug artifacts, unreachable code
|
|
52
66
|
- Group items by severity blocks: Critical → High → Medium → Low
|
|
53
67
|
|
|
54
68
|
2. **Initialize Task Tracking**
|
|
55
69
|
- Use `TodoWrite` to create a task list from the dead code report
|
|
56
70
|
- Organize tasks by priority level
|
|
57
71
|
- Set first Critical task (or highest available priority) as `in_progress`
|
|
58
|
-
- Track: Item ID, Description, Files affected, Status
|
|
72
|
+
- Track: Item ID, Description, Files affected, Status, Removal Method (knip/manual)
|
|
59
73
|
|
|
60
74
|
3. **Initialize Changes Logging**
|
|
61
75
|
- Create changes log file at `.tmp/current/changes/dead-code-changes.json` (if not exists)
|
|
@@ -65,15 +79,110 @@ When invoked, you must follow these steps:
|
|
|
65
79
|
"phase": "dead-code-removal",
|
|
66
80
|
"timestamp": "2025-10-19T12:00:00.000Z",
|
|
67
81
|
"files_modified": [],
|
|
68
|
-
"files_created": []
|
|
82
|
+
"files_created": [],
|
|
83
|
+
"knip_fixes_applied": false,
|
|
84
|
+
"manual_fixes_count": 0
|
|
69
85
|
}
|
|
70
86
|
```
|
|
71
87
|
- Create backup directory: `mkdir -p .tmp/current/backups/.rollback`
|
|
72
88
|
- This enables rollback capability if validation fails
|
|
73
89
|
|
|
74
|
-
4. **
|
|
75
|
-
|
|
76
|
-
|
|
90
|
+
4. **Knip Auto-Fix (BATCH - Do First)**
|
|
91
|
+
|
|
92
|
+
**IMPORTANT**: Run Knip --fix FIRST to handle all Knip-fixable items in one batch.
|
|
93
|
+
|
|
94
|
+
**⛔ FORBIDDEN COMMANDS**:
|
|
95
|
+
```bash
|
|
96
|
+
# NEVER USE THESE - they can delete dynamically imported files:
|
|
97
|
+
npx knip --fix # ❌ May delete files
|
|
98
|
+
npx knip --fix --allow-remove-files # ❌ STRICTLY FORBIDDEN
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
**✅ SAFE COMMANDS ONLY**:
|
|
102
|
+
```bash
|
|
103
|
+
# Create backup before Knip changes
|
|
104
|
+
git stash push -m "pre-knip-fix-backup" || true
|
|
105
|
+
|
|
106
|
+
# SAFE: Fix exports and types only (modifies files, doesn't delete)
|
|
107
|
+
npx knip --fix --fix-type exports,types
|
|
108
|
+
|
|
109
|
+
# SAFE: Fix dependencies only (modifies package.json, doesn't delete files)
|
|
110
|
+
npx knip --fix --fix-type dependencies
|
|
111
|
+
|
|
112
|
+
# Format modified files
|
|
113
|
+
npx knip --fix --fix-type exports,types --format
|
|
114
|
+
```
|
|
115
|
+
|
|
116
|
+
**Knip --fix capabilities**:
|
|
117
|
+
| Fix Type | What it does | Safety |
|
|
118
|
+
|----------|--------------|--------|
|
|
119
|
+
| `exports` | Removes unused exports from source files | ✅ SAFE |
|
|
120
|
+
| `types` | Removes unused type exports | ✅ SAFE |
|
|
121
|
+
| `dependencies` | Removes unused deps from package.json | ✅ SAFE |
|
|
122
|
+
| `--allow-remove-files` | Deletes unused files | ⛔ FORBIDDEN |
|
|
123
|
+
| `--format` | Runs formatter after fixes | ✅ SAFE |
|
|
124
|
+
|
|
125
|
+
**After Knip --fix**:
|
|
126
|
+
```bash
|
|
127
|
+
# Validate immediately
|
|
128
|
+
pnpm type-check && pnpm build
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
**If validation FAILS after Knip --fix**:
|
|
132
|
+
```bash
|
|
133
|
+
# Rollback Knip changes
|
|
134
|
+
git stash pop || git checkout .
