create-agdf 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -2
- package/bin/create-agdf.js +1 -0
- package/generated/.github/skills/README.md +3 -2
- package/generated/.github/skills/agdf-clean-implementation-review/SKILL.md +1 -1
- package/generated/.github/skills/agdf-code-review/SKILL.md +94 -0
- package/generated/.github/skills/agdf-qa-gate/SKILL.md +2 -2
- package/generated/.github/skills/agdf-release-or/SKILL.md +2 -1
- package/generated/.github/skills/agdf-runtime-contract.md +1 -0
- package/generated/AGENTS.md +2 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -23,8 +23,13 @@ If the target repository already has an `AGENTS.md`, `create-agdf` preserves it
|
|
|
23
23
|
|
|
24
24
|
## Single source of truth
|
|
25
25
|
|
|
26
|
-
The AGDF
|
|
27
|
-
|
|
26
|
+
The repository-facing AGDF sources are maintained in:
|
|
27
|
+
|
|
28
|
+
- `AGENTS.md`
|
|
29
|
+
- `plugin/skills/`
|
|
30
|
+
- `plugin/meta/agdf-runtime-contract.md`
|
|
31
|
+
|
|
32
|
+
The published package assets are generated from these repository sources only at pack/publish time. The package does not keep a second manually maintained template tree.
|
|
28
33
|
|
|
29
34
|
```bash
|
|
30
35
|
npm run sync-package-assets
|
package/bin/create-agdf.js
CHANGED
|
@@ -18,6 +18,7 @@ const copilotSkillFiles = [
|
|
|
18
18
|
join(".github", "skills", "agdf-brownfield-analysis", "SKILL.md"),
|
|
19
19
|
join(".github", "skills", "agdf-task-plan-review", "SKILL.md"),
|
|
20
20
|
join(".github", "skills", "agdf-clean-implementation-review", "SKILL.md"),
|
|
21
|
+
join(".github", "skills", "agdf-code-review", "SKILL.md"),
|
|
21
22
|
join(".github", "skills", "agdf-qa-gate", "SKILL.md"),
|
|
22
23
|
join(".github", "skills", "agdf-release-or", "SKILL.md"),
|
|
23
24
|
join(".github", "skills", "agdf-delivery-closeout", "SKILL.md"),
|
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
# AGDF repository skills
|
|
2
2
|
|
|
3
|
-
These repository skills
|
|
3
|
+
These repository skills were generated from the AGDF source repository and are intended to be checked into this repository.
|
|
4
4
|
|
|
5
5
|
## Skills
|
|
6
6
|
|
|
7
7
|
- `agdf-brownfield-analysis`
|
|
8
8
|
- `agdf-clean-implementation-review`
|
|
9
|
+
- `agdf-code-review`
|
|
9
10
|
- `agdf-delivery-closeout`
|
|
10
11
|
- `agdf-gate-check`
|
|
11
12
|
- `agdf-qa-gate`
|
|
@@ -14,4 +15,4 @@ These repository skills are generated from `plugin/skills/`, which is the single
|
|
|
14
15
|
|
|
15
16
|
## Runtime contract
|
|
16
17
|
|
|
17
|
-
Shared output and gate rules live in `agdf-runtime-contract.md`.
|
|
18
|
+
Shared output and gate rules for this checkout live in `agdf-runtime-contract.md`.
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: agdf-code-review
|
|
3
|
+
description: Use this skill after code changes and before QA to produce the mandatory Code Review Report for correctness, regression, security, and maintainability findings in the actual diff. It standardizes the CR step without replacing TP review, clean review, or QA.
