codeninja 3.1.0 → 3.2.0

package/ide/antigravity/.agents/workflows/codeninja-refactor.md

@@ -1,23 +1,68 @@
 ---
 slash_command: /codeninja:refactor
-personas: [global-orchestrator, nodejs-backend]
-skills: [mcp-and-context, api-builder]
-description: Rename or restructure code with full context tracking
+personas: [global-orchestrator, nodejs-backend, database-architect]
+skills: [mcp-and-context, api-builder, database, code-intelligence]
+description: Rename or restructure code with full context tracking.
 ---
 
 # /codeninja:refactor
 
-Delegates to: `.codeninja/commands/refactor.workflow.md`
-
 ## Before Running
 1. Call `context_read`
-2. Ask: "What are you refactoring?" — field rename, file restructure, module rename?
+2. Call `context_check_stale`
+
+## Execution — Full Step-by-Step
+
+**Step 1.** Ask: "What type of refactor?"
+1. Rename a DB column
+2. Rename a service
+3. Rename a table
+4. Rename a module
+5. Restructure files
+- Store: `context.current_refactor.type`
+
+**Step 2.** Ask: "Which service?" (if applicable — skip for DB-only refactors)
+
+---
 
-## Execution
-Read and execute `refactor.workflow.md`.
-Show full list of affected files before making any change.
-ONE confirmation, then apply all changes.
-Update `context.change_log` with before/after record.
+### If "Rename DB column":
+- Ask: "Which table?" (list from context)
+- Ask: "Which column to rename?" (list current columns)
+- Ask: "New column name?" (snake_case)
+- Delegate to database-agent:
+  - Generate ALTER TABLE migration file
+  - Update `context.db.schema.tables[<table>].columns`
+  - Append to `context.db.schema.change_log`
+- Delegate to nodejs-agent:
+  - Find all references to old column name in service files
+  - Update model queries
+  - Update swagger_doc.json
+
+### If "Rename service":
+- Ask: "Current service name?" (list from context)
+- Ask: "New service name?"
+- Update `context.services` key
+- Append to `context.change_log`
+
+### If "Rename table":
+- Ask: "Which table?" (list from context)
+- Ask: "New table name?" (must start with tbl_, snake_case)
+- Delegate to database-agent:
+  - Generate ALTER migration: `RENAME TABLE <old> TO <new>`
+  - Update `context.db.schema.tables` key
+  - Append to `context.db.schema.change_log`: `{ type: "table_renamed", from: "<old>", to: "<new>" }`
+- Delegate to nodejs-agent:
+  - Find all references to old table name in model files
+  - Update queries in all affected services
+- Append to top-level `context.change_log`
+
+### If "Rename module":
+- Ask: "Current module name?"
+- Ask: "New module name?"
+- Delegate to nodejs-agent → rename files and update route_manager
+
+---
 
-## After Running
-Call `context_write` with updated service/module names if renamed.
+**Confirm:** "Apply refactor? (yes/no)"
+If yes → make all changes → call `context_write` → call `context_clear_scratchpad` ["current_refactor"]
+Show final summary.

