create-issflow 1.2.1 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -3
- package/bin/cli.js +21 -7
- package/package.json +1 -1
- package/template/.claude/agents/e2e-runner.md +1 -0
- package/template/.claude/agents/planner.md +17 -2
- package/template/.claude/agents/synthesizer.md +3 -0
- package/template/.claude/agents/test-author.md +6 -2
- package/template/.claude/commands/change-request.md +10 -2
- package/template/.claude/commands/log-issue.md +3 -1
- package/template/.claude/commands/overview.md +34 -5
- package/template/.claude/commands/phase.md +28 -5
- package/template/.claude/commands/propose.md +18 -7
- package/template/.claude/commands/quick.md +6 -2
- package/template/.claude/commands/release.md +55 -0
- package/template/.claude/commands/replan.md +12 -6
- package/template/.claude/commands/sprint.md +238 -0
- package/template/.claude/commands/uat.md +36 -0
- package/template/.claude/commands/unstuck.md +1 -1
- package/template/.claude/hooks/context-guard.js +11 -10
- package/template/.claude/hooks/session-start.js +18 -1
- package/template/.claude/istartsoft-flow/METHODOLOGY.md +127 -21
- package/template/.claude/templates/proposal.html +87 -101
package/README.md
CHANGED
|
@@ -25,9 +25,9 @@ Flags:
|
|
|
25
25
|
The portable kit (every tool) in `<project>/.claude/`:
|
|
26
26
|
|
|
27
27
|
- `agents/` — planner · researcher · implementer · test-author · debugger · e2e-runner · synthesizer
|
|
28
|
-
- `commands/` — `/overview` `/propose` `/phase` `/ui-audit` `/qa-audit` `/security-audit` `/change-request` `/replan` `/quick` `/synthesize` `/store-wisdom` `/log-issue` `/log-decision` `/unstuck`
|
|
29
|
-
- `skills/` — caveman · grill-me · karpathy-guidelines · ux-design
|
|
30
|
-
- `hooks/` — session-start · pre-compact · subagent-stop
|
|
28
|
+
- `commands/` — `/overview` `/propose` `/phase` `/sprint` `/ui-audit` `/qa-audit` `/security-audit` `/release` `/uat` `/change-request` `/replan` `/quick` `/synthesize` `/runbook` `/store-wisdom` `/log-issue` `/log-decision` `/unstuck`
|
|
29
|
+
- `skills/` — caveman · grill-me · karpathy-guidelines · ux-design · security · code-standards
|
|
30
|
+
- `hooks/` — session-start · context-guard · pre-compact · subagent-stop
|
|
31
31
|
- `istartsoft-flow/METHODOLOGY.md` — the full methodology (single source of truth)
|
|
32
32
|
|
|
33
33
|
Plus a root `AGENTS.md` (the open standard) and the per-tool adapter:
|
package/bin/cli.js
CHANGED
|
@@ -211,9 +211,9 @@ function agentsMd() {
|
|
|
211
211
|
'## Roles — `.claude/agents/`', '',
|
|
212
212
|
'planner · researcher · implementer · test-author · debugger · e2e-runner · synthesizer', '',
|
|
213
213
|
'## Procedures — `.claude/commands/` (run as `/name`)', '',
|
|
214
|
-
'/overview · /propose · /phase · /ui-audit · /qa-audit · /security-audit ·',
|
|
215
|
-
'/change-request · /replan · /quick · /synthesize · /runbook · /store-wisdom ·
|
|
216
|
-
'/log-decision · /unstuck', '',
|
|
214
|
+
'/overview · /propose · /phase · /sprint · /ui-audit · /qa-audit · /security-audit · /release ·',
|
|
215
|
+
'/uat · /change-request · /replan · /quick · /synthesize · /runbook · /store-wisdom ·',
|
|
216
|
+
'/log-issue · /log-decision · /unstuck', '',
|
|
217
217
|
'## Skills — `.claude/skills/` (loaded on demand)', '',
|
|
218
218
|
'caveman · grill-me · karpathy-guidelines · ux-design · security (Secure SDLC) · code-standards', '',
|
|
219
219
|
'## Autonomy', '',
|
|
@@ -230,7 +230,8 @@ function agentsMd() {
|
|
|
230
230
|
'change · 9 UI conforms to the `ux-design` cookbook + wireframe frame · 10 no-rationalization ·',
|
|
231
231
|
'11 Secure SDLC: threat-model → secure coding → SAST/SCA/secrets each phase → pentest',
|
|
232
232
|
'gate + security review before deploy (`security` skill) · 12 code-standards gate:',
|
|
233
|
-
'lint/format clean + naming per language idiom + declared architecture (`code-standards`)
|
|
233
|
+
'lint/format clean + naming per language idiom + declared architecture (`code-standards`) ·',
|
|
234