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# code-review
|
|
7
|
+
|
|
8
|
+
## Purpose
|
|
9
|
+
Produce the mandatory Code Review Report (CR) for a relevant run.
|
|
10
|
+
|
|
11
|
+
It answers:
|
|
12
|
+
|
|
13
|
+
- whether the changed code shows functional defects, security issues, regression risks, or maintainability problems that matter
|
|
14
|
+
- whether findings are blocking, revisable, or advisory
|
|
15
|
+
- which concrete evidence in files, diffs, tests, or runtime observations supports each finding
|
|
16
|
+
- which issues must be fixed before QA
|
|
17
|
+
- whether Brownfield, TP, or clean-review follow-up remains open
|
|
18
|
+
|
|
19
|
+
## Runtime Contract
|
|
20
|
+
Use `../agdf-runtime-contract.md` for Quality Contract output, Context Graph fields, gate terms, and non-duplication rules.
|
|
21
|
+
|
|
22
|
+
Code-review-specific output must make actual findings, missing review scope, evidence strength, and the next required step visible.
|
|
23
|
+
|
|
24
|
+
## Rules
|
|
25
|
+
1. Review the actual diff and impacted code, not intent alone.
|
|
26
|
+
2. Findings require concrete evidence.
|
|
27
|
+
3. Prioritize correctness, safety, data integrity, compatibility, and maintainability over style.
|
|
28
|
+
4. Do not generate style-only noise.
|
|
29
|
+
5. Missing review scope or evidence must stay visible.
|
|
30
|
+
6. Brownfield owners and existing conventions are binding unless deviation is justified.
|
|
31
|
+
7. Distinguish blocking defects from fixable review findings.
|
|
32
|
+
8. CR does not grant QA pass.
|
|
33
|
+
|
|
34
|
+
## When To Use
|
|
35
|
+
- after `CD+Tests`
|
|
36
|
+
- before `QA`
|
|
37
|
+
- when code changes exist
|
|
38
|
+
- when multiple agents or contributors touched the same area
|
|
39
|
+
- when a commit-near change needs explicit review evidence
|
|
40
|
+
|
|
41
|
+
## Inputs
|
|
42
|
+
Use what is available:
|
|
43
|
+
|
|
44
|
+
- changed files and diff
|
|
45
|
+
- affected neighbouring code
|
|
46
|
+
- test/build results
|
|
47
|
+
- Brownfield Analysis
|
|
48
|
+
- Task Plan and TP Review
|
|
49
|
+
- Clean Implementation Review
|
|
50
|
+
- runtime or UI evidence
|
|
51
|
+
- known risks or follow-up decisions
|
|
52
|
+
|
|
53
|
+
If no code changes are present, do not invent a CR result.
|
|
54
|
+
|
|
55
|
+
## Workflow
|
|
56
|
+
1. Inspect the changed files and directly impacted neighbours.
|
|
57
|
+
2. Check correctness, edge cases, and error paths.
|
|
58
|
+
3. Check security, data handling, and state ownership risks.
|
|
59
|
+
4. Check regression and compatibility risks.
|
|
60
|
+
5. Check maintainability only where it creates real defect or change-risk exposure.
|
|
61
|
+
6. Classify the overall result:
|
|
62
|
+
- `pass`
|
|
63
|
+
- `revise`
|
|
64
|
+
- `block`
|
|
65
|
+
- `not_applicable`
|
|
66
|
+
7. Set exactly one required next step.
|
|
67
|
+
|
|
68
|
+
## Output
|
|
69
|
+
Use this compact structure:
|
|
70
|
+
|
|
71
|
+
```text
|
|
72
|
+
## Code Review
|
|
73
|
+
- decision: pass | revise | block | not_applicable
|
|
74
|
+
- findings:
|
|
75
|
+
- [severity] file/path - issue - evidence
|
|
76
|
+
- missing_evidence:
|
|
77
|
+
- risks:
|
|
78
|
+
- required_next_step:
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
## Decision Guidance
|
|
82
|
+
- `pass`: no meaningful review finding remains evident in reviewed scope.
|
|
83
|
+
- `revise`: fixable correctness, regression, or maintainability issues remain.
|
|
84
|
+
- `block`: a hard defect, security risk, data-integrity risk, or unresolved critical uncertainty remains.
|
|
85
|
+
- `not_applicable`: no code changes were present for review.
|
|
86
|
+
|
|
87
|
+
## Forbidden
|
|
88
|
+
This skill must not:
|
|
89
|
+
|
|
90
|
+
- decide final QA
|
|
91
|
+
- accept a green build as sufficient review evidence
|
|
92
|
+
- hide missing review scope
|
|
93
|
+
- generate style-only findings
|
|
94
|
+
- duplicate TP Review or QA as if they were the same step
|
|
@@ -40,7 +40,7 @@ QA-specific `decision` is exactly `pass | revise | block`.