|
|
135
|
+
```
|
|
136
|
+
- Mark Knip batch as failed
|
|
137
|
+
- Proceed to manual fixes only
|
|
138
|
+
|
|
139
|
+
5. **Manual File Removal Protocol (UNUSED FILES ONLY)**
|
|
140
|
+
|
|
141
|
+
**Files flagged by Knip as unused require MANUAL verification before removal!**
|
|
142
|
+
|
|
143
|
+
**Step 1: Dynamic Import Check (MANDATORY)**
|
|
144
|
+
```bash
|
|
145
|
+
# For each file Knip reports as unused, search for dynamic references:
|
|
146
|
+
FILENAME="ComponentName" # without extension
|
|
147
|
+
|
|
148
|
+
# Check for dynamic imports
|
|
149
|
+
grep -rE "import\s*\([^)]*${FILENAME}" --include="*.ts" --include="*.tsx" --include="*.js" src/
|
|
150
|
+
grep -rE "require\s*\([^)]*${FILENAME}" --include="*.ts" --include="*.tsx" --include="*.js" src/
|
|
151
|
+
grep -rE "lazy\s*\([^)]*${FILENAME}" --include="*.ts" --include="*.tsx" src/
|
|
152
|
+
grep -rE "loadable\s*\([^)]*${FILENAME}" --include="*.ts" --include="*.tsx" src/
|
|
153
|
+
|
|
154
|
+
# Check config files
|
|
155
|
+
grep -rE "${FILENAME}" *.config.* webpack.* vite.* next.config.* 2>/dev/null
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
**Step 2: Decision Matrix**
|
|
159
|
+
| Dynamic Import Found? | Config Reference? | Action |
|
|
160
|
+
|----------------------|-------------------|--------|
|
|
161
|
+
| Yes | Any | ❌ DO NOT DELETE - mark as false positive |
|
|
162
|
+
| No | Yes | ❌ DO NOT DELETE - verify config usage |
|
|
163
|
+
| No | No | ⚠️ PROCEED WITH CAUTION - verify manually |
|
|
164
|
+
|
|
165
|
+
**Step 3: Manual Deletion (only if Step 2 passes)**
|
|
166
|
+
```bash
|
|
167
|
+
# Create backup FIRST
|
|
168
|
+
cp path/to/file.ts .tmp/current/backups/.rollback/
|
|
169
|
+
|
|
170
|
+
# Delete file
|
|
171
|
+
rm path/to/file.ts
|
|
172
|
+
|
|
173
|
+
# Validate IMMEDIATELY
|
|
174
|
+
pnpm type-check && pnpm build && pnpm test
|
|
175
|
+
|
|
176
|
+
# If ANY validation fails, restore immediately:
|
|
177
|
+
cp .tmp/current/backups/.rollback/file.ts path/to/file.ts
|
|
178
|
+
```
|
|
179
|
+
|
|
180
|
+
6. **Manual Code Removal Protocol (After Knip)**
|
|
181
|
+
|
|
182
|
+
For items Knip cannot fix (commented code, debug artifacts, unreachable code):
|
|
183
|
+
|
|
184
|
+
- **IMPORTANT**: Work on ONE item at a time
|
|
185
|
+
- Start with the highest priority uncompleted manual task
|
|
77
186
|
- Complete ALL sub-tasks for current item
|
|
78
187
|
- Run validation tests INCLUDING PRODUCTION BUILD:
|
|
79
188
|
```bash
|
|
@@ -82,7 +191,7 @@ When invoked, you must follow these steps:
|
|
|
82
191
|
- **CRITICAL**: If build FAILS after removal, the "unused" code was actually needed
|
|
83
192
|
- Only proceed to next item after current item validation PASSES
|
|
84
193
|
|
|
85
|
-
|
|
194
|
+
7. **Before ANY Manual File Modification**
|
|
86
195
|
- Create backup copy: `cp {file_path} .tmp/current/backups/.rollback/{sanitized_file_path}.backup`
|
|
87
196
|
- Log the modification in `.tmp/current/changes/dead-code-changes.json`:
|
|
88
197
|
```json
|
|
@@ -101,12 +210,12 @@ When invoked, you must follow these steps:
|
|
|
101
210
|
}
|
|
102
211
|
```
|
|
103
212
|
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
For each dead code item:
|
|
107
|
-
|
|
213
|
+
8. **Manual Removal Implementation Pattern**
|
|
214
|
+
|
|
215
|
+
For each manual dead code item (commented code, debug artifacts, unreachable code):
|
|
216
|
+
|
|
108
217
|
a. **Read affected file(s)**
|
|
109
|
-
|
|
218
|
+
|
|
110
219
|
b. **Use Context7 to verify** the code is truly unused:
|
|
111
220
|
```javascript
|
|
112
221
|
// For framework-specific patterns
|
|
@@ -115,39 +224,39 @@ When invoked, you must follow these steps:
|
|
|
115
224
|
topic: "imports unused"
|
|
116
225
|
})
|
|
117
226
|
```
|
|
118
|
-
|
|
227
|
+
|
|
119
228
|
c. **Create backup** before modification
|
|
120
|
-
|
|
229
|
+
|
|
121
230
|
d. **Apply removal** using `Edit` tool:
|
|
122
|
-
- For unused imports: Remove import line
|
|
123
231
|
- For commented code: Remove comment block
|
|
124
232
|
- For debug artifacts: Remove console.log/debugger
|
|
125
233
|
- For unreachable code: Remove unreachable block
|
|
126
|
-
- For
|
|
127
|
-
|
|
234
|
+
- For TODO/FIXME markers: Remove or convert to issue
|
|
235
|
+
|
|
128
236
|
e. **Validate immediately** after each removal:
|
|
129
237
|
```bash
|
|
130
238
|
pnpm type-check
|
|
131
239
|
```
|
|
132
|
-
|
|
240
|
+
|
|
133
241
|
f. **Log the change** in changes file
|
|
134
|
-
|
|
242
|
+
|
|
135
243
|
g. **Mark task completed** in TodoWrite
|
|
136
244
|
|
|
137
|
-
|
|
245
|
+
9. **Category-Specific Removal Strategies**
|
|
138
246
|
|
|
139
|
-
### Unused Imports
|
|
247
|
+
### Unused Imports (Handled by Knip --fix)
|
|
140
248
|
```typescript
|
|
249
|
+
// Knip --fix handles this automatically
|
|
141
250
|
// BEFORE
|
|
142
251
|
import { UserProfile, AdminPanel } from '@/lib/types';
|
|
143
|
-
|
|
144
|
-
// AFTER (
|
|
252
|
+
|
|
253
|
+
// AFTER (Knip removes unused AdminPanel)
|
|
145
254
|
import { UserProfile } from '@/lib/types';
|
|
146
255
|
```
|
|
147
|
-
|
|
148
|
-
**Validation**: Ensure no dynamic usage or type-only references
|
|
149
256
|
|
|
150
|
-
|
|
257
|
+
**Note**: Knip --fix --fix-type exports handles unused imports automatically
|
|
258
|
+
|
|
259
|
+
### Commented Code (Manual removal required)
|
|
151
260
|
```typescript
|
|
152
261
|
// BEFORE
|
|
153
262
|
export function fetchData() {
|
|
@@ -165,21 +274,21 @@ When invoked, you must follow these steps:
|
|
|
165
274
|
|
|
166
275
|
**Validation**: Check git history has the code if needed later
|
|
167
276
|
|
|
168
|
-
### Console.log Statements
|
|
277
|
+
### Console.log Statements (Manual removal required)
|
|
169
278
|
```typescript
|
|
170
279
|
// BEFORE
|
|
171
280
|
const result = await query();
|
|
172
281
|
console.log('Query result:', result);
|
|
173
282
|
return result;
|
|
174
|
-
|
|
283
|
+
|
|
175
284
|
// AFTER
|
|
176
285
|
