codecruise 0.1.0

package/config/skills/git/SKILL.md

@@ -0,0 +1,396 @@
+---
+name: git
+description: Commits, branching, and workflow discipline
+version: 1.0.0
+triggers:
+  - commit
+  - branch
+  - PR
+  - merge
+  - git
+  - push
+---
+
+# Git Skill
+
+Git workflow discipline for clean, atomic, reviewable history.
+
+## Quick Reference
+
+### Commit Discipline
+
+| ID | Rule | Priority |
+|----|------|----------|
+| git-1 | Use conventional commits format | CRITICAL |
+| git-2 | One logical change per commit | CRITICAL |
+| git-3 | Never commit secrets or credentials | CRITICAL |
+| git-4 | Write descriptive commit messages (why, not what) | HIGH |
+| git-5 | Keep commits small and focused | HIGH |
+| git-6 | Run tests before committing | HIGH |
+| git-7 | Use imperative mood in commit messages | MEDIUM |
+
+### Branching
+
+| ID | Rule | Priority |
+|----|------|----------|
+| branch-1 | Use feature branches for all changes | CRITICAL |
+| branch-2 | Never push directly to main/master | CRITICAL |
+| branch-3 | Keep branches short-lived (<1 week) | HIGH |
+| branch-4 | Use consistent branch naming convention | HIGH |
+| branch-5 | Delete branches after merge | MEDIUM |
+| branch-6 | Rebase feature branches before PR | MEDIUM |
+
+### Pull Requests
+
+| ID | Rule | Priority |
+|----|------|----------|
+| pr-1 | One feature per PR | CRITICAL |
+| pr-2 | Write clear PR description | HIGH |
+| pr-3 | Keep PRs small (<400 lines) | HIGH |
+| pr-4 | Include test plan in PR | HIGH |
+| pr-5 | Link PRs to issues/TODOs | MEDIUM |
+| pr-6 | Request review from domain experts | MEDIUM |
+
+---
+
+## Commit Conventions
+
+### git-1: Conventional Commits
+
+```
+type(scope): description
+
+[optional body]
+
+[optional footer]
+```
+
+#### Types
+
+```
+feat     - New feature for users
+fix      - Bug fix for users
+docs     - Documentation changes only
+style    - Formatting, no code change
+refactor - Code restructure, no behavior change
+perf     - Performance improvements
+test     - Adding or updating tests
+chore    - Build, CI, tooling changes
+```
+
+#### Examples
+
+```bash
+# Feature
+feat(auth): implement password reset flow
+
+Add forgot password endpoint and email service integration.
+Includes rate limiting to prevent abuse.
+
+Closes #123
+
+# Bug fix
+fix(cart): prevent duplicate items on rapid clicks
+
+Debounce add-to-cart button and check for existing items
+before adding to prevent quantity drift.
+
+# Breaking change
+feat(api)!: change user endpoint response format
+
+BREAKING CHANGE: User endpoint now returns nested profile object
+instead of flat structure. Update all clients to use user.profile.
+
+# Multi-scope
+feat(auth,api): add OAuth2 support
+
+# No scope (project-wide)
+chore: update dependencies to latest versions
+```
+
+### git-4: Commit Message Quality
+
+```bash
+# BAD: What (obvious from diff)
+fix: fixed the bug
+feat: added feature
+chore: updated code
+
+# GOOD: Why (context not in diff)
+fix(auth): prevent session fixation after password change
+
+User sessions were persisting after password change, allowing
+compromised tokens to remain valid. Now invalidates all sessions
+except current on password update.
+
+# GOOD: Context for future readers
+refactor(db): extract connection pooling to dedicated module
+
+Preparing for multi-tenant support. Pooling logic was embedded
+in query builder, making it hard to configure per-tenant limits.
+```
+
+---
+
+## Branching Strategy
+
+### branch-4: Branch Naming
+
+```bash
+# Format: type/scope-description
+
+# Features
+feature/auth-password-reset
+feature/checkout-stripe-integration
+feat/user-profile-page
+
+# Bug fixes
+fix/cart-quantity-overflow
+bugfix/login-redirect-loop
+
+# Chores
+chore/upgrade-react-19
+chore/ci-parallel-tests
+
+# Hotfix (urgent production fix)
+hotfix/payment-decimal-error
+
+# Release
+release/v2.1.0
+```
+
+### branch-6: Rebase Before PR
+
+```bash
+# Update feature branch with latest main
+git checkout feature/my-feature
+git fetch origin
+git rebase origin/main
+
+# If conflicts:
+# 1. Resolve conflicts in each file
+# 2. git add <resolved-files>
+# 3. git rebase --continue
+
+# Force push rebased branch (safe for feature branches)
+git push --force-with-lease origin feature/my-feature
+```
+
+---
+
+## Pull Request Guidelines
+
+### pr-2: PR Description Template
+
+```markdown
+## Summary
+Brief description of what this PR does.
+
+## Changes
+- Added X component for Y functionality
+- Updated Z service to handle edge case
+- Fixed bug where A caused B
+
+## Test Plan
+- [ ] Unit tests pass
+- [ ] Manual testing steps:
+  1. Navigate to /feature
+  2. Click button X
+  3. Verify Y happens
+
+## Screenshots (if UI changes)
+Before | After
+
+## Related
+- Closes #123
+- Related to #456
+```
+
+### pr-3: Keeping PRs Small
+
+```bash
+# Break large features into incremental PRs:
+
+# PR 1: Infrastructure
+feat(db): add user_preferences table migration
+
+# PR 2: Backend
+feat(api): implement preferences CRUD endpoints
+
+# PR 3: Frontend
+feat(ui): create preferences settings page
+
+# PR 4: Integration
+feat(settings): wire preferences page to API
+
+# Each PR is reviewable, testable, deployable
+```
+
+---
+
+## Git Workflow
+
+### Feature Development
+
+```bash
+# 1. Start from updated main
+git checkout main
+git pull origin main
+
+# 2. Create feature branch
+git checkout -b feature/auth-login-form
+
+# 3. Make changes with atomic commits
+git add src/components/LoginForm.tsx
+git commit -m "feat(auth): add login form component"
+
+git add src/hooks/useAuth.ts
+git commit -m "feat(auth): add useAuth hook for login state"
+
+git add tests/auth.test.ts
+git commit -m "test(auth): add login form tests"
+
+# 4. Push and create PR
+git push -u origin feature/auth-login-form
+gh pr create --title "feat(auth): implement login form" --body "..."
+```
+
+### Handling Conflicts
+
+```bash
+# Fetch and rebase onto main
+git fetch origin
+git rebase origin/main
+
+# If conflicts occur:
+# 1. Edit conflicted files (look for <<<<<<< markers)
+# 2. Stage resolved files
+git add <resolved-file>
+# 3. Continue rebase
+git rebase --continue
+
+# If rebase gets messy, abort and try merge
+git rebase --abort
+git merge origin/main
+```
+
+### Amending Commits
+
+```bash
+# Amend last commit (before push)
+git add <forgotten-file>
+git commit --amend --no-edit
+
+# Amend last commit message
+git commit --amend -m "feat(auth): better description"
+
+# NEVER amend pushed commits on shared branches
+```
+
+### Interactive Rebase
+
+```bash
+# Clean up last 3 commits before PR
+git rebase -i HEAD~3
+
+# In editor:
+pick abc1234 feat(auth): add login form
+squash def5678 fix typo
+squash ghi9012 add missing test
+
+# Results in single clean commit
+```
+
+---
+
+## Safety Rules
+
+### git-3: Never Commit Secrets
+
+```bash
+# Add to .gitignore
+.env
+.env.*
+*.pem
+*.key
+credentials.json
+secrets/
+
+# Check for secrets before commit
+git diff --cached | grep -E "(password|secret|api_key|token)"
+
+# If accidentally committed:
+# 1. Remove from history (if not pushed)
+git reset --soft HEAD~1
+# 2. Add to .gitignore
+echo "secrets.json" >> .gitignore
+# 3. Recommit without secrets
+
+# If pushed: rotate all exposed credentials immediately
+```
+
+### Dangerous Commands
+
+```bash
+# AVOID unless absolutely necessary:
+git push --force          # Use --force-with-lease instead
+git reset --hard          # Loses uncommitted work
+git clean -fd             # Deletes untracked files
+git checkout .            # Discards all changes
+
+# SAFE alternatives:
+git push --force-with-lease  # Fails if remote changed
+git stash                    # Save work before reset
+git stash -u                 # Include untracked files
+```
+
+---
+
+## Git Aliases (Productivity)
+
+```bash
+# Add to ~/.gitconfig
+[alias]
+  co = checkout
+  br = branch
+  ci = commit
+  st = status
+  unstage = reset HEAD --
+  last = log -1 HEAD
+  graph = log --oneline --graph --all
+
+  # Useful shortcuts
+  amend = commit --amend --no-edit
+  wip = commit -am "WIP"
+  undo = reset --soft HEAD~1
+
+  # Branch management
+  cleanup = "!git branch --merged | grep -v main | xargs git branch -d"
+```
+
+---
+
+## Pre-commit Hooks
+
+```bash
+# .husky/pre-commit
+#!/bin/sh
+npm run lint-staged
+
+# lint-staged.config.js
+module.exports = {
+  '*.{ts,tsx}': ['eslint --fix', 'prettier --write'],
+  '*.{json,md}': ['prettier --write'],
+};
+```
+
+```bash
+# .husky/commit-msg
+#!/bin/sh
+npx commitlint --edit $1
+
+# commitlint.config.js
+module.exports = {
+  extends: ['@commitlint/config-conventional'],
+};
+```