|
+
'13 PLAN-APPROVAL gate: no phase/sprint starts until `docs/PLAN.md` is human-approved.', '',
|
|
234
235
|
'## Your stack', '',
|
|
235
236
|
'Declare your stack (language, framework, infra, auth, test + E2E runner,',
|
|
236
237
|
'planning source) once in `docs/OVERVIEW.md`. Every rule references *your declared',
|
|
@@ -265,9 +266,15 @@ function flowConfig() {
|
|
|
265
266
|
+ 'Some 1M-context models report their id WITHOUT a [1m] tag, so auto-detect '
|
|
266
267
|
+ 'assumes 200000 and may false-gate around 156k — if you run a 1M model, set '
|
|
267
268
|
+ 'window:1000000 here by hand. warnPct = soft non-blocking nudge; gatePct = hard '
|
|
268
|
-
+ 'block on NEW build work (Edit/Write
|
|
269
|
-
+ '(docs/**, STATE/ISSUES/snapshots)
|
|
270
|
-
+ 'never
|
|
269
|
+
+ 'block on NEW build work (Edit/Write to SOURCE files). Checkpoint paths '
|
|
270
|
+
+ '(docs/**, STATE/ISSUES/snapshots) and all Bash are never blocked; Task '
|
|
271
|
+
+ 'delegation is never gated (a subagent isolates noise and shrinks context).',
|
|
272
|
+
},
|
|
273
|
+
sprint: {
|
|
274
|
+
defaultCapacity: 8,
|
|
275
|
+
_note: 'Sprint layer (/sprint). defaultCapacity = points committed to the FIRST '
|
|
276
|
+
+ 'sprint before any velocity history exists; later sprints size to the rolling '
|
|
277
|
+
+ 'completed-velocity average. Optional — /sprint falls back to 8 if absent.',
|
|
271
278
|
},
|
|
272
279
|
}, null, 2) + '\n';
|
|
273
280
|
}
|
|
@@ -290,6 +297,13 @@ function main() {
|
|
|
290
297
|
writeFile(rel, fs.readFileSync(src, 'utf8'));
|
|
291
298
|
}
|
|
292
299
|
|
|
300
|
+
// 1b. integrity: confirm the methodology resolved on disk (load-bearing sentinel).
|
|
301
|
+
const methPath = path.join(CWD, '.claude', 'istartsoft-flow', 'METHODOLOGY.md');
|
|
302
|
+
const SENTINEL = 'ISTARTSOFTFLOW-AGENTS-SENTINEL-v2.0';
|
|
303
|
+
if (!DRY && (!fs.existsSync(methPath) || !fs.readFileSync(methPath, 'utf8').includes(SENTINEL))) {
|
|
304
|
+
warnings.push(`integrity: ${SENTINEL} not found in installed METHODOLOGY.md — the kit may be incomplete; re-run create-issflow (or npm run build from source).`);
|
|
305
|
+
}
|
|
306
|
+
|
|
293
307
|
// 2. AGENTS.md — the open-standard entry point.
|
|
294
308
|
writeFile('AGENTS.md', agentsMd());
|
|
295
309
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "create-issflow",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.5.0",
|
|
4
4
|
"description": "Scaffold the iStartSoftFlow AI-coding workflow into a project. Stack-agnostic, tool-agnostic (Claude Code, Codex, Cursor, Gemini, Aider), non-destructive.",
|
|
5
5
|
"bin": {
|
|
6
6
|
"create-issflow": "bin/cli.js"
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
name: e2e-runner
|
|
3
|
+
description: Writes and runs functional browser E2E (your declared E2E runner, e.g. Playwright) BLIND — reads the acceptance spec, OVERVIEW (stack), docs/ENDPOINTS.md, and the E2E runner config, never the implementation. Writes a trace to docs/research/e2e-<phase-slug>.md; returns a terse summary.
|
|
3
4
|
tools: Read, Grep, Glob, Write, Bash
|
|
4
5
|
model: opus
|
|
5
6
|
---
|
|
@@ -43,6 +43,12 @@ window. If a phase feels big, split it.
|
|
|
43
43
|
money, or PII), add a `security:` note: threat-model it (STRIDE) and fold abuse
|
|
44
44
|
cases into the acceptance criteria as negative cases; set the ASVS level (default
|
|
45
45
|
L2). This is the design stage of the Secure SDLC (`security` skill).
|
|
46
|
+
- SPRINT-READY (so the optional `/sprint` layer needs no rework): give every phase a
|
|
47
|
+
relative effort estimate `[N pts]` (Fibonacci 1/2/3/5/8) in its header, and group
|
|
48
|
+
consecutive phases under `## Sprint <n>: <name> [goal: <one-line increment>]`
|
|
49
|
+
headers — each sprint a coherent, demoable theme of a few phases. If you cannot
|
|
50
|
+
size a sprint yet, still tag the points; `/sprint plan` will do the grouping from
|
|
51
|
+
the points + capacity. A phase that feels `>8 pts` is too big — split it.