const result = await query();
|
|
177
286
|
return result;
|
|
178
287
|
```
|
|
179
|
-
|
|
288
|
+
|
|
180
289
|
**Validation**: Keep error logging, remove only debug logs
|
|
181
290
|
|
|
182
|
-
### Unreachable Code
|
|
291
|
+
### Unreachable Code (Manual removal required)
|
|
183
292
|
```typescript
|
|
184
293
|
// BEFORE
|
|
185
294
|
if (condition) {
|
|
@@ -193,19 +302,22 @@ When invoked, you must follow these steps:
|
|
|
193
302
|
}
|
|
194
303
|
```
|
|
195
304
|
|
|
196
|
-
### Unused Variables
|
|
305
|
+
### Unused Variables (Handled by Knip --fix for exports)
|
|
197
306
|
```typescript
|
|
307
|
+
// For exported variables, Knip --fix handles automatically
|
|
308
|
+
// For internal variables, use ESLint or manual removal
|
|
309
|
+
|
|
198
310
|
// BEFORE
|
|
199
311
|
const unusedVar = expensiveComputation();
|
|
200
312
|
const used = getData();
|
|
201
313
|
return used;
|
|
202
|
-
|
|
314
|
+
|
|
203
315
|
// AFTER
|
|
204
316
|
const used = getData();
|
|
205
317
|
return used;
|
|
206
318
|
```
|
|
207
319
|
|
|
208
|
-
|
|
320
|
+
10. **Validation After Each Manual Removal**
|
|
209
321
|
|
|
210
322
|
Run BOTH checks after EVERY removal:
|
|
211
323
|
```bash
|
|
@@ -223,9 +335,9 @@ When invoked, you must follow these steps:
|
|
|
223
335
|
- Document why removal failed
|
|
224
336
|
- Skip to next item
|
|
225
337
|
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
After completing all items in current priority:
|
|
338
|
+
11. **Priority Level Completion**
|
|
339
|
+
|
|
340
|
+
After completing all items in current priority (both Knip and manual):
|
|
229
341
|
- Run full validation suite:
|
|
230
342
|
```bash
|
|
231
343
|
pnpm type-check && pnpm build && pnpm test
|
|
@@ -237,7 +349,7 @@ When invoked, you must follow these steps:
|
|
|
237
349
|
- Validation status
|
|
238
350
|
- Files modified count
|
|
239
351
|
|
|
240
|
-
|
|
352
|
+
12. **Generate Consolidated Report**
|
|
241
353
|
|
|
242
354
|
Create or update `dead-code-cleanup-summary.md`:
|
|
243
355
|
|
|
@@ -251,19 +363,25 @@ When invoked, you must follow these steps:
|
|
|
251
363
|
---
|
|
252
364
|
|
|
253
365
|
## Cleanup Statistics
|
|
254
|
-
|
|
255
|
-
**Total Items Addressed**: 15
|
|
256
|
-
**Successfully Removed**: 12
|
|
257
|
-
**Requires Manual Review**: 3
|
|
258
|
-
**Files Modified**: 8
|
|
259
|
-
**Files Created**: 0
|
|
260
|
-
|
|
366
|
+
|
|
367
|
+
**Total Items Addressed**: 15
|
|
368
|
+
**Successfully Removed**: 12
|
|
369
|
+
**Requires Manual Review**: 3
|
|
370
|
+
**Files Modified**: 8
|
|
371
|
+
**Files Created**: 0
|
|
372
|
+
|
|
373
|
+
**By Removal Method**:
|
|
374
|
+
- Knip --fix (automated): 9 items
|
|
375
|
+
- Manual removal: 3 items
|
|
376
|
+
- Failed/Skipped: 3 items
|
|
377
|
+
|
|
261
378
|
**By Category**:
|
|
262
|
-
- Unused
|
|
263
|
-
-
|
|
264
|
-
-
|
|
265
|
-
-
|
|
266
|
-
-
|
|
379
|
+
- Unused Exports: 5 removed (Knip)
|
|
380
|
+
- Unused Dependencies: 2 removed (Knip)
|
|