package/ide/antigravity/.agents/workflows/codeninja-review.md

@@ -2,11 +2,69 @@
 slash_command: /codeninja:review
 personas: [global-orchestrator, nodejs-backend]
 skills: [mcp-and-context, api-builder, code-intelligence]
-description: Code review — severity-ranked findings with exact before/after fixes
+description: Deep code review with severity-ranked findings and concrete fixes.
 ---
+
 # /codeninja:review
-Delegates to: `.codeninja/commands/review.workflow.md`
-Before: `context_read`, `fs_read` target, read 1–2 sibling modules.
-Run full checklist: Security → Architecture → Code Quality → Database.
-Output: [CRITICAL|WARNING|SUGGESTION] with before/after code.
-Offer to apply fixes. Confirm each before writing.
+
+## Before Running
+1. Call `context_read`
+2. Call `context_check_stale`
+
+## Execution — Full Step-by-Step
+
+### Step 1 — Identify Target
+If not specified, ask: "Which file or module would you like reviewed?"
+
+### Step 2 — Load Context
+1. Call `fs_read` on the target file
+2. Read 1–2 similar modules from `context.services[<service>].modules` for pattern comparison
+3. Cross-reference `context.db.schema` for table/column accuracy
+
+### Step 3 — Run Review Checklist
+
+#### Security (CRITICAL if failing)
+- [ ] All POST/PUT/PATCH routes have validatorjs input validation
+- [ ] API key middleware applied before any route logic
+- [ ] JWT auth middleware present on protected routes
+- [ ] No hardcoded secrets, keys, or passwords
+- [ ] Parameterized queries only — no string concatenation in SQL
+- [ ] Error responses don't leak stack traces or internal details
+
+#### Architecture (WARNING if failing)
+- [ ] 2-layer rule: no SQL in route.js, no res.json() in model.js
+- [ ] route_manager.js registration matches route file
+- [ ] swagger_doc.json has entry for this endpoint
+- [ ] All user-facing strings in languages/en.js — none hardcoded in route.js
+
+#### Code Quality (SUGGESTION if failing)
+- [ ] JSDoc on every exported function
+- [ ] No unused variables or dead imports
+- [ ] No console.log — project logger used instead
+- [ ] Async functions have try/catch blocks
+- [ ] SELECT * not used — explicit column list
+
+#### Database (WARNING if failing)
+- [ ] Column names match context.db.schema exactly (snake_case)
+- [ ] Foreign key columns indexed
+- [ ] Transactions used where multiple writes occur together
+- [ ] LIMIT clause on any query that could return unbounded rows
+
+### Step 4 — Output Findings
+
+For each issue:
+```
+[CRITICAL|WARNING|SUGGESTION]
+File:   path/to/file.js  (~line N)
+Issue:  clear one-line description
+Before: the current code
+After:  the corrected code
+Why:    one sentence explanation
+```
+
+End with: `Review complete: X critical · Y warnings · Z suggestions`
+
+### Step 5 — Offer Auto-Fix
+"Would you like me to apply any of these fixes?
+- SUGGESTION-level: apply all at once
+- WARNING/CRITICAL: one at a time, confirm each"

package/ide/antigravity/.agents/workflows/codeninja-sync.md

@@ -1,23 +1,183 @@
 ---
 slash_command: /codeninja:sync
 personas: [global-orchestrator, nodejs-backend]
-skills: [mcp-and-context]
-description: Scan the entire repo and rebuild context.json from disk
+skills: [mcp-and-context, code-intelligence]
+description: Scan the entire repository and rebuild context.json from what actually exists on disk.
 ---
 
