create-quiver 0.15.4 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/pull_request_template.md +17 -0
- package/.github/workflows/ci.yml +76 -0
- package/.markdown-link-check.json +15 -0
- package/.markdownlint.json +11 -0
- package/ARCHITECTURE.md +133 -0
- package/CHANGELOG.md +16 -0
- package/CONTRIBUTING.md +174 -9
- package/README.md +17 -2
- package/README_FOR_AI.md +4 -1
- package/ROADMAP.md +4 -0
- package/SECURITY.md +9 -2
- package/docs/AI_CONTEXT.md.es.template +3 -1
- package/docs/AI_CONTEXT.md.template +3 -1
- package/docs/CLI_UX_GUIDE.md +20 -1
- package/docs/COMMANDS.md.template +20 -6
- package/docs/GITFLOW_PR_GUIDE.md +73 -11
- package/docs/GITFLOW_PR_GUIDE.md.es.template +61 -2
- package/docs/GITFLOW_PR_GUIDE.md.template +72 -10
- package/docs/INDEX.md +6 -1
- package/docs/QUICK.md.template +2 -1
- package/docs/STANDARD.md.template +2 -1
- package/docs/WORKFLOW.md.es.template +3 -1
- package/docs/WORKFLOW.md.template +6 -4
- package/docs/getting-started/installation.md +7 -0
- package/docs/reference/commands.md +138 -6
- package/docs/reference/slice-schema.md +37 -0
- package/docs/schema/slice.schema.json +221 -0
- package/docs/specs/01-spec/01-slice/01-slice.json +36 -0
- package/docs/specs/01-spec/01-slice/01-slice.md +106 -0
- package/docs/specs/01-spec/01-slice/CLOSURE_BRIEF.md +80 -0
- package/docs/specs/01-spec/01-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/02-slice/02-slice.json +36 -0
- package/docs/specs/01-spec/02-slice/02-slice.md +108 -0
- package/docs/specs/01-spec/02-slice/CLOSURE_BRIEF.md +88 -0
- package/docs/specs/01-spec/02-slice/EXECUTION_BRIEF.md +40 -0
- package/docs/specs/01-spec/03-slice/03-slice.json +36 -0
- package/docs/specs/01-spec/03-slice/03-slice.md +103 -0
- package/docs/specs/01-spec/03-slice/CLOSURE_BRIEF.md +54 -0
- package/docs/specs/01-spec/03-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/04-slice/04-slice.json +36 -0
- package/docs/specs/01-spec/04-slice/04-slice.md +107 -0
- package/docs/specs/01-spec/04-slice/CLOSURE_BRIEF.md +46 -0
- package/docs/specs/01-spec/04-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/05-slice/05-slice.json +36 -0
- package/docs/specs/01-spec/05-slice/05-slice.md +106 -0
- package/docs/specs/01-spec/05-slice/CLOSURE_BRIEF.md +84 -0
- package/docs/specs/01-spec/05-slice/EXECUTION_BRIEF.md +109 -0
- package/docs/specs/01-spec/06-slice/06-slice.json +36 -0
- package/docs/specs/01-spec/06-slice/06-slice.md +107 -0
- package/docs/specs/01-spec/06-slice/CLOSURE_BRIEF.md +67 -0
- package/docs/specs/01-spec/06-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/07-slice/07-slice.json +36 -0
- package/docs/specs/01-spec/07-slice/07-slice.md +105 -0
- package/docs/specs/01-spec/07-slice/CLOSURE_BRIEF.md +71 -0
- package/docs/specs/01-spec/07-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/08-slice/08-slice.json +36 -0
- package/docs/specs/01-spec/08-slice/08-slice.md +105 -0
- package/docs/specs/01-spec/08-slice/CLOSURE_BRIEF.md +114 -0
- package/docs/specs/01-spec/08-slice/EXECUTION_BRIEF.md +39 -0
- package/docs/specs/01-spec/CLOSURE_BRIEF.md +87 -0
- package/docs/specs/01-spec/spec.md +197 -0
- package/docs/workflows/full-ai-spec-to-pr.md +46 -3
- package/i18n/es/docs/GITFLOW_PR_GUIDE.md.template +38 -1
- package/package.json +27 -1
- package/scripts/package-quiver.sh +82 -2
- package/scripts/release-quiver.sh +14 -3
- package/specs/[project-name]/slices/pr.md.template +19 -0
- package/specs/quiver-v43-cli-i18n-audit-release-readiness/command-language-mode-matrix.json +122 -1
- package/specs/quiver-v46-deep-project-analysis/EVIDENCE_REPORT.md +94 -0
- package/specs/quiver-v46-deep-project-analysis/EXECUTION_PLAN.md +26 -0
- package/specs/quiver-v46-deep-project-analysis/SPEC.md +157 -0
- package/specs/quiver-v46-deep-project-analysis/STATUS.md +26 -0
- package/specs/quiver-v46-deep-project-analysis/pr.md +131 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-00-analysis-contract-foundation/CLOSURE_BRIEF.md +14 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-00-analysis-contract-foundation/EXECUTION_BRIEF.md +41 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-00-analysis-contract-foundation/slice.json +61 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-01-stack-agnostic-discovery-sampling/CLOSURE_BRIEF.md +22 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-01-stack-agnostic-discovery-sampling/EXECUTION_BRIEF.md +33 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-01-stack-agnostic-discovery-sampling/slice.json +80 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-02-provider-analysis-json-contract/CLOSURE_BRIEF.md +21 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-02-provider-analysis-json-contract/EXECUTION_BRIEF.md +34 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-02-provider-analysis-json-contract/slice.json +79 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-03-doc-proposal-review-safe-writes/CLOSURE_BRIEF.md +19 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-03-doc-proposal-review-safe-writes/EXECUTION_BRIEF.md +33 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-03-doc-proposal-review-safe-writes/slice.json +79 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-04-validation-docs-release-readiness/CLOSURE_BRIEF.md +20 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-04-validation-docs-release-readiness/EXECUTION_BRIEF.md +32 -0