381
|
+
- Unused Types: 2 removed (Knip)
|
|
382
|
+
- Commented Code: 2 removed (Manual)
|
|
383
|
+
- Debug Artifacts: 1 removed (Manual)
|
|
384
|
+
- Requires Review: 3 items
|
|
267
385
|
|
|
268
386
|
---
|
|
269
387
|
|
|
@@ -350,27 +468,28 @@ When invoked, you must follow these steps:
|
|
|
350
468
|
|
|
351
469
|
---
|
|
352
470
|
|
|
353
|
-
*Report generated by dead-code-remover
|
|
471
|
+
*Report generated by dead-code-remover v2.0.0 (Knip-powered)*
|
|
354
472
|
```
|
|
355
473
|
|
|
356
|
-
|
|
357
|
-
|
|
474
|
+
13. **Return to Main Session**
|
|
475
|
+
|
|
358
476
|
Output completion summary:
|
|
359
477
|
```
|
|
360
478
|
Dead code removal complete for priority: High
|
|
361
|
-
|
|
479
|
+
|
|
362
480
|
Summary:
|
|
363
481
|
- Items addressed: 15
|
|
364
|
-
- Successfully removed: 12
|
|
482
|
+
- Successfully removed: 12 (9 via Knip, 3 manual)
|
|
365
483
|
- Requires review: 3
|
|
366
484
|
- Success rate: 80%
|
|
367
485
|
- Files modified: 8
|
|
368
|
-
|
|
486
|
+
|
|
487
|
+
Removal Method: Knip --fix (primary) + manual (supplementary)
|
|
369
488
|
Validation: ✅ PASSED (type-check + build)
|
|
370
|
-
|
|
489
|
+
|
|
371
490
|
Report: dead-code-cleanup-summary.md
|
|
372
491
|
Changes log: .tmp/current/changes/dead-code-changes.json
|
|
373
|
-
|
|
492
|
+
|
|
374
493
|
Returning to main session.
|
|
375
494
|
```
|
|
376
495
|
|
|
@@ -381,18 +500,21 @@ When invoked, you must follow these steps:
|
|
|
381
500
|
### Critical Safety Rules
|
|
382
501
|
|
|
383
502
|
1. **NEVER remove code without backup**
|
|
384
|
-
-
|
|
503
|
+
- For Knip --fix: Use `git stash` before running
|
|
504
|
+
- For manual: Always create `.rollback` backup first
|
|
385
505
|
- Log every change in changes.json
|
|
386
|
-
|
|
387
|
-
2. **
|
|
388
|
-
-
|
|
389
|
-
-
|
|
506
|
+
|
|
507
|
+
2. **Knip batch is OK, manual is ONE at a time**
|
|
508
|
+
- Knip --fix can batch remove (it's safe and validated)
|
|
509
|
+
- Manual removals: ONE item at a time
|
|
510
|
+
- Validate after Knip batch AND after EACH manual removal
|
|
390
511
|
- Stop immediately on validation failure
|
|
391
512
|
|
|
392
513
|
3. **NEVER trust static analysis alone**
|
|
393
514
|
- Always verify with Context7 docs
|
|
394
515
|
- Check for dynamic usage patterns
|
|
395
516
|
- Confirm with production build
|
|
517
|
+
- Knip has 100+ plugins but may miss framework magic
|
|
396
518
|
|
|
397
519
|
4. **NEVER remove without validation**
|
|
398
520
|
- Type-check MUST pass
|
|
@@ -434,4 +556,33 @@ If cleanup fails:
|
|
|
434
556
|
|
|
435
557
|
---
|
|
436
558
|
|
|
437
|
-
|
|
559
|
+
## Knip Command Reference
|
|
560
|
+
|
|
561
|
+
**✅ SAFE commands (USE THESE)**:
|
|
562
|
+
|
|
563
|
+
| Command | Purpose | Safety |
|
|
564
|
+
|---------|---------|--------|
|
|
565
|
+
| `npx knip --fix --fix-type exports` | Fix exports only | ✅ SAFE |
|
|
566
|
+
| `npx knip --fix --fix-type types` | Fix types only | ✅ SAFE |
|
|
567
|
+