|
|
46
52
|
|
|
47
53
|
LAST PHASE RULE — the final code phase (the highest-numbered phase you write)
|
|
48
54
|
MUST contain a deployment task block:
|
|
@@ -61,11 +67,19 @@ docs/PLAN.md format:
|
|
|
61
67
|
|
|
62
68
|
# Plan: <project>
|
|
63
69
|
<!-- infra: managed (Phase 0 N/A) | self-managed (Phase 0 below) -->
|
|
70
|
+
> Approval: PENDING (hard rule 13 — PLAN-APPROVAL gate; no phase/sprint runs until a human signs this off via the `/overview` gate)
|
|
71
|
+
|
|
72
|
+
Keep the header VALUE a single leading token — `PENDING` here, later
|
|
73
|
+
`approved <date> v<n>` — so the gate readers (`/phase`, `/sprint`) match the first
|
|
74
|
+
token unambiguously. Do not put prose containing the word `approved` after a
|
|
75
|
+
`PENDING` value, or a substring check could false-pass the gate.
|
|
64
76
|
|
|
65
77
|
## Phase 0: infra setup [status: pending] ← omit entirely if infra is managed
|
|
66
78
|
|
|
67
79
|
|
|
68
|
-
##
|
|
80
|
+
## Sprint 1: <name> [goal: <one-line user-visible increment>] ← sprint headers optional; group a few phases
|
|
81
|
+
|
|
82
|
+
## Phase 1: <name> [5 pts] [status: pending]
|
|
69
83
|
|
|
70
84
|
- slice: <what works end-to-end after this phase>
|
|
71
85
|
- rationale: <why this slice, why now — the user / business value (from the PRD)>
|
|
@@ -90,4 +104,5 @@ docs/PLAN.md format:
|
|
|
90
104
|
|
|
91
105
|
```
|
|
92
106
|
Order phases by dependency. Phase 0 first IF infra is self-managed; otherwise
|
|
93
|
-
start at Phase 1.
|
|
107
|
+
start at Phase 1. Always write the `> Approval: PENDING` header — the plan is unapproved
|
|
108
|
+
until the `/overview` PLAN-APPROVAL gate stamps it (hard rule 13). Stop. Do not implement.
|
|
@@ -21,6 +21,9 @@ Do NOT touch docs/ENDPOINTS.md — owned by implementer.
|
|
|
21
21
|
- what was just completed (1-3 bullets)
|
|
22
22
|
- the immediate next action
|
|
23
23
|
- any open blocker
|
|
24
|
+
PRESERVE verbatim (never blank on rewrite): the `plan:` line (the PLAN-APPROVAL
|
|
25
|
+
sign-off record, hard rule 13) and the `sprint:` line (active-sprint marker) if
|
|
26
|
+
present — load-bearing gate/standup state, not transient progress.
|
|
24
27
|
Target: under 25 lines.
|
|
25
28
|
|
|
26
29
|
2. ISSUES.md — dedup + compress:
|
|
@@ -31,8 +31,12 @@ peek at, your blindness is STRUCTURAL, not honor-system.
|
|
|
31
31
|
|
|
32
32
|
## TWO SUITES — write BOTH
|
|
33
33
|
|
|
34
|
-
1. MOCK suite — fast, no external dependency. Mocks ONLY the external boundary
|
|
35
|
-
|
|
34
|
+
1. MOCK suite — fast, no external dependency. Mocks ONLY the external boundary
|
|
35
|
+
(the network / 3rd-party seam). Code/API-level — not browser E2E.
|
|
36
|
+
2. REAL API suite — the SAME tests with no mocks, hitting the real external
|
|
37
|
+
boundary. The phase gate runs against THIS suite (rules 5–6); a green mock
|
|
38
|
+
suite alone can never close a phase. Mock vs real is a fixture/env FLAG on the
|
|
39
|
+
same test (see Test placement), not a duplicated file.
|
|
36
40
|
|
|
37
41
|
## Test placement (regression layout)
|
|
38
42
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
description: Handle a mid-project requirement change — assess impact, re-estimate effort + cost, log the change order, then update the plan + proposal. Run whenever scope changes after the proposal is approved.
|
|
3
|
-
argument-hint: [the requested change]
|
|
3
|
+
argument-hint: [the requested change · "dry-run" to preview impact without logging]
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
Caveman ULTRA mode. You are the ORCHESTRATOR.
|
|
@@ -8,6 +8,11 @@ Caveman ULTRA mode. You are the ORCHESTRATOR.
|
|
|
8
8
|
A change request is a COMMERCIAL event, not just a re-plan: changing scope changes
|
|
9
9
|
cost and timeline. Handle it transparently and fairly. Change: $ARGUMENTS
|
|
10
10
|
|
|
11
|
+
DRY-RUN: if `$ARGUMENTS` contains `dry-run`/`--dry-run`, do the impact analysis +
|
|
12
|
+
re-estimate but EXECUTE NOTHING — print the ACTION PLAN (cost/scope/timeline delta,
|
|
13
|
+
files you'd touch) and STOP. No change order is logged, no plan/proposal is edited.
