npm - codeninja - Versions diffs - 3.2.0 → 4.0.0 - Mend

codeninja 3.2.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (111) hide show

package/README.md +13 -1
package/agent/database-agent.md +24 -1
package/agent/nodejs-agent.md +79 -0
package/cli.js +27 -7
package/commands/audit.workflow.md +4 -1
package/commands/db-create-table.workflow.md +1 -1
package/commands/initialize-project.workflow.md +21 -0
package/ide/antigravity/.agents/personas/database-architect.md +431 -153
package/ide/antigravity/.agents/personas/global-orchestrator.md +202 -85
package/ide/antigravity/.agents/personas/nodejs-backend.md +368 -133
package/ide/antigravity/.agents/personas/reactjs-frontend.md +182 -101
package/ide/antigravity/.agents/skills/api-builder/SKILL.md +58 -0
package/ide/antigravity/.agents/skills/code-intelligence/SKILL.md +22 -0
package/ide/antigravity/.agents/skills/database/SKILL.md +32 -0
package/ide/antigravity/.agents/skills/mcp-and-context/SKILL.md +76 -82
package/ide/antigravity/.agents/skills/reactjs/SKILL.md +36 -0
package/ide/antigravity/.agents/workflows/codeninja-api.md +76 -83
package/ide/antigravity/.agents/workflows/codeninja-audit.md +82 -44
package/ide/antigravity/.agents/workflows/codeninja-db-create.md +107 -94
package/ide/antigravity/.agents/workflows/codeninja-db-drop.md +89 -67
package/ide/antigravity/.agents/workflows/codeninja-db-index.md +86 -54
package/ide/antigravity/.agents/workflows/codeninja-db-modify.md +126 -68
package/ide/antigravity/.agents/workflows/codeninja-db-seed.md +87 -59
package/ide/antigravity/.agents/workflows/codeninja-db-sync.md +77 -41
package/ide/antigravity/.agents/workflows/codeninja-debug.md +35 -21
package/ide/antigravity/.agents/workflows/codeninja-design.md +49 -35
package/ide/antigravity/.agents/workflows/codeninja-explain.md +41 -20
package/ide/antigravity/.agents/workflows/codeninja-init.md +479 -289
package/ide/antigravity/.agents/workflows/codeninja-integrate-api.md +253 -136
package/ide/antigravity/.agents/workflows/codeninja-modularize.md +250 -132
package/ide/antigravity/.agents/workflows/codeninja-optimize.md +71 -29
package/ide/antigravity/.agents/workflows/codeninja-refactor.md +50 -42
package/ide/antigravity/.agents/workflows/codeninja-review.md +38 -21
package/ide/antigravity/.agents/workflows/codeninja-sync.md +922 -141
package/ide/antigravity/.agents/workflows/codeninja-test.md +34 -49
package/ide/antigravity/.agents/workflows/codeninja-validate-page.md +449 -151
package/ide/claude-code/.claude/CLAUDE.md +99 -0
package/ide/claude-code/.claude/agents/database-agent.md +535 -0
package/ide/claude-code/.claude/agents/nodejs-agent.md +493 -0
package/ide/claude-code/.claude/agents/reactjs-agent.md +267 -0
package/ide/claude-code/.claude/commands/codeninja-api.md +104 -0
package/ide/claude-code/.claude/commands/codeninja-audit.md +119 -0
package/ide/claude-code/.claude/commands/codeninja-db-create.md +138 -0
package/ide/claude-code/.claude/commands/codeninja-db-drop.md +109 -0
package/ide/claude-code/.claude/commands/codeninja-db-index.md +103 -0
package/ide/claude-code/.claude/commands/codeninja-db-modify.md +165 -0
package/ide/claude-code/.claude/commands/codeninja-db-seed.md +104 -0
package/ide/claude-code/.claude/commands/codeninja-db-sync.md +106 -0
package/ide/claude-code/.claude/commands/codeninja-debug.md +99 -0
package/ide/claude-code/.claude/commands/codeninja-design.md +68 -0
package/ide/claude-code/.claude/commands/codeninja-explain.md +61 -0