 # /codeninja:sync
 
-Delegates to: `.codeninja/commands/sync.workflow.md`
-
 ## Before Running
-1. Call `context_read` — load current state
+1. Call `context_read` — load current state (or detect empty)
 2. Call `service_scan` — discover all services on disk
+3. Call `context_check_stale`
+
+## Two Operating Modes (auto-detected — do NOT ask user)
+
+### Mode A — Agent-Initialized Project
+Indicators: context.json exists AND `context_version > 0` AND `context.services` has entries.
+→ Trust context.json as baseline, scan for drift and gaps, merge new findings without overwriting.
+
+### Mode B — Legacy / No-Context Project
+Indicators: context.json missing OR `context_version == 0` OR `context.services` is empty.
+→ Treat every discovery as new. Build context.json entirely from disk. No assumptions about structure.
+
+## Core Rules (both modes)
+- ALWAYS write context.json at the end — no exceptions
+- NEVER delete existing context entries — only add or update
+- NEVER assume a file will be in a specific location — scan first
+- Report all findings in the sync report at the end
+
+---
+
+## Execution — Full Step-by-Step
+
+### Phase 0 — Prepare
+
+**Step 0a.** Check if `.codeninja/context/` exists. If not → create it.
+**Step 0b.** Call `context_read`. If returns empty schema (version == 0) → set mode B, fresh schema.
+**Step 0c.** Call `service_scan` — detect all service directories at repo root.
+**Step 0d.** Init sync report counters: `services_synced`, `routes_discovered`, `routes_new`,
+`db_tables_synced`, `db_tables_new`, `gaps_filled`, `unchanged`, `legacy_inferences`
+
+---
+
+### Phase 1 — Repository Structure Discovery
+
+#### 1a — Find all service-like directories
+Scan every directory at repository root. A directory is a candidate service if it contains ANY of:
+- `package.json`
+- `app.js` or `index.js`
+- `src/` directory
+- `composer.json` (PHP — record but do not deep-scan)
+
+For each candidate service directory:
+- Read `package.json` if present → extract name, version, dependencies
+- Detect type: NodeJS vs ReactJS:
+  - ReactJS: has `react` in dependencies, has `src/App.jsx` or `src/App.js`
+  - NodeJS: has `express` in dependencies, has `app.js` with `require('express')`
+  - Unknown: record type as "unknown"
+- Read `.env` if present (gitignored, may not exist) → extract PORT, DB_*, REDIS_*, KEY, IV, API_KEY
+- Read `.env.example` if present → extract all keys defined
+
+#### 1b — Detect service port
+Priority order:
+1. PORT value from `.env`
+2. PORT value from `.env.example`
+3. `app.listen(PORT, ...)` call in `app.js` — extract default
+4. `context.services[<n>].port` if already recorded
+
+#### 1c — Detect modules (NodeJS services)
+For each NodeJS service:
+- Scan `modules/` directory (may be `v1/`, `v2/`, etc.)
+- Each subdirectory containing `route.js` = one module
+- Read `route.js` — extract: HTTP method, route path, whether auth middleware is applied
+- Record: `{ module_name, version, method, route_path, has_auth }`
+
+#### 1d — Detect React pages (ReactJS services)
+For each ReactJS service:
+- Scan `src/pages/` — each subdirectory with `index.jsx` or `index.js` = one page
+- Scan `src/views/` if it exists — same logic
+- Detect linked backend:
+  - Read `src/api/apiClient.js` → extract `baseURL` → parse port → match against `context.services`
+  - Or read `.env` → `REACT_APP_BASE_URL` → parse port
+
+---
+
+### Phase 2 — Database Discovery
+
+**Step 2a.** Scan for `database/` directory at repo root.
+If found → read sub-directories to determine db type (postgresql, mysql, mongodb).
+
+**Step 2b.** For each db type directory found:
+- List all `.sql` files in `migrations/` sorted by numeric prefix
+- Parse each setup file:
+  - Extract table name from `CREATE TABLE`
+  - Extract column names and types
+  - Extract CHECK constraints and COMMENT ON COLUMN
+  - Extract per-file CREATE INDEX statements
+- Parse ALTER files: ADD COLUMN, RENAME COLUMN, DROP COLUMN, ADD CONSTRAINT
+- Parse DROP files: mark table as dropped
+- Parse `111-setup-database-indexes.sql`: extract CREATE INDEX, associate with tables
+- Build the full schema state from all files in order
+
+---
+
+### Phase 3 — Context Assembly
+
+#### Mode A — Merge with existing context
+
+For each discovered service:
+- If service already in `context.services` → check for drift:
+  - Port changed? → flag and ask user which to keep
+  - New modules found not in context → add them
+  - Modules in context not found on disk → flag as "missing on disk"
+- If service NOT in context → add it as new entry
+
+For DB schema:
+- Add any tables not in context
+- Add any columns not tracked
+- Add any indexes not tracked
+- For renames found in ALTER files → append to change_log if not already there
+
+#### Mode B — Build from scratch
+
+For each discovered service, build full entry:
+```json
+{
+  "service_name": "<n>",
+  "type": "nodejs|reactjs",
+  "port": <n>,
+  "description": "<inferred from package.json description or service name>",
+  "modules": [...],
+  "linked_service": "<inferred from apiClient.js>",
+  "detected_by": "sync"
+}
+```
+
+For legacy projects that don't follow agent conventions:
+- Record what IS found without imposing expected structure
+- Set `legacy: true` flag on the service entry
+- Note what is missing and suggest /codeninja:init to scaffold missing pieces
+
+---
+
+### Phase 4 — Drift Report and Confirmation
+
+Before writing anything, present a drift report:
+
+```
+SYNC REPORT
+════════════════════════════════════════════
+Mode: A (agent-initialized) | B (legacy/fresh)
+────────────────────────────────────────────
+Services discovered on disk:    [n]
+Services already in context:    [n]
+New services to add:            [n]
+Services with drift:            [n]
+────────────────────────────────────────────
+DB tables on disk:              [n]
+DB tables already in context:   [n]
+New tables to add:              [n]
+────────────────────────────────────────────
+DRIFT ITEMS (require confirmation):
+  ⚠ service [n]: port in context = 1001, found on disk = 1002
+  ⚠ module [n] in context but route.js not found on disk
+────────────────────────────────────────────
+```
+
+For each DRIFT ITEM: ask user to confirm which value to keep — one at a time.
+
+---
+
+### Phase 5 — Write Context
+
+**Step 5.** Call `context_write` with the fully assembled context object.
+Set `last_command` = "sync"
 