|
|
14
|
+
(METHODOLOGY → Dry-run.)
|
|
15
|
+
|
|
11
16
|
## PRE-FLIGHT
|
|
12
17
|
Read `docs/PROPOSAL.md` (the approved baseline), `docs/PLAN.md`, `docs/STATE.md`,
|
|
13
18
|
and `docs/CHANGES.md` (create if missing). No approved proposal yet -> you're still
|
|
@@ -44,7 +49,10 @@ gate — always interactive).
|
|
|
44
49
|
- **Approved** -> set CR status `approved`; bump PROPOSAL.md to a new version (vN+1)
|
|
45
50
|
with the delta folded in; re-render `docs/proposal.html` from it (same template +
|
|
46
51
|
language); then dispatch `/replan` to apply the phase changes to PLAN.md (done
|
|
47
|
-
phases stay frozen). Update STATE.md.
|
|
52
|
+
phases stay frozen). Update STATE.md. NOTE: `/replan` reverts PLAN.md to
|
|
53
|
+
`> Approval: PENDING` and re-runs the PLAN-APPROVAL gate (hard rule 13) — the
|
|
54
|
+
commercial CR sign-off is SEPARATE from the plan sign-off, so `/phase` and
|
|
55
|
+
`/sprint` stay blocked until you also re-approve the revised plan.
|
|
48
56
|
- **Rejected** -> set CR status `rejected`; PLAN + PROPOSAL unchanged.
|
|
49
57
|
|
|
50
58
|
## STEP 6 — RECORD
|
|
@@ -12,7 +12,7 @@ Canonical format:
|
|
|
12
12
|
|
|
13
13
|
### <short error title — searchable, literal error keywords>
|
|
14
14
|
|
|
15
|
-
- [
|
|
15
|
+
- [ ] open (or “- [x] resolved” once fixed)
|
|
16
16
|
- symptom: <what was observed>
|
|
17
17
|
- root cause: <the REAL underlying cause>
|
|
18
18
|
- solution: <exact fix, or “pending”>
|
|
@@ -23,6 +23,8 @@ Rules:
|
|
|
23
23
|
- title must contain literal error keywords -> grep finds it.
|
|
24
24
|
- root cause is the real cause, not "the line threw an error".
|
|
25
25
|
- always fill "failed attempts" — stops repeated dead ends.
|
|
26
|
+
- open issues use the empty box `- [ ]`; resolved are checked `- [x] resolved`
|
|
27
|
+
(the SessionStart hook surfaces every `- [ ]` as open — keep the box empty until fixed).
|
|
26
28
|
- open issues go at the TOP; resolved below; archived oldest at bottom.
|
|
27
29
|
|
|
28
30
|
Confirm the entry back in 2 lines.
|
|
@@ -75,6 +75,20 @@ Store the round-1 answers as working context — do NOT write OVERVIEW.md yet.
|
|
|
75
75
|
|
|
76
76
|
---
|
|
77
77
|
|
|
78
|
+
### Foundations sign-off (confirm BEFORE planning)
|
|
79
|
+
|
|
80
|
+
5b. Before the `planner` runs, present the FOUNDATIONS for explicit human confirmation
|
|
81
|
+
— the whole plan is built on these, so lock them first. Show a concise summary and
|
|
82
|
+
STOP for sign-off (planning always asks, both modes):
|
|
83
|
+
- **Tech stack** — language · framework · infra · auth · datastore · test + E2E runner
|
|
84
|
+
- **Architecture** — the pattern (Feature-Based by default) + the folder layout
|
|
85
|
+
- **UX direction** — design system / tokens + the wireframe baseline (the frame)
|
|
86
|
+
- **Data & integrations** — core data model + external services + their limits
|
|
87
|
+
- **Conventions** — naming idiom (`code-standards`) + autonomy mode (AUTO / GUIDED)
|
|
88
|
+
- **Estimation config** — unit · rate card · currency · contingency (if quoting)
|
|
89
|
+
On any "change X" → revise OVERVIEW.md and re-confirm. Only a signed-off foundation
|
|
90
|
+
proceeds to the planner. (This is the planning confirmation gate.)
|
|
91
|
+
|
|
78
92
|
### Plan
|
|
79
93
|
|
|
80
94
|
6. Hand OVERVIEW.md + design-research findings to the `planner` subagent.
|
|
@@ -89,6 +103,7 @@ Store the round-1 answers as working context — do NOT write OVERVIEW.md yet.
|
|
|
89
103
|
# STATE
|
|
90
104
|
|
|
91
105
|
phase: 0 (pending)
|
|
106
|
+
plan: PENDING
|
|
92
107
|
completed: project bootstrapped — design research done, double grill done
|
|
93
108
|
blocker: none
|
|
94
109
|
|
|
@@ -97,17 +112,31 @@ blocker: none
|
|
|
97
112
|
|
|
98
113
|
9. Create empty docs/HISTORY.md.
|
|
99
114
|
|
|
100
|
-
|
|
101
|
-
11. Create docs/ENDPOINTS.md:
|
|
115
|
+
10. Create docs/ENDPOINTS.md:
|
|
102
116
|
```
|
|
103
117
|
# Endpoints — <project name>
|
|
104
118
|
> Maintained by implementer. Updated each phase.