package/ide/claude-code/.claude/commands/codeninja-init.md +529 -0
package/ide/claude-code/.claude/commands/codeninja-integrate-api.md +453 -0
package/ide/claude-code/.claude/commands/codeninja-modularize.md +334 -0
package/ide/claude-code/.claude/commands/codeninja-optimize.md +129 -0
package/ide/claude-code/.claude/commands/codeninja-refactor.md +76 -0
package/ide/claude-code/.claude/commands/codeninja-review.md +87 -0
package/ide/claude-code/.claude/commands/codeninja-sync.md +964 -0
package/ide/claude-code/.claude/commands/codeninja-test.md +45 -0
package/ide/claude-code/.claude/commands/codeninja-validate-page.md +548 -0
package/ide/cursor/.cursor/rules/01-global-orchestrator.mdc +12 -13
package/ide/cursor/.cursor/rules/02-mcp-and-context.mdc +47 -31
package/ide/cursor/.cursor/rules/03-api-builder.mdc +32 -110
package/ide/cursor/.cursor/rules/04-nodejs-generation.mdc +58 -0
package/ide/cursor/.cursor/rules/05-database.mdc +54 -0
package/ide/cursor/.cursor/rules/06-reactjs.mdc +36 -0
package/ide/cursor/.cursor/rules/07-reactjs-generation.mdc +49 -0
package/ide/cursor/.cursor/rules/08-code-intelligence.mdc +56 -0
package/ide/cursor/.cursor/rules/09-workflow-steps.mdc +53 -0
package/ide/vscode/.github/copilot-instructions.md +67 -382
package/ide/vscode/.vscode/instructions/code-intelligence.instructions.md +58 -0
package/ide/vscode/.vscode/instructions/database.instructions.md +55 -0
package/ide/vscode/.vscode/instructions/nodejs.instructions.md +77 -0
package/ide/vscode/.vscode/instructions/reactjs.instructions.md +42 -0
package/package.json +2 -2
package/tasks/ask-hashing-library.task.md +31 -0
package/tasks/ask-language-type.task.md +26 -0
package/tasks/ask-new-module-name.task.md +13 -0
package/tasks/ask-new-service-name.task.md +13 -0
package/tasks/ask-old-module-name.task.md +15 -0
package/tasks/ask-old-service-name.task.md +13 -0
package/tasks/ask-orm-type.task.md +26 -0
package/tasks/collect-seed-data.task.md +19 -0
package/tasks/generate-app.task.md +42 -0
package/tasks/generate-common.task.md +13 -0
package/tasks/generate-constants.task.md +13 -0
package/tasks/generate-database.task.md +32 -0
package/tasks/generate-encryption.task.md +28 -0
package/tasks/generate-fast-defaults.task.md +7 -0
package/tasks/generate-hashing.task.md +180 -0
package/tasks/generate-headerValidator.task.md +13 -0
package/tasks/generate-ioRedis.task.md +20 -0
package/tasks/generate-language-en.task.md +12 -0
package/tasks/generate-logging.task.md +12 -0
package/tasks/generate-model.task.md +74 -6
package/tasks/generate-notification.task.md +12 -0
package/tasks/generate-package-json.task.md +69 -0
package/tasks/generate-prisma-client.task.md +56 -0
package/tasks/generate-prisma-schema.task.md +71 -0
package/tasks/generate-rateLimiter.task.md +20 -0
package/tasks/generate-readme.task.md +24 -0
package/tasks/generate-response.task.md +27 -0
package/tasks/generate-route-manager.task.md +32 -0
package/tasks/generate-route.task.md +37 -0
package/tasks/generate-swagger.task.md +8 -0
package/tasks/generate-template.task.md +12 -0
package/tasks/generate-tsconfig.task.md +38 -0
package/tasks/generate-validator.task.md +31 -0
package/ide/cursor/.cursor/rules/04-database.mdc +0 -90
package/ide/cursor/.cursor/rules/05-reactjs.mdc +0 -147
package/ide/cursor/.cursor/rules/06-code-intelligence.mdc +0 -112

package/tasks/generate-model.task.md CHANGED Viewed

@@ -19,6 +19,50 @@ name, primary table, and available columns.
