claudeos-core 2.2.0 → 2.3.0

package/pass-prompts/templates/python-flask/pass1.md

@@ -1,119 +1,119 @@
-Read claudeos-core/generated/project-analysis.json and
-perform a deep analysis of the following domains only: {{DOMAIN_GROUP}}
-
-For each domain, select one representative file per layer, read its code, and analyze it.
-Prioritize files with the richest patterns.
-
-Analysis items (per domain):
-
-1. Route/Blueprint Patterns
-   - Blueprint structure (Blueprint registration, url_prefix, naming)
-   - Route decorators (@app.route, @bp.route with methods)
-   - URL patterns and naming conventions
-   - View function structure (function-based vs class-based MethodView)
-   - Request handling (request.args, request.form, request.json, request.files)
-   - Response patterns (jsonify, make_response, Response, redirect, abort)
-   - If a custom response wrapper exists, record its EXACT function/class name, EXACT import path
-   - **Response wrapping layer (CRITICAL)**: Which layer formats the response?
-     Does the route handler call it directly, or does a service layer return formatted data?
-   - Error handling (errorhandler, abort, custom exception classes)
-   - Authentication (flask-login, flask-jwt-extended, custom decorators)
-   - API documentation (flask-restx, flask-smorest, flasgger)
-   - Pagination patterns
-
-2. Data Model Patterns
-   - ORM (SQLAlchemy, Flask-SQLAlchemy, Peewee)
-   - Model structure (db.Model, relationships, mixins)
-   - Serialization (marshmallow, flask-marshmallow, manual to_dict)
-   - Form validation (WTForms, Flask-WTF, manual)
-   - Request/Response schema separation
-   - Enum/constant management
-
-3. Data Access Patterns
-   - Session management (db.session, scoped_session)
-   - Repository/DAO pattern vs direct model queries
-   - Migration (Flask-Migrate / Alembic)
-   - Query optimization (eager loading, lazy loading)
-   - Connection management (pool, teardown_appcontext)
-   - Transaction management
-
-4. Application Structure Patterns
-   - Application factory (create_app)
-   - Configuration (app.config, from_object, from_envvar)
-   - Extension initialization (db.init_app, login_manager.init_app)
-   - Context (application context, request context, g, current_app)
-   - Before/after request hooks (before_request, after_request, teardown_request)
-   - Import paths: record EXACT import conventions
-   - Utility function locations: record EXACT module paths
-
-5. Configuration/Environment Patterns
-   - Environment variable management (python-dotenv, os.environ)
-   - Config classes (DevelopmentConfig, ProductionConfig)
-   - Per-environment branching
-   - Secret management (SECRET_KEY, database URL)
-
-6. Logging Patterns
-   - Logger usage (app.logger, structlog, loguru, logging)
-   - Log level policy
-   - Request/response logging
-   - Error logging
-
-7. Testing Patterns
-   - Test framework (pytest, unittest)
-   - Test client (app.test_client, pytest fixtures)
-   - Application factory testing (create_app with test config)
-   - Fixture management (conftest, client fixture)
-   - DB test strategy (test DB, SQLite in-memory, transaction rollback)
-   - Mocking (unittest.mock, pytest-mock, responses)
-
-8. Domain-Specific Patterns
-   - Template rendering (Jinja2, render_template) vs JSON API
-   - File upload (request.files, werkzeug FileStorage)
-   - Background tasks (Celery, RQ, APScheduler)
-   - WebSocket (Flask-SocketIO)
-   - External API integration (requests, httpx)
-   - Caching (Flask-Caching, Redis)
-   - Session management (server-side, Flask-Session)
-   - CSRF protection (Flask-WTF CSRFProtect)
-
-9. Anti-patterns / Inconsistencies
-   - Circular imports
-   - Missing application factory
-   - Global state misuse
-   - Missing error handlers
-   - Security issues (injection, missing CSRF, debug mode in production)
-   - Performance issues (blocking I/O, N+1 queries)
-
-Do not create or modify source files. Analysis only.