|
|
105
119
|
> Base URL: (populated after deployment phase)
|
|
106
120
|
```
|
|
107
121
|
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
122
|
+
---
|
|
123
|
+
|
|
124
|
+
### PLAN-APPROVAL gate (hard rule 13 — always interactive, both modes)
|
|
125
|
+
|
|
126
|
+
11. The plan is the contract the whole AUTO dev loop builds against, so it ends with a
|
|
127
|
+
human sign-off — the planning twin of the `/propose` commercial gate.
|
|
128
|
+
|
|
129
|
+
- SHOW me PLAN.md (and note any open risks the planner flagged). **STOP for approval.**
|
|
130
|
+
- On **approval**: record the sign-off in three places —
|
|
131
|
+
1. stamp the PLAN.md header `> Approval: approved <YYYY-MM-DD> v1`;
|
|
132
|
+
2. set `plan: approved <YYYY-MM-DD>` in docs/STATE.md;
|
|
133
|
+
3. append `<YYYY-MM-DD> plan v1 approved` to docs/HISTORY.md (date-first, to
|
|
134
|
+
match the other HISTORY lines).
|
|
135
|
+
Only now may `/phase` / `/sprint` run.
|
|
136
|
+
- On **rejection / change**: revise (re-run the `planner`, or `/replan`), bump the
|
|
137
|
+
version, and re-show. The header stays `PENDING` until I approve.
|
|
138
|
+
|
|
139
|
+
AUTO governs the development loop that runs AFTER this gate, never the gate itself.
|
|
111
140
|
|
|
112
141
|
Optional next step (client / quoted work only): run `/propose` to turn this
|
|
113
142
|
OVERVIEW + PLAN into a proposal + estimate for sign-off before building. Internal or
|
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
---
|
|
2
2
|
description: Run one phase end-to-end. TDD phases run SCAFFOLD -> RED -> GREEN; non-TDD phases run IMPLEMENT -> TEST. Both with the debug circuit breaker and the regression guard at CLOSE.
|
|
3
|
-
argument-hint: [phase number]
|
|
3
|
+
argument-hint: [phase number · "dry-run" to preview what the phase would do]
|
|
4
4
|
---
|
|
5
5
|
|
|
6
|
+
|
|
6
7
|
Caveman ULTRA mode. You are the ORCHESTRATOR. Route work to subagents —
|
|
7
8
|
you do NOT implement or debug yourself.
|
|
8
9
|
|
|
@@ -12,14 +13,28 @@ Target phase: $ARGUMENTS (default: the phase marked pending in docs/PLAN.md)
|
|
|
12
13
|
|
|
13
14
|
---
|
|
14
15
|
|
|
16
|
+
## DRY-RUN CHECK (first — before PRE-FLIGHT)
|
|
17
|
+
|
|
18
|
+
If `$ARGUMENTS` contains `dry-run` or `--dry-run`: do the full analysis but EXECUTE
|
|
19
|
+
NOTHING. Print the ACTION PLAN — files you'd create/change · agents you'd dispatch ·
|
|
20
|
+
tests/gates you'd run · deploy target · cost/scope/risk impact — then STOP. Write,
|
|
21
|
+
run, commit, deploy nothing. (METHODOLOGY → Dry-run.)
|
|
22
|
+
|
|
23
|
+
---
|
|
24
|
+
|
|
15
25
|
## 0. PRE-FLIGHT
|
|
16
26
|
|
|
17
|
-
a.
|
|
27
|
+
a. PLAN-APPROVAL CHECK (hard rule 13): Read the docs/PLAN.md `> Approval:` header.
|
|
28
|
+
Still `PENDING` (or no header) -> STOP. The plan is not signed off; no phase may
|
|
29
|
+
start. Route me to the `/overview` PLAN-APPROVAL gate (or `/replan` then re-approve).
|
|
30
|
+
Approved -> continue.
|
|
31
|
+
|
|
32
|
+
b. INFRA CHECK (phases > 0): Read the declared infra in docs/OVERVIEW.md.
|
|
18
33
|
- Managed infra -> confirm it is reachable; no provisioning step is needed.
|
|
19
34
|
- Self-managed infra -> confirm Phase 0 (infra) ran and is healthy.
|
|
20
35
|
Surface infra + auth status before any work. Blocked infra -> STOP.
|
|
21
36
|
|
|
22
|
-
|
|
37
|
+
c. PHASE STATE CHECK: Read docs/STATE.md and docs/PLAN.md.
|
|
23
38
|
- No phase in progress, requested is next pending -> START at step 1.
