create-qa-architect 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.editorconfig +12 -0
- package/.github/CLAUDE_MD_AUTOMATION.md +248 -0
- package/.github/PROGRESSIVE_QUALITY_IMPLEMENTATION.md +408 -0
- package/.github/PROGRESSIVE_QUALITY_PROPOSAL.md +443 -0
- package/.github/RELEASE_CHECKLIST.md +100 -0
- package/.github/dependabot.yml +50 -0
- package/.github/git-sync.sh +48 -0
- package/.github/workflows/claude-md-validation.yml +82 -0
- package/.github/workflows/nightly-gitleaks-verification.yml +176 -0
- package/.github/workflows/pnpm-ci.yml.example +53 -0
- package/.github/workflows/python-ci.yml.example +69 -0
- package/.github/workflows/quality-legacy.yml.backup +165 -0
- package/.github/workflows/quality-progressive.yml.example +291 -0
- package/.github/workflows/quality.yml +436 -0
- package/.github/workflows/release.yml +53 -0
- package/.nvmrc +1 -0
- package/.prettierignore +14 -0
- package/.prettierrc +9 -0
- package/.stylelintrc.json +5 -0
- package/README.md +212 -0
- package/config/.lighthouserc.js +45 -0
- package/config/.pre-commit-config.yaml +66 -0
- package/config/constants.js +128 -0
- package/config/defaults.js +124 -0
- package/config/pyproject.toml +124 -0
- package/config/quality-config.schema.json +97 -0
- package/config/quality-python.yml +89 -0
- package/config/requirements-dev.txt +15 -0
- package/create-saas-monetization.js +1465 -0
- package/eslint.config.cjs +117 -0
- package/eslint.config.ts.cjs +99 -0
- package/legal/README.md +106 -0
- package/legal/copyright.md +76 -0
- package/legal/disclaimer.md +146 -0
- package/legal/privacy-policy.html +324 -0
- package/legal/privacy-policy.md +196 -0
- package/legal/terms-of-service.md +224 -0
- package/lib/billing-dashboard.html +645 -0
- package/lib/config-validator.js +163 -0
- package/lib/dependency-monitoring-basic.js +185 -0
- package/lib/dependency-monitoring-premium.js +1490 -0
- package/lib/error-reporter.js +444 -0
- package/lib/interactive/prompt.js +128 -0
- package/lib/interactive/questions.js +146 -0
- package/lib/license-validator.js +403 -0
- package/lib/licensing.js +989 -0
- package/lib/package-utils.js +187 -0
- package/lib/project-maturity.js +516 -0
- package/lib/security-enhancements.js +340 -0
- package/lib/setup-enhancements.js +317 -0
- package/lib/smart-strategy-generator.js +344 -0
- package/lib/telemetry.js +323 -0
- package/lib/template-loader.js +252 -0
- package/lib/typescript-config-generator.js +210 -0
- package/lib/ui-helpers.js +74 -0
- package/lib/validation/base-validator.js +174 -0
- package/lib/validation/cache-manager.js +158 -0
- package/lib/validation/config-security.js +741 -0
- package/lib/validation/documentation.js +326 -0
- package/lib/validation/index.js +186 -0
- package/lib/validation/validation-factory.js +153 -0
- package/lib/validation/workflow-validation.js +172 -0
- package/lib/yaml-utils.js +120 -0
- package/marketing/beta-user-email-campaign.md +372 -0
- package/marketing/landing-page.html +721 -0
- package/package.json +165 -0
- package/setup.js +2076 -0
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
3
|
+
"$id": "https://github.com/brettstark73/create-qa-architect/blob/main/config/quality-config.schema.json",
|
|
4
|
+
"title": "Quality Automation Configuration",
|
|
5
|
+
"description": "Configuration for create-qa-architect progressive quality checks",
|
|
6
|
+
"type": "object",
|
|
7
|
+
"required": ["version"],
|
|
8
|
+
"properties": {
|
|
9
|
+
"version": {
|
|
10
|
+
"type": "string",
|
|
11
|
+
"pattern": "^[0-9]+\\.[0-9]+\\.[0-9]+$",
|
|
12
|
+
"description": "Configuration schema version (semver format)"
|
|
13
|
+
},
|
|
14
|
+
"maturity": {
|
|
15
|
+
"type": "string",
|
|
16
|
+
"enum": [
|
|
17
|
+
"auto",
|
|
18
|
+