- package/specs/quiver-v46-deep-project-analysis/slices/slice-04-validation-docs-release-readiness/slice.json +85 -0
- package/specs/quiver-v50-audit-trust-foundation/EVIDENCE_REPORT.md +151 -0
- package/specs/quiver-v50-audit-trust-foundation/EXECUTION_PLAN.md +34 -0
- package/specs/quiver-v50-audit-trust-foundation/SPEC.md +113 -0
- package/specs/quiver-v50-audit-trust-foundation/STATUS.md +26 -0
- package/specs/quiver-v50-audit-trust-foundation/pr.md +120 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-00-audit-baseline-and-resolved-findings/CLOSURE_BRIEF.md +20 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-00-audit-baseline-and-resolved-findings/EXECUTION_BRIEF.md +58 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-00-audit-baseline-and-resolved-findings/slice.json +57 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-01-runtime-minimum-and-package-metadata/CLOSURE_BRIEF.md +24 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-01-runtime-minimum-and-package-metadata/EXECUTION_BRIEF.md +67 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-01-runtime-minimum-and-package-metadata/slice.json +71 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-02-migrate-write-safety-contract/CLOSURE_BRIEF.md +24 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-02-migrate-write-safety-contract/EXECUTION_BRIEF.md +71 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-02-migrate-write-safety-contract/slice.json +81 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-03-security-reporting-channel/CLOSURE_BRIEF.md +22 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-03-security-reporting-channel/EXECUTION_BRIEF.md +57 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-03-security-reporting-channel/slice.json +56 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-04-user-facing-i18n-error-coverage/CLOSURE_BRIEF.md +23 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-04-user-facing-i18n-error-coverage/EXECUTION_BRIEF.md +68 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-04-user-facing-i18n-error-coverage/slice.json +84 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-05-init-analyze-progress-and-summaries/CLOSURE_BRIEF.md +25 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-05-init-analyze-progress-and-summaries/EXECUTION_BRIEF.md +73 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-05-init-analyze-progress-and-summaries/slice.json +72 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-06-contributor-and-architecture-docs/CLOSURE_BRIEF.md +22 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-06-contributor-and-architecture-docs/EXECUTION_BRIEF.md +66 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-06-contributor-and-architecture-docs/slice.json +74 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-07-ci-and-documentation-lint-baseline/CLOSURE_BRIEF.md +29 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-07-ci-and-documentation-lint-baseline/EXECUTION_BRIEF.md +74 -0
- package/specs/quiver-v50-audit-trust-foundation/slices/slice-07-ci-and-documentation-lint-baseline/slice.json +81 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/EVIDENCE_REPORT.md +145 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/EXECUTION_PLAN.md +32 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/SPEC.md +109 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/STATUS.md +25 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/pr.md +69 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-00-cli-contract-baseline/CLOSURE_BRIEF.md +20 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-00-cli-contract-baseline/EXECUTION_BRIEF.md +58 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-00-cli-contract-baseline/slice.json +56 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-01-flow-json-compatibility/CLOSURE_BRIEF.md +21 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-01-flow-json-compatibility/EXECUTION_BRIEF.md +61 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-01-flow-json-compatibility/slice.json +68 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-02-dashboard-section-validation-i18n/CLOSURE_BRIEF.md +25 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-02-dashboard-section-validation-i18n/EXECUTION_BRIEF.md +65 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-02-dashboard-section-validation-i18n/pr.md +134 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-02-dashboard-section-validation-i18n/slice.json +80 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-03-base-branch-resolution-policy/CLOSURE_BRIEF.md +31 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-03-base-branch-resolution-policy/EXECUTION_BRIEF.md +80 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-03-base-branch-resolution-policy/pr.md +159 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-03-base-branch-resolution-policy/slice.json +102 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-04-next-plan-graph-ux-edge-cases/CLOSURE_BRIEF.md +25 