|
|
24
39
|
- Same phase in-progress -> RESUME from STATE.md "next action".
|
|
25
40
|
- Different phase in-progress -> STOP. Tell me which phase is open.
|
|
@@ -27,7 +42,7 @@ b. PHASE STATE CHECK: Read docs/STATE.md and docs/PLAN.md.
|
|
|
27
42
|
phase in PLAN order. GUIDED: STOP, warn, proceed only if I confirm.
|
|
28
43
|
- Phase not in PLAN.md -> STOP. Suggest /overview or /replan.
|
|
29
44
|
|
|
30
|
-
|
|
45
|
+
d. FINAL PHASE CHECK: Read docs/PLAN.md. Is this the last phase (no further
|
|
31
46
|
pending phases after this one)? Record this as IS_FINAL_PHASE=true/false.
|
|
32
47
|
|
|
33
48
|
|
|
@@ -181,6 +196,12 @@ SECURITY GATE (rule 11 — Secure SDLC build stage):
|
|
|
181
196
|
|
|
182
197
|
Mark phase `done` in docs/PLAN.md.
|
|
183
198
|
|
|
199
|
+
SPRINT STANDUP (if a sprint is active — STATE.md shows `sprint: <n> (active)`):
|
|
200
|
+
fire the `/sprint standup` tick — append the one-line standup to
|
|
201
|
+
docs/sprints/sprint-<n>.md and update the burndown (rule: SPRINT-STANDUP ritual).
|
|
202
|
+
If all the sprint's committed phases are now done/blocked, recommend `/sprint review`
|
|
203
|
+
(or, under `/sprint run`, the driver proceeds to review automatically).
|
|
204
|
+
|
|
184
205
|
ARCHITECTURE SELF-CHECK: did this phase add/remove/rename an agent, hook, or
|
|
185
206
|
command, or change a workflow rule? YES -> run `/log-decision`. NO -> state why not.
|
|
186
207
|
|
|
@@ -221,10 +242,12 @@ After each step, update docs/STATE.md:
|
|
|
221
242
|
```
|
|
222
243
|
|
|
223
244
|
phase: <n> (in progress)
|
|
245
|
+
plan: approved <date> ← carry forward; never drop the rule-13 sign-off record
|
|
224
246
|
tdd: <true|false>
|
|
225
247
|
completed: <steps done so far>
|
|
226
248
|
next: <exact next step>
|
|
227
249
|
blocker: <none or open issue>
|
|
228
250
|
|
|
229
251
|
```
|
|
230
|
-
Keep STATE.md small — overwrite, do not append.
|
|
252
|
+
Keep STATE.md small — overwrite, do not append. Preserve the `plan:` line on every
|
|
253
|
+
overwrite (the PLAN-APPROVAL record, hard rule 13); do not blank it.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
---
|
|
2
2
|
description: Turn approved requirements + tech stack into a client proposal — scope, phase breakdown, effort + cost estimate, timeline, assumptions, and a sign-off gate. Run after /overview, before building.
|
|
3
|
-
argument-hint: [optional: rate / budget / constraints]
|
|
3
|
+
argument-hint: [optional: rate / budget / constraints · "dry-run" to preview]
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
Caveman ULTRA mode. You are the ORCHESTRATOR.
|
|
@@ -9,10 +9,20 @@ Purpose: produce `docs/PROPOSAL.md` — WHAT we build, in what phases, how long,
|
|
|
9
9
|
much, and on what assumptions — for the client to approve BEFORE any build starts.
|
|
10
10
|
A proposal is a commercial gate: always interactive (both AUTO and GUIDED).
|
|
11
11
|
|
|
12
|
+
DRY-RUN: if `$ARGUMENTS` contains `dry-run`/`--dry-run`, do the full analysis but
|
|
13
|
+
EXECUTE NOTHING — print the ACTION PLAN (scope, phase breakdown, rough estimate)
|
|
14
|
+
and STOP. No PROPOSAL.md / proposal.html is written. (METHODOLOGY → Dry-run.)
|
|
15
|
+
|
|
12
16
|
## PRE-FLIGHT
|
|
13
17
|
Read `docs/OVERVIEW.md` (scope, stack, success criteria) and `docs/PRD.md` if
|
|
14
18
|
present (else the PRD in your BMAD/iSSM). No OVERVIEW -> run `/overview` first.
|
|
15
19
|
|
|
20
|
+
PLAN-APPROVAL CHECK (hard rule 13): the proposal prices the *approved* phases, so
|
|
21
|
+
the plan is signed off first (lifecycle: plan → proposal). If `docs/PLAN.md` exists
|
|
22
|
+
and its `> Approval:` header still reads `PENDING` (or is missing), STOP and route me
|
|
23
|
+
to the `/overview` PLAN-APPROVAL gate before quoting — pricing an unapproved plan
|
|
24
|
+
re-prices on every revision.