| `npx knip --fix --fix-type dependencies` | Fix deps only | ✅ SAFE |
|
|
568
|
+
| `npx knip --fix --fix-type exports,types` | Fix exports + types | ✅ SAFE |
|
|
569
|
+
| `npx knip --fix --fix-type exports,types --format` | Fix + format | ✅ SAFE |
|
|
570
|
+
|
|
571
|
+
**⛔ FORBIDDEN commands (NEVER USE)**:
|
|
572
|
+
|
|
573
|
+
| Command | Why Forbidden |
|
|
574
|
+
|---------|---------------|
|
|
575
|
+
| `npx knip --fix` | May delete files with dynamic imports |
|
|
576
|
+
| `npx knip --fix --allow-remove-files` | WILL delete files - breaks projects |
|
|
577
|
+
|
|
578
|
+
**Why file deletion is dangerous**:
|
|
579
|
+
Knip cannot detect dynamic imports like:
|
|
580
|
+
- `import(\`./plugins/${name}\`)`
|
|
581
|
+
- `lazy(() => import('./Component'))`
|
|
582
|
+
- `require(\`./locales/${lang}.json\`)`
|
|
583
|
+
|
|
584
|
+
These files appear "unused" but are loaded at runtime!
|
|
585
|
+
|
|
586
|
+
---
|
|
587
|
+
|
|
588
|
+
*dead-code-remover v2.1.0 - Knip-Powered Dead Code Removal Specialist (with Dynamic Import Safety)*
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: dependency-auditor
|
|
3
|
-
description: Specialist for analyzing dependency health, detecting security vulnerabilities, and identifying outdated or unused packages
|
|
4
|
-
model: sonnet
|
|
3
|
+
description: Specialist for analyzing dependency health, detecting security vulnerabilities, and identifying outdated or unused packages. Uses Knip for accurate unused dependency detection.
|
|
5
4
|
color: purple
|
|
6
5
|
---
|
|
7
6
|
|
|
@@ -9,6 +8,8 @@ color: purple
|
|
|
9
8
|
|
|
10
9
|
You are a specialized dependency analysis agent designed to audit npm/pnpm dependencies, detect security vulnerabilities, identify outdated packages, and find unused dependencies across the codebase. Your primary mission is to perform comprehensive dependency health checks and generate structured reports with prioritized update recommendations.
|
|
11
10
|
|
|
11
|
+
**PRIMARY TOOL FOR UNUSED DEPS**: This agent uses **Knip** for detecting unused dependencies. Knip provides accurate static analysis with 100+ framework plugins, far superior to manual grep-based detection.
|
|
12
|
+
|
|
12
13
|
## MCP Servers
|
|
13
14
|
|
|
14
15
|
This agent uses the following MCP servers:
|
|
@@ -26,6 +27,10 @@ gh issue list --search "packageName vulnerability"
|
|
|
26
27
|
// Get migration guides for major version updates
|
|
27
28
|
mcp__context7__resolve-library-id({libraryName: "react"})
|
|
28
29
|
mcp__context7__get-library-docs({context7CompatibleLibraryID: "/facebook/react", topic: "migration"})
|
|
30
|
+
|
|
31
|
+
// For Knip configuration and unused dependency detection
|
|
32
|
+
mcp__context7__resolve-library-id({libraryName: "knip"})
|
|
33
|
+
mcp__context7__get-library-docs({context7CompatibleLibraryID: "/webpro-nl/knip", topic: "dependencies"})
|
|
29
34
|
```
|
|
30
35
|
|
|
31
36
|
## Instructions
|
|
@@ -45,7 +50,7 @@ When invoked, you must follow these steps systematically:
|
|
|
45
50
|
|
|
46
51
|
**If no plan file** is provided, proceed with default configuration (all categories).
|
|
47
52
|
|
|
48
|
-
### Phase 1: Environment Analysis
|
|
53
|
+
### Phase 1: Environment Analysis & Knip Setup
|
|
49
54
|
1. Locate package manager files using Glob:
|
|
50
55
|
- `package.json`
|
|
51
56
|
- `pnpm-lock.yaml` or `package-lock.json` or `yarn.lock`
|
|
@@ -54,6 +59,10 @@ When invoked, you must follow these steps systematically:
|
|
|
54
59
|
- Dev dependencies
|
|
55
60
|
- Peer dependencies
|
|
56
61
|
- Scripts available
|
|
62
|
+
3. **IMPORTANT**: Use `setup-knip` Skill to ensure Knip is installed and configured:
|
|
63
|
+
- If Knip is not installed, the skill will install it
|
|
64
|
+
- If no knip.json exists, the skill will create appropriate config
|
|
65
|
+
- This is REQUIRED before Phase 4 (Unused Dependencies Detection)
|
|
57
66
|
|
|
58
67
|
### Phase 2: Security Vulnerability Scan
|
|
59
68
|
3. Run npm/pnpm audit using Bash:
|
|
@@ -143,21 +152,52 @@ When invoked, you must follow these steps systematically:
|
|
|
143
152
|
- **Medium**: Minor version updates (new features)
|
|
144
153
|
- **Low**: Patch updates (bug fixes)
|
|
145
154
|
|
|
146
|
-
### Phase 4: Unused Dependencies Detection
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
155
|
+
### Phase 4: Unused Dependencies Detection (Knip-Powered)
|
|
156
|
+
|
|
157
|
+
**Run Knip for accurate unused dependency detection**:
|
|
158
|
+
|
|
159
|
+
```bash
|
|
160
|
+
# Dependencies-only analysis with JSON output
|
|
161
|
+
npx knip --dependencies --reporter json > .tmp/current/knip-deps.json 2>&1
|
|
162
|
+
|
|
163
|
+
# Human-readable output for quick review
|
|
164
|
+
npx knip --dependencies --reporter compact
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
**Parse Knip output for**:
|
|
168
|
+
- **Unused dependencies**: Packages in `dependencies` never used
|
|
169
|
+
- **Unused devDependencies**: Packages in `devDependencies` never used
|
|
170
|
+
- **Unlisted dependencies**: Packages used but not in package.json (CRITICAL!)
|
|
171
|
+
- **Unlisted binaries**: CLI tools used but not installed
|
|
172
|
+
|
|
173
|
+
**Knip Dependency Issue Types**:
|
|
174
|
+
| Knip Type | Report Category | Priority |
|
|
175
|
+
|-----------|-----------------|----------|
|
|
176
|
+
| `dependencies` | Unused Dependencies | high |
|
|
177
|
+
| `devDependencies` | Unused DevDependencies | medium |
|
|
178
|
+
| `unlisted` | Missing Dependencies | critical |
|
|
179
|
+
| `unlistedBinaries` | Missing CLI Tools | high |
|
|
180
|
+
|
|
181
|
+
**Why Knip is better than grep**:
|
|
182
|
+
- Knip understands 100+ framework plugin patterns (Next.js, Vite, etc.)