package/config/skills/index.yaml

@@ -0,0 +1,36 @@
+# Skills Index
+# Loaded at startup (~100 tokens)
+# Full skills loaded on-demand when triggers match
+
+version: '1.0.0'
+
+skills:
+  typescript:
+    description: TypeScript strict patterns and type safety
+    triggers: ['*.ts', '*.tsx', 'types', 'strict', 'zod', 'typescript']
+    rules_count: 15
+
+  frontend:
+    description: React, accessibility, and performance patterns
+    triggers: ['react', 'component', '*.tsx', 'accessibility', 'a11y', 'UI', 'CSS', 'tailwind']
+    rules_count: 40
+
+  backend:
+    description: API design, database, and security patterns
+    triggers: ['api', 'endpoint', 'database', 'SQL', 'auth', 'server', 'REST', 'tRPC', 'postgres', 'postgresql', 'mongo', 'mongodb', 'prisma', 'drizzle']
+    rules_count: 51
+
+  testing:
+    description: TDD workflow, unit, integration, and E2E testing
+    triggers: ['test', 'TDD', 'vitest', 'jest', 'playwright', 'spec', 'mock']
+    rules_count: 25
+
+  git:
+    description: Commits, branching, and workflow discipline
+    triggers: ['commit', 'branch', 'PR', 'merge', 'git', 'push']
+    rules_count: 19
+
+# Loading strategy:
+# 1. This index always loaded (~100 tokens)
+# 2. When trigger matches, load skill SKILL.md summary (~300-500 tokens)
+# 3. When applying rule, read specific rule file (~100-200 tokens)