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-04-next-plan-graph-ux-edge-cases/EXECUTION_BRIEF.md +74 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-04-next-plan-graph-ux-edge-cases/pr.md +147 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-04-next-plan-graph-ux-edge-cases/slice.json +91 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-05-evidence-robustness-path-safety/CLOSURE_BRIEF.md +28 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-05-evidence-robustness-path-safety/EXECUTION_BRIEF.md +73 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-05-evidence-robustness-path-safety/pr.md +146 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-05-evidence-robustness-path-safety/slice.json +100 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-06-namespace-compatibility-windows-scripts/CLOSURE_BRIEF.md +36 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-06-namespace-compatibility-windows-scripts/EXECUTION_BRIEF.md +76 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-06-namespace-compatibility-windows-scripts/pr.md +155 -0
- package/specs/quiver-v51-cli-ergonomics-automation-contracts/slices/slice-06-namespace-compatibility-windows-scripts/slice.json +111 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/EVIDENCE_REPORT.md +95 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/EXECUTION_PLAN.md +31 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/SPEC.md +107 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/STATUS.md +22 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/pr.md +69 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-00-schema-docs-release-baseline/CLOSURE_BRIEF.md +21 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-00-schema-docs-release-baseline/EXECUTION_BRIEF.md +60 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-00-schema-docs-release-baseline/slice.json +62 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-01-json-schema-for-slice-json/CLOSURE_BRIEF.md +34 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-01-json-schema-for-slice-json/EXECUTION_BRIEF.md +71 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-01-json-schema-for-slice-json/pr.md +146 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-01-json-schema-for-slice-json/slice.json +106 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-02-generated-cli-reference/CLOSURE_BRIEF.md +33 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-02-generated-cli-reference/EXECUTION_BRIEF.md +67 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-02-generated-cli-reference/pr.md +144 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-02-generated-cli-reference/slice.json +86 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-03-changelog-package-release-smoke-hygiene/CLOSURE_BRIEF.md +38 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-03-changelog-package-release-smoke-hygiene/EXECUTION_BRIEF.md +75 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-03-changelog-package-release-smoke-hygiene/pr.md +159 -0
- package/specs/quiver-v52-schema-docs-release-hygiene/slices/slice-03-changelog-package-release-smoke-hygiene/slice.json +105 -0
- package/src/create-quiver/commands/ai.js +521 -0
- package/src/create-quiver/commands/changelog.js +93 -0
- package/src/create-quiver/commands/config.js +16 -5
- package/src/create-quiver/commands/evidence.js +33 -2
- package/src/create-quiver/commands/flow.js +1 -0
- package/src/create-quiver/commands/graph.js +8 -2
- package/src/create-quiver/commands/plan.js +6 -0
- package/src/create-quiver/commands/spec.js +28 -13
- package/src/create-quiver/index.js +408 -98
- package/src/create-quiver/lib/ai/analyze-project-discovery.js +387 -0
- package/src/create-quiver/lib/ai/analyze-project-docs.js +364 -0
- package/src/create-quiver/lib/ai/analyze-project-parser.js +277 -0
- package/src/create-quiver/lib/ai/analyze-project-prompts.js +214 -0
- package/src/create-quiver/lib/ai/analyze-project-review.js +99 -0
- package/src/create-quiver/lib/ai/analyze-project-sampling.js +402 -0
- package/src/create-quiver/lib/ai/analyze-project-schema.js +92 -0
- package/src/create-quiver/lib/ai/analyze-project-validation.js +309 -0
- package/src/create-quiver/lib/ai/artifacts.js +4 -1
- package/src/create-quiver/lib/ai/github.js +5 -2
- package/src/create-quiver/lib/ai/spec-templates.js +19 -0
- package/src/create-quiver/lib/cli/command-registry.js +72 -0
- package/src/create-quiver/lib/cli/parser.js +14 -0
- package/src/create-quiver/lib/evidence.js +161 -6
- package/src/create-quiver/lib/git.js +99 -0
- package/src/create-quiver/lib/i18n/messages/en.js +52 -7
- package/src/create-quiver/lib/i18n/messages/es.js +54 -9
- package/src/create-quiver/lib/init-docs.js +1 -1
- package/src/create-quiver/lib/init-layout.js +9 -8
- package/src/create-quiver/lib/lifecycle.js +24 -26
- package/src/create-quiver/lib/readiness.js +67 -56
- package/src/create-quiver/lib/spec-worktrees.js +16 -34
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
# EXECUTION_BRIEF - slice-01 runtime minimum and package metadata
|
|
2
|
+
|
|
3
|
+
## Context
|
|
4
|
+
|
|
5
|
+
The audit requires `engines.node`, but declaring it without evidence can reject valid users or accept unsupported runtimes.