|
|
25
|
+
|
|
16
26
|
## STEP 1 — SCOPE
|
|
17
27
|
List the deliverables (features / epics) from OVERVIEW / PRD. Mark each
|
|
18
28
|
**in-scope** or **out-of-scope** explicitly — naming out-of-scope items now is what
|
|
@@ -57,12 +67,13 @@ change-orders re-price against.
|
|
|
57
67
|
## Sign-off — approved by: ___ date: ___ version: v1
|
|
58
68
|
```
|
|
59
69
|
2. RENDER a client-facing `docs/proposal.html` from `.claude/templates/proposal.html`:
|
|
60
|
-
copy it, replace every `{{PLACEHOLDER}}`, and
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
70
|
+
copy it, replace every `{{PLACEHOLDER}}`, and fill the CONTENT in the declared
|
|
71
|
+
language (the section labels are already bilingual TH / EN). It must fit ONE A4
|
|
72
|
+
page — be terse (≈ 3–6 phase rows, ≈ 4 assumptions, short scope items); trim before
|
|
73
|
+
it spills to a second page. Fill `{{COMPANY}}` / `{{COMPANY_TAGLINE}}` / `{{LOGO}}`
|
|
74
|
+
from the ISSUING company's brand declared in OVERVIEW (or ask once) — white-label,
|
|
75
|
+
never hardcode the kit's name. Print-ready (Ctrl/Cmd-P → A4 → Save as PDF). Keep
|
|
76
|
+
PROPOSAL.md (source) and proposal.html (deliverable) in sync.
|
|
66
77
|
|
|
67
78
|
## STEP 6 — SIGN-OFF GATE
|
|
68
79
|
Show me the proposal. **STOP for approval** (commercial gate — always interactive).
|
|
@@ -1,12 +1,16 @@
|
|
|
1
1
|
---
|
|
2
2
|
description: Make a small, obvious change directly — no agent chain, no phase overhead.
|
|
3
|
-
argument-hint: [what to change]
|
|
3
|
+
argument-hint: [what to change · "dry-run" to preview the edit]
|
|
4
4
|
---
|
|
5
5
|
|
|
6
6
|
Caveman ULTRA mode. Apply `karpathy-guidelines` skill.
|
|
7
7
|
|
|
8
8
|
Purpose: skip the orchestration tax for a 5-line fix.
|
|
9
9
|
|
|
10
|
+
DRY-RUN: if `$ARGUMENTS` contains `dry-run`/`--dry-run`, describe the exact edit
|
|
11
|
+
you'd make (file · lines · the change) and the regression you'd run, then STOP —
|
|
12
|
+
change nothing. (METHODOLOGY → Dry-run.)
|
|
13
|
+
|
|
10
14
|
Use `/quick` when ALL hold:
|
|
11
15
|
- change is small (under 30 lines) and obvious
|
|
12
16
|
- no new vertical slice
|
|
@@ -14,7 +18,7 @@ Use `/quick` when ALL hold:
|
|
|
14
18
|
- not mid-phase
|
|
15
19
|
|
|
16
20
|
If any fail -> STOP, tell me, recommend `/phase`.
|
|
17
|
-
(Hard rule
|
|
21
|
+
(Hard rule 10: never route phase-worthy work through `/quick` to dodge the RED gate.)
|
|
18
22
|
|
|
19
23
|
Steps:
|
|
20
24
|
1. grep docs/ISSUES.md for anything related.
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
---
|
|
2
|
+
description: Pre-production release pipeline — after all build phases, run the full automated gauntlet (full regression: functional / integration / e2e · all audits: UI / QA / security / code · smoke test), then hand off to manual UAT, drive the defect loop to green, produce a sign-off document, and promote to production. The automated SDLC backbone; production deploy is a human-signed hard-stop.
|
|
3
|
+
argument-hint: [optional: target env · "dry-run" to preview the pipeline without running it]
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
Caveman ULTRA mode. You are the ORCHESTRATOR.
|
|
7
|
+
|
|
8
|
+
Run this AFTER every build `/phase` is done (the candidate is on staging/preview).
|
|
9
|
+
AUTO runs all AUTOMATED stages without stopping; it STOPS only at the human gates —
|
|
10
|
+
UAT execution, sign-off, and the production promote (security/irreversible hard-stops).
|
|
11
|
+
Record progress in STATE.md so a resumed session continues mid-pipeline.
|
|
12
|
+
|
|
13
|
+
DRY-RUN: if `$ARGUMENTS` contains `dry-run`/`--dry-run`, do the full analysis but
|
|
14
|
+
EXECUTE NOTHING — print the ACTION PLAN (stages, audits, deploy target, risk impact)
|
|
15
|
+
and STOP. Nothing is run, signed, or promoted. (METHODOLOGY → Dry-run.)
|
|
16
|
+
|
|
17
|
+
## STAGE 1 — FULL REGRESSION (auto)
|
|
18
|
+
Run the whole REAL corpus end-to-end: **functional + integration + e2e**
|
|
19
|
+
(`scripts/regression.sh --real`, then the declared E2E runner via `e2e-runner`).