-Save results to claudeos-core/generated/pass1-{{PASS_NUM}}.json in the following format:
-
-{
-  "analyzedAt": "ISO timestamp",
-  "passNum": {{PASS_NUM}},
-  "domains": ["auth", "users", "orders", "products"],
-  "analysisPerDomain": {
-    "users": {
-      "representativeFiles": {
-        "routes": "app/users/routes.py",
-        "models": "app/users/models.py",
-        "forms": "app/users/forms.py",
-        "services": "app/users/services.py"
-      },
-      "patterns": {
-        "routes": { ... },
-        "models": { ... },
-        "dataAccess": { ... },
-        "appStructure": { ... },
-        "config": { ... },
-        "logging": { ... },
-        "testing": { ... }
-      },
-      "specialPatterns": [],
-      "antiPatterns": []
-    }
-  },
-  "crossDomainCommon": {
-    "description": "Patterns commonly used across domains in this group",
-    "patterns": []
-  }
-}
+Read claudeos-core/generated/project-analysis.json and
+perform a deep analysis of the following domains only: {{DOMAIN_GROUP}}
+
+For each domain, select one representative file per layer, read its code, and analyze it.
+Prioritize files with the richest patterns.
+
+Analysis items (per domain):
+
+1. Route/Blueprint Patterns
+   - Blueprint structure (Blueprint registration, url_prefix, naming)
+   - Route decorators (@app.route, @bp.route with methods)
+   - URL patterns and naming conventions
+   - View function structure (function-based vs class-based MethodView)
+   - Request handling (request.args, request.form, request.json, request.files)
+   - Response patterns (jsonify, make_response, Response, redirect, abort)
+   - If a custom response wrapper exists, record its EXACT function/class name, EXACT import path
+   - **Response wrapping layer (CRITICAL)**: Which layer formats the response?
+     Does the route handler call it directly, or does a service layer return formatted data?
+   - Error handling (errorhandler, abort, custom exception classes)
+   - Authentication (flask-login, flask-jwt-extended, custom decorators)
+   - API documentation (flask-restx, flask-smorest, flasgger)
+   - Pagination patterns
+
+2. Data Model Patterns
+   - ORM (SQLAlchemy, Flask-SQLAlchemy, Peewee)
+   - Model structure (db.Model, relationships, mixins)
+   - Serialization (marshmallow, flask-marshmallow, manual to_dict)
+   - Form validation (WTForms, Flask-WTF, manual)
+   - Request/Response schema separation
+   - Enum/constant management
+
+3. Data Access Patterns
+   - Session management (db.session, scoped_session)
+   - Repository/DAO pattern vs direct model queries
+   - Migration (Flask-Migrate / Alembic)
+   - Query optimization (eager loading, lazy loading)
+   - Connection management (pool, teardown_appcontext)
+   - Transaction management
+
+4. Application Structure Patterns
+   - Application factory (create_app)
+   - Configuration (app.config, from_object, from_envvar)
+   - Extension initialization (db.init_app, login_manager.init_app)
+   - Context (application context, request context, g, current_app)
+   - Before/after request hooks (before_request, after_request, teardown_request)
+   - Import paths: record EXACT import conventions
+   - Utility function locations: record EXACT module paths
+
+5. Configuration/Environment Patterns
+   - Environment variable management (python-dotenv, os.environ)
+   - Config classes (DevelopmentConfig, ProductionConfig)
+   - Per-environment branching
+   - Secret management (SECRET_KEY, database URL)
+
+6. Logging Patterns
+   - Logger usage (app.logger, structlog, loguru, logging)
+   - Log level policy
+   - Request/response logging
+   - Error logging
+
+7. Testing Patterns
+   - Test framework (pytest, unittest)
+   - Test client (app.test_client, pytest fixtures)
+   - Application factory testing (create_app with test config)
+   - Fixture management (conftest, client fixture)
+   - DB test strategy (test DB, SQLite in-memory, transaction rollback)
+   - Mocking (unittest.mock, pytest-mock, responses)
+
+8. Domain-Specific Patterns
+   - Template rendering (Jinja2, render_template) vs JSON API
+   - File upload (request.files, werkzeug FileStorage)
+   - Background tasks (Celery, RQ, APScheduler)
+   - WebSocket (Flask-SocketIO)
+   - External API integration (requests, httpx)
+   - Caching (Flask-Caching, Redis)
+   - Session management (server-side, Flask-Session)
+   - CSRF protection (Flask-WTF CSRFProtect)
+
+9. Anti-patterns / Inconsistencies
+   - Circular imports
+   - Missing application factory
+   - Global state misuse
+   - Missing error handlers
+   - Security issues (injection, missing CSRF, debug mode in production)
+   - Performance issues (blocking I/O, N+1 queries)
+
+Do not create or modify source files. Analysis only.