 ---
+## ORM Branch
+Read `context.db.orm` before generating the model file.
+### If `orm == "prisma"` — generate Prisma-based model
+Import from the `config/prisma` singleton. Use Prisma Client API. Never use raw SQL.
+Example model function (JavaScript):
+```javascript
+const prisma = require('../../config/prisma');
+const { hashPassword, verifyPassword } = require('../../utilities/hashing');
+/**
+ * Registers a new user with hashed password.
+ *
+ * @param {Object} request - Decrypted request body.
+ * @param {number} user_id - Authenticated user ID (0 for public endpoint).
+ * @param {string} user_type - Authenticated user type.
+ * @returns {Promise<Object>} Standard response: { responsecode, responsemsg, responsedata }
+ */
+async function registerUser(request, user_id, user_type) {
+    const hashedPassword = await hashPassword(request.password);
+    const user = await prisma.users.create({
+        data: { email: request.email, password: hashedPassword, status: 1 },
+        select: { id: true, email: true }
+    });
+    return { responsecode: 1, responsemsg: 'register_success', responsedata: user };
+}
+module.exports = { registerUser };
+```
+Prisma model naming rules:
+- `tbl_users` → `prisma.users` (strip `tbl_` prefix, keep lowercase in queries)
+- Always use `select` to specify returned columns — never return all columns
+- Passwords: always call `hashPassword()` / `verifyPassword()` from utilities/hashing
+### If `orm == "none"` — generate raw SQL model (existing behavior)
+Continue with parameterized SQL queries as per the rest of this task file.
+---
 ## Dependencies to Import
 - `../../../config/database` — imported as `con`. Used for all DB
@@ -129,12 +173,36 @@ Every function generated by `@create-api` follows this pattern:
    error level with function name and error, then return the failure
    shape with keyword `rest_keywords_something_went_wrong`.
-### Password handling
-When the function receives or stores passwords:
-- For storing: call `encrypt(password)` from utilities/encryption.js.
-  Never store plaintext passwords.
-- For comparing: encrypt the incoming password and compare against the
-  stored encrypted value. Never decrypt stored passwords for comparison.
+## Password Handling in Model Files
+When a query involves a password column (login, register, change-password):
+**On registration / password save (JavaScript):**
+```javascript
+const { hashPassword } = require('../../utilities/hashing');
+// ...
+const hashedPassword = await hashPassword(request.password);
+// Store hashedPassword in DB — NEVER store request.password directly
+```
+**On login / password verify (JavaScript):**
+```javascript
+const { verifyPassword } = require('../../utilities/hashing');
+// ...
+const isMatch = await verifyPassword(request.password, dbRow.password);
+if (!isMatch) {
+    return { responsecode: 0, responsemsg: 'invalid_credentials', responsedata: [] };
+}
+```
+**TypeScript imports:**
+```typescript
+import { hashPassword, verifyPassword } from '../../utilities/hashing';
+```
+NEVER call `encrypt()` or `decrypt()` from `encryption.js` for password fields.
+NEVER store the raw plaintext password.
+NEVER store an AES-encrypted password — AES is reversible and not safe for password storage.
 ### Session generation (login/signup)
 When a function completes a successful login or signup:

package/tasks/generate-notification.task.md CHANGED Viewed

@@ -15,6 +15,18 @@ instance is exported.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `utilities/notification.ts`:**
+Same email/FCM notification utilities as JS variant with typed function signatures.