|
|
|
40
40
|
|
|
41
41
|
## When To Use
|
|
42
42
|
- after `CD+Tests`
|
|
43
|
-
- after
|
|
43
|
+
- after `agdf-code-review`
|
|
44
44
|
- after `agdf-task-plan-review`
|
|
45
45
|
- after `agdf-clean-implementation-review`
|
|
46
46
|
- before UAT
|
|
@@ -58,7 +58,7 @@ Use what is available:
|
|
|
58
58
|
- approved TP and TP Review
|
|
59
59
|
- Brownfield Analysis
|
|
60
60
|
- Clean Implementation Review
|
|
61
|
-
- Code Review Report
|
|
61
|
+
- `agdf-code-review` or Code Review Report
|
|
62
62
|
- test/build results
|
|
63
63
|
- documentation impact review
|
|
64
64
|
- runtime or UI evidence
|
|
@@ -46,7 +46,7 @@ OR-specific output must make gate status, delivered and intentionally not delive
|
|
|
46
46
|
- after artefact creation
|
|
47
47
|
- when a gate blocks
|
|
48
48
|
- after `CD+Tests`
|
|
49
|
-
- after
|
|
49
|
+
- after `agdf-code-review`
|
|
50
50
|
- after QA
|
|
51
51
|
- after UAT
|
|
52
52
|
- whenever a compact audit closeout is needed
|
|
@@ -62,6 +62,7 @@ Use what is available:
|
|
|
62
62
|
- `agdf-task-plan-review`
|
|
63
63
|
- `agdf-brownfield-analysis`
|
|
64
64
|
- `agdf-clean-implementation-review`
|
|
65
|
+
- `agdf-code-review`
|
|
65
66
|
- QA Report
|
|
66
67
|
- UAT Report
|
|
67
68
|
- documentation impact review
|
|
@@ -22,6 +22,7 @@ Structured Delivery must not bypass missing approvals.
|
|
|
22
22
|
- Implicit consent is not approval.
|
|
23
23
|
- The earliest blocking gate wins.
|
|
24
24
|
- `CD+Tests` is implementation and test status only, not a delivery signal.
|
|
25
|
+
- `agdf-code-review` standardizes the mandatory `CR` step, but does not replace QA.
|
|
25
26
|
- `agdf-qa-gate` decides final `pass | revise | block`.
|
|
26
27
|
- `agdf-release-or` reports the run, but does not replace QA.
|
|
27
28
|
|
package/generated/AGENTS.md
CHANGED
|
@@ -44,6 +44,7 @@ Evidence overrides assumptions and memory. If evidence is missing, state the unc
|
|
|
44
44
|
| `agdf-brownfield-analysis` | before non-trivial implementation in existing systems | clarifies reuse, owners, risks |
|
|
45
45
|
| `agdf-task-plan-review` | after implementation and before QA, verify TP coverage | no final QA decision |
|
|
46
46
|
| `agdf-clean-implementation-review` | inspect workarounds, fallbacks, parallel structures, or symptom fixes | not a TP or QA substitute |
|
|
47
|
+
| `agdf-code-review` | mandatory CR step after code changes, focused on defects, regression, and security findings | does not replace TP review, clean review, or QA |
|
|
47
48
|
| `agdf-qa-gate` | final QA decision | only instance for `pass | revise | block` |
|
|
48
49
|
| `agdf-release-or` | auditable closeout for every relevant run | not a QA substitute |
|
|
49
50
|
| `agdf-delivery-closeout` | commit/PR-near handoff after QA/OR/UAT | never performs VCS actions automatically |
|
|
@@ -52,7 +53,7 @@ Select exactly one primary skill first. Add more only when they cover a distinct
|
|
|
52
53
|
|
|
53
54
|
## Skill Contract
|
|
54
55
|
For repeated output, gate, Quality Contract, and Context Graph rules, use:
|
|
55
|
-
`
|
|
56
|
+
the repository-local `agdf-runtime-contract.md` artifact.
|
|
56
57
|
|
|
57
58
|
Skills may include short runtime reminders, but must not carry a second complete rule or code table.
|
|
58
59
|
|