+Save results to claudeos-core/generated/pass1-{{PASS_NUM}}.json in the following format:
+
+{
+  "analyzedAt": "ISO timestamp",
+  "passNum": {{PASS_NUM}},
+  "domains": ["auth", "users", "orders", "products"],
+  "analysisPerDomain": {
+    "users": {
+      "representativeFiles": {
+        "routes": "app/users/routes.py",
+        "models": "app/users/models.py",
+        "forms": "app/users/forms.py",
+        "services": "app/users/services.py"
+      },
+      "patterns": {
+        "routes": { ... },
+        "models": { ... },
+        "dataAccess": { ... },
+        "appStructure": { ... },
+        "config": { ... },
+        "logging": { ... },
+        "testing": { ... }
+      },
+      "specialPatterns": [],
+      "antiPatterns": []
+    }
+  },
+  "crossDomainCommon": {
+    "description": "Patterns commonly used across domains in this group",
+    "patterns": []
+  }
+}

package/pass-prompts/templates/python-flask/pass2.md

@@ -1,85 +1,85 @@
-Read all pass1-*.json files from the claudeos-core/generated/ directory and
-merge all domain analysis results into a single unified report.
-
-Merge items:
-
-1. Universal Patterns (shared by 100% of all domains)
-   - Route/Blueprint style (decorators, response format, status codes)
-   - **Response flow**: Which layer wraps the response? (route handler vs service layer)
-     Record the definitive answer. If an orchestration layer exists, describe it.
-   - Model/serialization conventions (SQLAlchemy, marshmallow)
-   - Data access patterns (session management, queries)
-   - Application factory structure (create_app, extensions)
-   - Error handling patterns
-   - Before/after request hooks
-
-2. Majority Patterns (shared by 50%+ of domains)
-   - Specify which domains share them
-
-3. Domain-Specific Patterns (unique to a single domain)
-   - File upload: which domain
-   - WebSocket: which domain
-   - Background tasks: which domain
-   - External API: which domain
-   - Caching: which domain
-   - Template rendering: which domain
-
-4. Anti-pattern Summary
-   - Consolidate all inconsistencies found across domains
-   - Classify by severity (CRITICAL / HIGH / MEDIUM / LOW)
-
-5. Naming Conventions Summary
-   - Module/package naming (snake_case)
-   - Blueprint naming conventions
-   - Model/schema naming conventions
-   - Route URL patterns
-   - File structure conventions
-
-6. Common Models/Utilities List
-   - Base model mixins with EXACT import paths
-   - Shared utility functions with EXACT module paths
-   - Constants/Enum management with EXACT locations
-   - Extension instances (db, login_manager, etc.)
-
-7. Security/Authentication Patterns
-   - Authentication method (flask-login, flask-jwt-extended, custom)
-   - Authorization decorators (login_required, custom)
-   - CSRF protection
-   - CORS configuration
-   - Environment variable management
-
-8. Database Patterns
-   - Table naming (__tablename__)
-   - Migration strategy (Flask-Migrate)
-   - Seed data management
-   - Audit fields (created_at, updated_at)
-   - Relationship patterns
-   - Index/constraints
-
-9. Testing Strategy Summary
-   - Test coverage level
-   - Test classification system (unit/integration/E2E)
-   - Test client setup (app.test_client)
-   - Fixture/Factory strategy
-   - Mocking strategy
-   - DB test strategy
-
-10. Logging/Monitoring Strategy
-    - Logger standard (app.logger vs custom)
-    - Log level policy
-    - Request/response logging
-
-11. Performance Patterns
-    - Caching strategy (Flask-Caching)
-    - Connection pool configuration
-    - Query optimization
-    - Static file serving
-
-12. Code Quality Tools
-    - Lint/Format tools (ruff, black, isort, mypy, flake8)
-    - Pre-commit hooks
-    - Type Checking (mypy, pyright)
-    - CI integration status
-
-Do not generate code. Merge only.
-Save results to claudeos-core/generated/pass2-merged.json.
+Read all pass1-*.json files from the claudeos-core/generated/ directory and
+merge all domain analysis results into a single unified report.
+
+Merge items:
+
+1. Universal Patterns (shared by 100% of all domains)
+   - Route/Blueprint style (decorators, response format, status codes)
+   - **Response flow**: Which layer wraps the response? (route handler vs service layer)
+     Record the definitive answer. If an orchestration layer exists, describe it.