+All function parameters and returns explicitly typed.
+**JavaScript — generate `utilities/notification.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `firebase-admin` — imported as `admin`. Used for FCM push

package/tasks/generate-package-json.task.md CHANGED Viewed

@@ -81,6 +81,75 @@ Include based on context values:
 ---
+## Hashing Library Dependencies
+Read `context.current_init.hashing_library` (or `context.services[name].hashing_library`).
+If `hashing_library == "bcryptjs"`:
+Add to `dependencies`:
+```json
+"bcryptjs": "^2.4.3"
+```
+If TypeScript (`language == "typescript"`), also add to `devDependencies`:
+```json
+"@types/bcryptjs": "^2.4.4"
+```
+If `hashing_library == "argon2"`:
+Add to `dependencies`:
+```json
+"argon2": "^0.31.0"
+```
+(argon2 ships its own TypeScript types — no @types package needed)
+---
+## ORM Dependencies
+Read `context.db.orm`.
+If `orm == "prisma"`:
+Add to `dependencies`:
+```json
+"@prisma/client": "^5.0.0"
+```
+Add to `devDependencies`:
+```json
+"prisma": "^5.0.0"
+```
+Add to `scripts`:
+```json
+"postinstall": "prisma generate"
+```
+---
+## TypeScript Package.json Additions
+When `context.current_init.language == "typescript"`:
+Replace the default `"start": "node app.js"` with these scripts:
+```json
+"dev": "nodemon --exec ts-node app.ts",
+"build": "tsc",
+"start": "node dist/app.js",
+"start:dev": "ts-node app.ts"
+```
+Add to `devDependencies`:
+```json
+"typescript": "^5.4.0",
+"ts-node": "^10.9.2",
+"nodemon": "^3.1.0",
+"@types/node": "^20.14.0",
+"@types/express": "^4.17.21",
+"@types/cors": "^2.8.17"
+```
+Note: If `hashing_library == "bcryptjs"`, also add `"@types/bcryptjs": "^2.4.4"` to devDependencies (already covered in Hashing Library Dependencies section — do not duplicate).
+---
 ## Dev Dependencies (always included)
 ```json
 "devDependencies": {

package/tasks/generate-prisma-client.task.md ADDED Viewed

@@ -0,0 +1,56 @@
+---
+type: task
+name: generate-prisma-client
+---
+# Task: generate-prisma-client
+Condition: only run if `context.db.orm == "prisma"`. Otherwise skip entirely.
+Read: `context.current_init.language`
+Generate: `<service_name>/config/prisma.js` OR `<service_name>/config/prisma.ts`
+This file is the shared PrismaClient singleton. Model files import from here — never
+instantiate PrismaClient directly in model files (creates multiple connection pools).
+---
+## JavaScript variant
+```javascript
+const { PrismaClient } = require('@prisma/client');
+const prisma = new PrismaClient({
+    log: process.env.NODE_ENV === 'development' ? ['query', 'error', 'warn'] : ['error'],
+});
+module.exports = prisma;
+```
+---
+## TypeScript variant
+```typescript
+import { PrismaClient } from '@prisma/client';
+const prisma = new PrismaClient({
+    log: process.env.NODE_ENV === 'development' ? ['query', 'error', 'warn'] : ['error'],
+});
+export default prisma;
+```
+---
+## Import rule (enforce in all model files)
+```javascript
+// CORRECT — import the singleton
+const prisma = require('../../config/prisma');
+// WRONG — never instantiate directly in model files
+const { PrismaClient } = require('@prisma/client');
+const prisma = new PrismaClient(); // creates a new connection pool per instantiation
+```

package/tasks/generate-prisma-schema.task.md ADDED Viewed

@@ -0,0 +1,71 @@
+---
+type: task
+name: generate-prisma-schema
+---
+# Task: generate-prisma-schema
+Condition: only run if `context.db.orm == "prisma"`. Otherwise skip entirely.