"minimal",
|
|
19
|
+
"bootstrap",
|
|
20
|
+
"development",
|
|
21
|
+
"production-ready"
|
|
22
|
+
],
|
|
23
|
+
"default": "auto",
|
|
24
|
+
"description": "Project maturity level: 'auto' for auto-detection or manual override"
|
|
25
|
+
},
|
|
26
|
+
"detected": {
|
|
27
|
+
"type": "object",
|
|
28
|
+
"description": "Auto-detected project information (populated by --check-maturity)",
|
|
29
|
+
"properties": {
|
|
30
|
+
"level": {
|
|
31
|
+
"type": "string",
|
|
32
|
+
"enum": ["minimal", "bootstrap", "development", "production-ready"],
|
|
33
|
+
"description": "Detected maturity level"
|
|
34
|
+
},
|
|
35
|
+
"sourceFiles": {
|
|
36
|
+
"type": "integer",
|
|
37
|
+
"minimum": 0,
|
|
38
|
+
"description": "Number of source files detected"
|
|
39
|
+
},
|
|
40
|
+
"testFiles": {
|
|
41
|
+
"type": "integer",
|
|
42
|
+
"minimum": 0,
|
|
43
|
+
"description": "Number of test files detected"
|
|
44
|
+
},
|
|
45
|
+
"hasDocumentation": {
|
|
46
|
+
"type": "boolean",
|
|
47
|
+
"description": "Whether README or docs/ found"
|
|
48
|
+
},
|
|
49
|
+
"hasDependencies": {
|
|
50
|
+
"type": "boolean",
|
|
51
|
+
"description": "Whether package.json dependencies exist"
|
|
52
|
+
},
|
|
53
|
+
"detectedAt": {
|
|
54
|
+
"type": "string",
|
|
55
|
+
"format": "date-time",
|
|
56
|
+
"description": "ISO 8601 timestamp of detection"
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
},
|
|
60
|
+
"checks": {
|
|
61
|
+
"type": "object",
|
|
62
|
+
"description": "Quality check configuration",
|
|
63
|
+
"additionalProperties": {
|
|
64
|
+
"type": "object",
|
|
65
|
+
"properties": {
|
|
66
|
+
"enabled": {
|
|
67
|
+
"oneOf": [
|
|
68
|
+
{
|
|
69
|
+
"type": "boolean",
|
|
70
|
+
"description": "Explicitly enable (true) or disable (false) this check"
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
"type": "string",
|
|
74
|
+
"enum": ["auto"],
|
|
75
|
+
"description": "Auto-enable based on project maturity level"
|
|
76
|
+
}
|
|
77
|
+
],
|
|
78
|
+
"default": "auto"
|
|
79
|
+
},
|
|
80
|
+
"required": {
|
|
81
|
+
"type": "boolean",
|
|
82
|
+
"default": false,
|
|
83
|
+
"description": "Whether this check is required to pass for CI/CD success"
|
|
84
|
+
},
|
|
85
|
+
"threshold": {
|
|
86
|
+
"type": "number",
|
|
87
|
+
"minimum": 0,
|
|
88
|
+
"maximum": 100,
|
|
89
|
+
"description": "Threshold percentage (e.g., coverage percentage for coverage checks)"
|
|
90
|
+
}
|
|
91
|
+
},
|
|
92
|
+
"additionalProperties": false
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
},
|
|
96
|
+
"additionalProperties": false
|
|
97
|
+
}
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
name: Python Quality Checks
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main, master, develop]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main, master, develop]
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
quality:
|
|
11
|
+
runs-on: ubuntu-latest
|
|
12
|
+
strategy:
|
|
13
|
+
matrix:
|
|
14
|
+
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']
|
|
15
|
+
|
|
16
|
+
steps:
|
|
17
|
+
- name: Checkout code
|
|
18
|
+
uses: actions/checkout@v5
|
|
19
|
+
|
|
20
|
+
- name: Set up Python ${{ matrix.python-version }}
|
|
21
|
+
uses: actions/setup-python@v5
|
|
22
|
+
with:
|
|
23
|
+
python-version: ${{ matrix.python-version }}
|
|
24
|
+
cache: 'pip'
|
|
25
|
+
|
|
26
|
+
- name: Install dependencies
|
|
27
|
+
run: |
|
|
28
|
+
python -m pip install --upgrade pip
|
|
29
|
+
if [ -f requirements-dev.txt ]; then
|
|
30
|
+
pip install -r requirements-dev.txt
|
|
31
|
+
fi
|
|
32
|
+
if [ -f requirements.txt ]; then
|
|
33
|
+
pip install -r requirements.txt
|
|
34
|
+
fi
|
|
35
|
+
|
|
36
|
+
- name: Black formatting check
|
|
37
|
+
run: black --check .