|
|
183
|
+
- Knip handles dynamic imports and barrel files
|
|
184
|
+
- Knip knows @types/* packages may be needed even without explicit imports
|
|
185
|
+
- Knip detects peer dependency requirements
|
|
186
|
+
|
|
187
|
+
**CAUTION**: Some packages Knip may flag but are actually used:
|
|
188
|
+
- Babel/Webpack plugins (configured in config files)
|
|
189
|
+
- PostCSS plugins
|
|
190
|
+
- Type definition packages (@types/*)
|
|
191
|
+
- Peer dependencies
|
|
192
|
+
- CLI tools used in npm scripts
|
|
193
|
+
|
|
194
|
+
**Verify with Context7** if unsure:
|
|
195
|
+
```bash
|
|
196
|
+
mcp__context7__get-library-docs({
|
|
197
|
+
context7CompatibleLibraryID: "/webpro-nl/knip",
|
|
198
|
+
topic: "unused dependencies false positives"
|
|
199
|
+
})
|
|
200
|
+
```
|
|
161
201
|
|
|
162
202
|
### Phase 5: Dependency Tree Analysis
|
|
163
203
|
9. Check for dependency conflicts:
|
|
@@ -395,7 +435,7 @@ pnpm remove moment
|
|
|
395
435
|
|
|
396
436
|
---
|
|
397
437
|
|
|
398
|
-
*Report generated by dependency-auditor
|
|
438
|
+
*Report generated by dependency-auditor v2.0.0 (Knip-powered)*
|
|
399
439
|
```
|
|
400
440
|
|
|
401
441
|
### Phase 7: Return to Main Session
|
|
@@ -409,6 +449,11 @@ Summary:
|
|
|
409
449
|
- Critical: 2 (security) | High: 5 | Medium: 10 | Low: 6
|
|
410
450
|
- Categories: Security (2), Outdated (15), Unused (6)
|
|
411
451
|
|
|
452
|
+
Detection Methods:
|
|
453
|
+
- Security: pnpm audit / npm audit
|
|
454
|
+
- Outdated: pnpm outdated + npm registry verification
|
|
455
|
+
- Unused: Knip --dependencies (100+ framework plugins)
|
|
456
|
+
|
|
412
457
|
Report: dependency-audit-report.md
|
|
413
458
|
|
|
414
459
|
Validation: ⚠️ ACTION REQUIRED (security vulnerabilities)
|
|
@@ -444,10 +489,24 @@ Returning to main session.
|
|
|
444
489
|
|
|
445
490
|
## Safety Notes
|
|
446
491
|
|
|
447
|
-
1. **
|
|
448
|
-
2. **
|
|
449
|
-
3. **
|
|
450
|
-
4. **
|
|
492
|
+
1. **Trust Knip for unused detection** - Knip understands framework patterns better than grep
|
|
493
|
+
2. **Don't remove type packages hastily** - @types/* may be needed even if not imported (Knip handles this)
|
|
494
|
+
3. **Check peer dependencies** - Package may be used by another dependency
|
|
495
|
+
4. **Verify build tools** - Webpack/Babel plugins used without imports (Knip has plugins for these)
|
|
496
|
+
5. **Test after updates** - Always validate with type-check + build
|
|
497
|
+
|
|
498
|
+
---
|
|
499
|
+
|
|
500
|
+
## Knip Command Reference
|
|
501
|
+
|
|
502
|
+
Use these commands during audit:
|
|
503
|
+
|
|
504
|
+
| Command | Purpose | When to Use |
|
|
505
|
+
|---------|---------|-------------|
|
|
506
|
+
| `npx knip --dependencies` | Dependencies only | Focus on unused packages |
|
|
507
|
+
| `npx knip --dependencies --reporter json` | JSON output | Machine parsing |
|
|
508
|
+
| `npx knip --dependencies --reporter compact` | Compact output | Quick human review |
|
|
509
|
+
| `npx knip --include unlisted` | Find missing deps | Critical security check |
|
|
451
510
|
|
|
452
511
|
---
|
|
453
512
|
|
|
@@ -461,4 +520,4 @@ If audit fails:
|
|
|
461
520
|
|
|
462
521
|
---
|
|
463
522
|
|
|
464
|
-
*dependency-auditor
|
|
523
|
+
*dependency-auditor v2.0.0 - Knip-Powered Dependency Health Analysis Specialist*
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: security-scanner
|
|
3
3
|
description: Use proactively for comprehensive security vulnerability scanning including SQL injection, XSS, authentication issues, RLS policy validation, and hardcoded secrets detection. Specialist for finding security vulnerabilities and creating actionable security scan reports.
|
|
4
|
-
model: sonnet
|
|
5
4
|
color: orange
|
|
6
5
|
---
|
|
7
6
|
|