+   - Model/serialization conventions (SQLAlchemy, marshmallow)
+   - Data access patterns (session management, queries)
+   - Application factory structure (create_app, extensions)
+   - Error handling patterns
+   - Before/after request hooks
+
+2. Majority Patterns (shared by 50%+ of domains)
+   - Specify which domains share them
+
+3. Domain-Specific Patterns (unique to a single domain)
+   - File upload: which domain
+   - WebSocket: which domain
+   - Background tasks: which domain
+   - External API: which domain
+   - Caching: which domain
+   - Template rendering: which domain
+
+4. Anti-pattern Summary
+   - Consolidate all inconsistencies found across domains
+   - Classify by severity (CRITICAL / HIGH / MEDIUM / LOW)
+
+5. Naming Conventions Summary
+   - Module/package naming (snake_case)
+   - Blueprint naming conventions
+   - Model/schema naming conventions
+   - Route URL patterns
+   - File structure conventions
+
+6. Common Models/Utilities List
+   - Base model mixins with EXACT import paths
+   - Shared utility functions with EXACT module paths
+   - Constants/Enum management with EXACT locations
+   - Extension instances (db, login_manager, etc.)
+
+7. Security/Authentication Patterns
+   - Authentication method (flask-login, flask-jwt-extended, custom)
+   - Authorization decorators (login_required, custom)
+   - CSRF protection
+   - CORS configuration
+   - Environment variable management
+
+8. Database Patterns
+   - Table naming (__tablename__)
+   - Migration strategy (Flask-Migrate)
+   - Seed data management
+   - Audit fields (created_at, updated_at)
+   - Relationship patterns
+   - Index/constraints
+
+9. Testing Strategy Summary
+   - Test coverage level
+   - Test classification system (unit/integration/E2E)
+   - Test client setup (app.test_client)
+   - Fixture/Factory strategy
+   - Mocking strategy
+   - DB test strategy
+
+10. Logging/Monitoring Strategy
+    - Logger standard (app.logger vs custom)
+    - Log level policy
+    - Request/response logging
+
+11. Performance Patterns
+    - Caching strategy (Flask-Caching)
+    - Connection pool configuration
+    - Query optimization
+    - Static file serving
+
+12. Code Quality Tools
+    - Lint/Format tools (ruff, black, isort, mypy, flake8)
+    - Pre-commit hooks
+    - Type Checking (mypy, pyright)
+    - CI integration status
+
+Do not generate code. Merge only.
+Save results to claudeos-core/generated/pass2-merged.json.

package/plan-installer/domain-grouper.js

@@ -1,76 +1,76 @@
-/**
- * ClaudeOS-Core — Domain Grouper
- *
- * Splits domains into analysis groups, determines active domains,
- * and selects appropriate templates based on detected stack.
- */
-
-function splitDomainGroups(domains, type, template) {
-  const MAX_FILES_PER_GROUP = 40;
-  const MAX_DOMAINS_PER_GROUP = 4;
-  const groups = [];
-  let current = [];
-  let fileCount = 0;
-
-  for (const d of domains) {
-    // Flush current group before adding if it would exceed limits
-    if (current.length > 0 && (fileCount + d.totalFiles > MAX_FILES_PER_GROUP || current.length >= MAX_DOMAINS_PER_GROUP)) {
-      groups.push({ type, template, domains: [...current], estimatedFiles: fileCount });
-      current = [];
-      fileCount = 0;
-    }
-    current.push(d.name);
-    fileCount += d.totalFiles;
-  }
-  if (current.length > 0) {
-    groups.push({ type, template, domains: [...current], estimatedFiles: fileCount });
-  }
-
-  return groups;
-}
-
-// ─── Determine active domains ───────────────────────────────────
-function determineActiveDomains(stack) {
-  const isBackend = !!stack.framework && stack.framework !== "vite";
-  return {
-    "00.core": true,
-    "10.backend": !!isBackend,
-    "20.frontend": !!stack.frontend,
-    "30.security-db": !!(stack.database || isBackend || stack.frontend),
-    "40.infra": true,
-    "50.verification": true,
-    "90.optional": true,
-  };
-}
-
-// ─── Template selection (multi-stack) ──────────────────────────────
-function selectTemplates(stack) {
-  const templates = { backend: null, frontend: null };
-
-  // Backend template (requires a backend framework; language-only fallback skipped for pure frontend projects)
-  if (stack.language === "kotlin") templates.backend = "kotlin-spring";
-  else if (stack.language === "java") templates.backend = "java-spring";