-## Execution
-Read and execute `sync.workflow.md`.
-Use `run_drift_check` MCP tool to compare context vs disk.
-Surface all detected drifts before writing anything.
-User approves the sync before context is updated.
+**Step 6.** Show final sync summary with counts of what was added/updated.
 
-## After Running
-Call `context_write` with fully rebuilt context.
+**Step 7.** Suggest next steps based on findings:
+- If new services found → "Run /codeninja:api to add API routes"
+- If schema gaps found → "Run /codeninja:db:sync to rebuild DB schema"
+- If legacy project → "Run /codeninja:init to scaffold missing baseline files"

package/ide/antigravity/.agents/workflows/codeninja-test.md

@@ -1,19 +1,61 @@
 ---
 slash_command: /codeninja:test
 personas: [global-orchestrator, nodejs-backend]
-skills: [mcp-and-context, api-builder]
-description: Generate Jest + Supertest test files for a module
+skills: [mcp-and-context, api-builder, code-intelligence]
+description: Generate or run Jest + Supertest tests for a NodeJS module.
 ---
 
 # /codeninja:test
 
-Delegates to: `.codeninja/commands/test.workflow.md`
-
 ## Before Running
 1. Call `context_read`
-2. Ask: "Which module and service?" — list from `context.services[<n>].modules`
+2. Call `context_check_stale`
+
+## Execution — Full Step-by-Step
+
+**Step 1.** Ask: "Which service?" (list from `context.services`)
+- Store: `context.current_test.service_name`
+
+**Step 2.** Ask: "Which module?" (list from `context.services[<n>].modules`)
+- Store: `context.current_test.module_name`
+
+**Step 3.** Ask: "Generate new tests or run existing tests?"
+- Option 1: Generate new tests
+- Option 2: Run existing tests
+- Store: `context.current_test.type`
+
+**Step 4.** If `generate`:
+- Read `modules/<version>/<Module>/route.js` from disk
+- Read `modules/<version>/<Module>/<module>_model.js` from disk
+- Read `context.api_routes` for this module
+- Delegate to nodejs-agent → generate `tests/<version>/<Module>.test.js`
+
+Generated test file covers:
+- 200 happy path for each endpoint
+- 400 validation failures (missing required fields, wrong types)
+- 401 missing or invalid API key header
+- 401 missing or invalid auth token (for protected routes)
+- 404 not found (where applicable)
+- 500 simulated service error (mock DB failure)
+
+Test structure:
+```javascript
+const request = require('supertest');
+const app = require('../../app');
+
+describe('<Module> — POST /<path>', () => {
+  it('200 — happy path', async () => { ... });
+  it('400 — missing required field', async () => { ... });
+  it('401 — invalid api-key', async () => { ... });
+  it('401 — invalid auth token', async () => { ... });
+  it('404 — record not found', async () => { ... });
+});
+```
+
+**Step 5.** If `run`:
+- Execute: `npm test` inside service directory
+- Parse results and display pass/fail summary
+
+**Step 6.** Call `context_write` → update `context.services[<n>].tests`
 
-## Execution
-Read and execute `test.workflow.md`.
-Generate `tests/v1/<ModuleName>.test.js`.
-Tests cover: happy path, each validation failure, auth failure, edge cases.
+**Step 7.** Show final summary.