|
|
38
|
+
|
|
39
|
+
- name: Ruff linting
|
|
40
|
+
run: ruff check .
|
|
41
|
+
|
|
42
|
+
- name: Import sorting check
|
|
43
|
+
run: isort --check-only --diff .
|
|
44
|
+
|
|
45
|
+
- name: Type checking with mypy
|
|
46
|
+
run: mypy .
|
|
47
|
+
|
|
48
|
+
- name: Security check with bandit
|
|
49
|
+
run: |
|
|
50
|
+
pip install bandit[toml]
|
|
51
|
+
bandit -r . -f json -o bandit-report.json || true
|
|
52
|
+
if [ -s bandit-report.json ]; then
|
|
53
|
+
echo "🔍 Security scan results:"
|
|
54
|
+
python -m json.tool bandit-report.json | head -50
|
|
55
|
+
fi
|
|
56
|
+
|
|
57
|
+
- name: Run tests
|
|
58
|
+
run: |
|
|
59
|
+
if [ -d tests ] || [ -f test_*.py ] || [ -f *_test.py ]; then
|
|
60
|
+
pytest --cov=. --cov-report=term-missing
|
|
61
|
+
else
|
|
62
|
+
echo "No tests found - skipping test execution"
|
|
63
|
+
fi
|
|
64
|
+
|
|
65
|
+
- name: Check for common Python security issues
|
|
66
|
+
run: |
|
|
67
|
+
echo "🔍 Scanning for Python security patterns..."
|
|
68
|
+
|
|
69
|
+
# Check for eval usage
|
|
70
|
+
if grep -r "eval(" . --include="*.py" --exclude-dir=venv --exclude-dir=.venv; then
|
|
71
|
+
echo "⚠️ Found eval() usage - review for security implications"
|
|
72
|
+
fi
|
|
73
|
+
|
|
74
|
+
# Check for exec usage
|
|
75
|
+
if grep -r "exec(" . --include="*.py" --exclude-dir=venv --exclude-dir=.venv; then
|
|
76
|
+
echo "⚠️ Found exec() usage - review for security implications"
|
|
77
|
+
fi
|
|
78
|
+
|
|
79
|
+
# Check for pickle usage (potential security risk)
|
|
80
|
+
if grep -r "pickle.loads\|pickle.load" . --include="*.py" --exclude-dir=venv --exclude-dir=.venv; then
|
|
81
|
+
echo "⚠️ Found pickle.load usage - ensure data source is trusted"
|
|
82
|
+
fi
|
|
83
|
+
|
|
84
|
+
# Check for SQL injection patterns
|
|
85
|
+
if grep -r "execute.*%\|execute.*format\|execute.*+.*" . --include="*.py" --exclude-dir=venv --exclude-dir=.venv; then
|
|
86
|
+
echo "⚠️ Potential SQL injection pattern found - use parameterized queries"
|
|
87
|
+
fi
|
|
88
|
+
|
|
89
|
+
echo "✅ Security pattern scan completed"
|