-  else if (stack.framework === "nestjs") templates.backend = "node-nestjs";
-  else if (stack.framework === "express") templates.backend = "node-express";
-  else if (stack.framework === "fastify") templates.backend = "node-fastify";
-  else if (stack.framework === "django") templates.backend = "python-django";
-  else if (stack.framework === "fastapi") templates.backend = "python-fastapi";
-  else if (stack.framework === "flask") templates.backend = "python-flask";
-  else if ((stack.language === "typescript" || stack.language === "javascript") && stack.framework && stack.framework !== "vite") templates.backend = "node-express";
-  else if (stack.language === "python" && stack.framework) templates.backend = "python-fastapi";
-
-  // Frontend template
-  if (stack.frontend === "nextjs") {
-    templates.frontend = "node-nextjs";
-  } else if (stack.frontend === "react") {
-    templates.frontend = stack.framework === "vite" ? "node-vite" : "node-nextjs";
-  } else if (stack.frontend === "vue") {
-    templates.frontend = "vue-nuxt";
-  } else if (stack.frontend === "angular") {
-    templates.frontend = "angular";
-  }
-
-  return templates;
-}
-
-module.exports = { splitDomainGroups, determineActiveDomains, selectTemplates };
+/**
+ * ClaudeOS-Core — Domain Grouper
+ *
+ * Splits domains into analysis groups, determines active domains,
+ * and selects appropriate templates based on detected stack.
+ */
+
+function splitDomainGroups(domains, type, template) {
+  const MAX_FILES_PER_GROUP = 40;
+  const MAX_DOMAINS_PER_GROUP = 4;
+  const groups = [];
+  let current = [];
+  let fileCount = 0;
+
+  for (const d of domains) {
+    // Flush current group before adding if it would exceed limits
+    if (current.length > 0 && (fileCount + d.totalFiles > MAX_FILES_PER_GROUP || current.length >= MAX_DOMAINS_PER_GROUP)) {
+      groups.push({ type, template, domains: [...current], estimatedFiles: fileCount });
+      current = [];
+      fileCount = 0;
+    }
+    current.push(d.name);
+    fileCount += d.totalFiles;
+  }
+  if (current.length > 0) {
+    groups.push({ type, template, domains: [...current], estimatedFiles: fileCount });
+  }
+
+  return groups;
+}
+
+// ─── Determine active domains ───────────────────────────────────
+function determineActiveDomains(stack) {
+  const isBackend = !!stack.framework && stack.framework !== "vite";
+  return {
+    "00.core": true,
+    "10.backend": !!isBackend,
+    "20.frontend": !!stack.frontend,
+    "30.security-db": !!(stack.database || isBackend || stack.frontend),
+    "40.infra": true,
+    "50.verification": true,
+    "90.optional": true,
+  };
+}
+
+// ─── Template selection (multi-stack) ──────────────────────────────
+function selectTemplates(stack) {
+  const templates = { backend: null, frontend: null };
+
+  // Backend template (requires a backend framework; language-only fallback skipped for pure frontend projects)
+  if (stack.language === "kotlin") templates.backend = "kotlin-spring";
+  else if (stack.language === "java") templates.backend = "java-spring";
+  else if (stack.framework === "nestjs") templates.backend = "node-nestjs";
+  else if (stack.framework === "express") templates.backend = "node-express";
+  else if (stack.framework === "fastify") templates.backend = "node-fastify";
+  else if (stack.framework === "django") templates.backend = "python-django";
+  else if (stack.framework === "fastapi") templates.backend = "python-fastapi";
+  else if (stack.framework === "flask") templates.backend = "python-flask";
+  else if ((stack.language === "typescript" || stack.language === "javascript") && stack.framework && stack.framework !== "vite") templates.backend = "node-express";
+  else if (stack.language === "python" && stack.framework) templates.backend = "python-fastapi";
+
+  // Frontend template
+  if (stack.frontend === "nextjs") {
+    templates.frontend = "node-nextjs";
+  } else if (stack.frontend === "react") {
+    templates.frontend = stack.framework === "vite" ? "node-vite" : "node-nextjs";
+  } else if (stack.frontend === "vue") {
+    templates.frontend = "vue-nuxt";
+  } else if (stack.frontend === "angular") {
+    templates.frontend = "angular";
+  }
+
+  return templates;
+}
+
+module.exports = { splitDomainGroups, determineActiveDomains, selectTemplates };