|
|
20
|
+
Any red → `debugger` (cap 3) → fix → re-run. Must be 100% green to proceed.
|
|
21
|
+
|
|
22
|
+
## STAGE 2 — AUTO AUDITS (auto)
|
|
23
|
+
Run every whole-product audit and fold results together:
|
|
24
|
+
- `/ui-audit` · `/qa-audit` · `/security-audit`
|
|
25
|
+
- **code cleaning**: lint + format (the language's standard tool) must be clean
|
|
26
|
+
- **code optimization**: a pass for dead code, obvious N+1 / perf, bundle bloat
|
|
27
|
+
Collect every BLOCKER / HIGH / CRITICAL. Open blocker → fix → re-audit. (Security
|
|
28
|
+
fixes surface for sign-off — security is an autonomy hard-stop.)
|
|
29
|
+
|
|
30
|
+
## STAGE 3 — SMOKE TEST (auto)
|
|
31
|
+
Deploy the candidate to staging/preview; run the **smoke suite**: app boots, health
|
|
32
|
+
endpoint 200, the critical happy paths load, no console/server errors. Fail → STOP, fix.
|
|
33
|
+
|
|
34
|
+
## STAGE 4 — UAT HANDOFF (human)
|
|
35
|
+
Dispatch `/uat`: generate the all-case scenario document, hand it to the testers, and
|
|
36
|
+
WAIT. Capture their pasted results into `docs/UAT-<date>.md`. (UAT is a human gate.)
|
|
37
|
+
|
|
38
|
+
## STAGE 5 — UAT DEFECT LOOP
|
|
39
|
+
For each issue/bug reported: log to `docs/ISSUES.md` (repro from the scenario), fix
|
|
40
|
+
(`implementer`/`debugger`), re-run STAGE 1–3 for the touched area, then resubmit ONLY
|
|
41
|
+
the failed scenarios via `/uat`. Loop until ALL scenarios PASS.
|
|
42
|
+
|
|
43
|
+
## STAGE 6 — SIGN-OFF (human)
|
|
44
|
+
Produce `docs/SIGNOFF-<date>.md`: scope delivered · test + audit results summary · UAT
|
|
45
|
+
pass confirmation · known limitations · the approver/date line. **STOP for human
|
|
46
|
+
sign-off** — a release gate, always interactive in both modes.
|
|
47
|
+
|
|
48
|
+
## STAGE 7 — PROMOTE TO PRODUCTION (hard-stop)
|
|
49
|
+
On a SIGNED sign-off only: deploy to production, smoke-test prod (health 200), update
|
|
50
|
+
`docs/ENDPOINTS.md` base URL, tag the release. HISTORY line: `released v<n> (<date>)`.
|
|
51
|
+
|
|
52
|
+
## STAGE 8 — GO-LIVE & SUPPORT
|
|
53
|
+
Enter after-go-live support (hypercare): watch for incidents, keep the issue log live.
|
|
54
|
+
New scope → `/change-request` (impact + re-price + sign-off). The project is live; the
|
|
55
|
+
loop continues through change requests.
|
|
@@ -54,12 +54,18 @@ commercial impact (split/merge/reorder, a discovered technical re-slice).
|
|
|
54
54
|
- A MERGE -> consolidate the merged phases' regression tests.
|
|
55
55
|
- A REORDER -> keep the tests as-is (contracts are phase-independent).
|
|
56
56
|
Do NOT touch phase-local `tests/phase-<n>/` here beyond renumbering dirs.
|
|
57
|
-
After reconciling, run
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
57
|
+
After reconciling, re-run the regression corpus to confirm it still passes:
|
|
58
|
+
`--real` ONLY if at least one phase is done (live services exist); on a pre-build
|
|
59
|
+
replan (no done phase, managed infra not yet wired) run the mock corpus instead,
|
|
60
|
+
or skip with a noted reason. A failure -> surface it and stop before approval.
|
|
61
|
+
|
|
62
|
+
6. PLAN-APPROVAL gate (hard rule 13). A re-plan reshapes UNBUILT scope, so it reverts
|
|
63
|
+
the plan to unapproved: set the PLAN.md `> Approval:` header back to `PENDING`, SHOW
|
|
64
|
+
ME the revised phase list + the regression-corpus changes, and STOP for approval.
|
|
65
|
+
On approval: re-stamp the header `approved <date> v<n+1>`, update STATE.md `plan:`,
|
|
66
|
+
and append `<date> plan v<n+1> approved (replan)` to docs/HISTORY.md (date-first,
|
|
67
|
+
matching the other HISTORY lines). `/phase` and `/sprint` stay blocked until this
|
|
68
|
+
re-stamp.
|
|
63
69
|
|
|
64
70
|
7. ARCHITECTURE SELF-CHECK: re-planning is not normally a kit-architecture
|
|
65
71
|
change. Only run /log-decision if the workflow itself changed (rare).
|