+Read: `context.db.type`, `context.db.name`
+Generate: `<service_name>/prisma/schema.prisma`
+---
+## PostgreSQL
+```prisma
+generator client {
+  provider = "prisma-client-js"
+}
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+// Models are added by the @db:create-table command.
+// Each tbl_* table maps to a PascalCase Prisma model.
+// Example: tbl_users → model Users { ... } with @@map("tbl_users")
+```
+---
+## MySQL
+```prisma
+generator client {
+  provider = "prisma-client-js"
+}
+datasource db {
+  provider = "mysql"
+  url      = env("DATABASE_URL")
+}
+// Models are added by the @db:create-table command.
+```
+---
+## MongoDB
+```prisma
+generator client {
+  provider = "prisma-client-js"
+}
+datasource db {
+  provider = "mongodb"
+  url      = env("DATABASE_URL")
+}
+// Models are added by the @db:create-table command.
+// Note: MongoDB requires a replica set URL for Prisma.
+```
+---
+After generating, inform the user:
+"Run `npx prisma generate` after adding models to regenerate the Prisma client."

package/tasks/generate-rateLimiter.task.md CHANGED Viewed

@@ -16,6 +16,26 @@ as all other responses in the service.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `middleware/rateLimiter.ts`:**
+```typescript
+import rateLimit from 'express-rate-limit';
+export const rateLimiter = rateLimit({
+    windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '900000', 10),
+    max: parseInt(process.env.RATE_LIMIT_MAX || '100', 10),
+    standardHeaders: true,
+    legacyHeaders: false,
+});
+```
+**JavaScript — generate `middleware/rateLimiter.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `express-rate-limit` — the rate limiting library. Imported as

package/tasks/generate-readme.task.md CHANGED Viewed

@@ -14,6 +14,30 @@ from context to produce a readme specific to this service.
 ---
+## TypeScript README additions
+When `language == "typescript"`, add these commands to the generated README under a `## Development` heading:
+```markdown
+## Development
+```bash
+npm run dev       # Start with ts-node (hot reload, no build)
+npm run build     # Compile TypeScript to dist/
+npm start         # Run compiled output (production)
+npm test          # Run Jest tests
+```
+**First-time TypeScript setup:**
+```bash
+npm install
+npm run build
+npm start
+```
+```
+---
 ## Sections to Include
 ---

package/tasks/generate-response.task.md CHANGED Viewed

@@ -15,6 +15,33 @@ response shape in one place.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `response.ts`:**
+```typescript
+import { Request, Response } from 'express';
+/**
+ * Sends a standardized API response, encrypting if transport is encrypted.
+ *
+ * @param {Request} req - Express request object.
+ * @param {Response} res - Express response object.
+ * @param {number} code - Response code: 1 = success, 0 = error, -1 = session expired.
+ * @param {string} messageKey - Localization key for the message.
+ * @param {unknown[]} data - Response data array.
+ * @returns {Response} The Express response.
+ */
+export function sendResponse(req: Request, res: Response, code: number, messageKey: string, data: unknown[]): Response {
+    // implementation same as JS variant
+}
+```
+**JavaScript — generate `response.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `../utilities/encryption` — imports `encrypt` only

package/tasks/generate-route-manager.task.md CHANGED Viewed

@@ -15,6 +15,38 @@ new module means adding exactly one line to this file.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `route_manager.ts`:**
+```typescript
+import { Router } from 'express';
+import { rateLimiter } from '../../middleware/rateLimiter';
+import {
+    extractLanguage,
+    validateApiKey,
+    validateAuthToken,
+    decryptRequest
+} from '../../middleware/headerValidator';
+import <ModuleName>Router from './<ModuleName>/route';
+const router = Router();
+router.use(rateLimiter);
+router.use(extractLanguage);
+router.use(validateApiKey);
+// router.use(validateAuthToken); // uncomment for protected routes
+router.use(decryptRequest);
+router.use('/<path>', <ModuleName>Router);
+export { router };
+```
+**JavaScript — generate `route_manager.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `express` — for `express.Router()`.

package/tasks/generate-route.task.md CHANGED Viewed

@@ -19,6 +19,43 @@ primary table, and auth requirements for the new route being added.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `route.ts`:**
+```typescript
+import { Router, Request, Response } from 'express';
+import Validator from 'validatorjs';
+import { sendResponse } from '../../utilities/response';
+import * as Model from './<module>_model';
+const router = Router();
+// POST /<path> — <endpoint description>
+router.post('/<path>', async (req: Request, res: Response) => {
+    const rules: Record<string, string> = {
+        field: 'required|string'
+    };
+    const validation = new Validator(req.body, rules);
+    if (validation.fails()) {
+        return sendResponse(req, res, 0, 'validation_error', validation.errors.all());
+    }
+    try {
+        const result = await Model.functionName(req.body, 0, '');
+        return sendResponse(req, res, result.responsecode, result.responsemsg, result.responsedata);
+    } catch (err) {
+        return sendResponse(req, res, 0, 'server_error', []);
+    }
+});
+export default router;
+```
+**JavaScript — generate `route.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `express` — for `express.Router()`

package/tasks/generate-swagger.task.md CHANGED Viewed

@@ -17,6 +17,14 @@ returns.
 ---
+## Language Branch
+TypeScript services generate the same `swagger_doc.json` file as JavaScript services.
+The swagger document is always JSON — no TypeScript syntax is involved.
+No branching needed for this task — generate identically for both languages.
+---
 ## Generation Modes
 This task is called in two different situations. The agent reads the

package/tasks/generate-template.task.md CHANGED Viewed

@@ -16,6 +16,18 @@ fully responsive, and styled for modern email clients.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `config/template.ts`:**
+Same email/notification template content as JS variant.
+Use `export const` and add string type annotations where applicable.
+**JavaScript — generate `config/template.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `./constants` — imported as `GLOBALS`. Used for APP_NAME, LOGO,

package/tasks/generate-tsconfig.task.md ADDED Viewed

@@ -0,0 +1,38 @@
+---
+type: task
+name: generate-tsconfig
+---
+# Task: generate-tsconfig
+Condition: only run if `context.current_init.language == "typescript"`. Otherwise skip entirely.
+Generate: `<service_name>/tsconfig.json`
+```json
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "lib": ["ES2020"],
+    "outDir": "./dist",
+    "rootDir": "./",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true
+  },
+  "include": [
+    "./**/*.ts"
+  ],
+  "exclude": [
+    "node_modules",
+    "dist",
+    "**/*.test.ts"
+  ]
+}
+```

package/tasks/generate-validator.task.md CHANGED Viewed

@@ -15,6 +15,37 @@ invalid input without throwing.
 ---
+## Language Branch
+Read `context.current_init.language` (or `context.services[name].language`).
+**TypeScript — generate `utilities/validator.ts`:**
+```typescript
+import Validator from 'validatorjs';
+import { Request, Response, NextFunction } from 'express';
+/**
+ * Validates request body against validatorjs rules; calls next() if valid, sends 400 if not.
+ *
+ * @param {Record<string, string>} rules - Validatorjs rule object.
+ * @returns Express middleware function.
+ */
+export function checkValidationRules(rules: Record<string, string>) {
+    return (req: Request, res: Response, next: NextFunction): void => {
+        const validation = new Validator(req.body, rules);
+        if (validation.fails()) {
+            res.status(400).json({ status: 0, message: 'Validation failed', data: validation.errors.all() });
+            return;
+        }
+        next();
+    };
+}
+```
+**JavaScript — generate `utilities/validator.js` (existing behavior — see below)**
+---
 ## Dependencies to Import
 - `validatorjs` — imported as `Validator` (capital V). This is the