|
|
6
|
+
|
|
7
|
+
## Objective
|
|
8
|
+
|
|
9
|
+
Verify and declare the real minimum supported Node.js version.
|
|
10
|
+
|
|
11
|
+
## Scope
|
|
12
|
+
|
|
13
|
+
- Node minimum validation.
|
|
14
|
+
- `engines.node`.
|
|
15
|
+
- Lockfile synchronization.
|
|
16
|
+
- Installation docs.
|
|
17
|
+
- CI coverage for the minimum where feasible.
|
|
18
|
+
|
|
19
|
+
## Acceptance Criteria
|
|
20
|
+
|
|
21
|
+
- The declared Node minimum is backed by validation evidence.
|
|
22
|
+
- `package.json` and `package-lock.json` are synchronized.
|
|
23
|
+
- `npm ci` passes.
|
|
24
|
+
- Installation docs mention the supported Node version.
|
|
25
|
+
- CI covers the minimum Node version or records an explicit blocker.
|
|
26
|
+
|
|
27
|
+
## Expected Files To Modify
|
|
28
|
+
|
|
29
|
+
- `package.json`
|
|
30
|
+
- `package-lock.json`
|
|
31
|
+
- `README.md`
|
|
32
|
+
- `docs/getting-started/installation.md`
|
|
33
|
+
- `.github/workflows/ci.yml`
|
|
34
|
+
- `specs/quiver-v50-audit-trust-foundation/EVIDENCE_REPORT.md`
|
|
35
|
+
|
|
36
|
+
## Validations Required
|
|
37
|
+
|
|
38
|
+
- `npm ci`
|
|
39
|
+
- `node --test`
|
|
40
|
+
- `git diff --check`
|
|
41
|
+
|
|
42
|
+
## Risks
|
|
43
|
+
|
|
44
|
+
- Declaring an unverified runtime minimum.
|
|
45
|
+
- Forgetting lockfile updates.
|
|
46
|
+
- CI using only a newer Node version.
|
|
47
|
+
|
|
48
|
+
## Dependencies
|
|
49
|
+
|
|
50
|
+
- Depends on `slice-00-audit-baseline-and-resolved-findings`.
|
|
51
|
+
|
|
52
|
+
## Instructions For Executor
|
|
53
|
+
|
|
54
|
+
1. Determine the lowest Node version that actually supports the project.
|
|
55
|
+
2. Only then add `engines.node`.
|
|
56
|
+
3. Update docs and lockfile together.
|
|
57
|
+
4. Record validation evidence.
|
|
58
|
+
|
|
59
|
+
## Completion Checklist
|
|
60
|
+
|
|
61
|
+
- [ ] Acceptance criteria satisfied.
|
|
62
|
+
- [ ] Required validations run or blockers documented.
|
|
63
|
+
- [ ] Closure brief updated.
|
|
64
|
+
|
|
65
|
+
## Conditions Of Closure
|
|
66
|
+
|
|
67
|
+
- Runtime metadata is truthful and reproducible.
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
{
|
|
2
|
+
"slice_id": "slice-01-runtime-minimum-and-package-metadata",
|
|
3
|
+
"ticket": "QUIVER-50-01",
|
|
4
|
+
"type": "quality",
|
|
5
|
+
"title": "Runtime minimum and package metadata",
|
|
6
|
+
"objective": "Verify and declare the real minimum supported Node.js version.",
|
|
7
|
+
"description": "Adds package runtime metadata only after evidence proves the minimum supported Node version.",
|
|
8
|
+
"git": {
|
|
9
|
+
"branch_type": "feature",
|
|
10
|
+
"base_branch": "main",
|
|
11
|
+
"branch_slug": "v50-runtime-metadata",
|
|
12
|
+
"branch_name": "feature/QUIVER-50-01-v50-runtime-metadata"
|
|
13
|
+
},
|
|
14
|
+
"files": [
|
|
15
|
+
"package.json",
|
|
16
|
+
"package-lock.json",
|
|
17
|
+
"README.md",
|
|
18
|
+
"docs/getting-started/**",
|
|
19
|
+
".github/workflows/ci.yml",
|
|
20
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
21
|
+
],
|
|
22
|
+
"expected_read_paths": [
|
|
23
|
+
"package.json",
|
|
24
|
+
"package-lock.json",
|
|
25
|
+
".github/workflows/ci.yml",
|
|
26
|
+
"scripts/ci/**",
|
|
27
|
+
"docs/getting-started/installation.md"
|
|
28
|
+
],
|
|
29
|
+
"allowed_write_paths": [
|
|
30
|
+
"package.json",
|
|
31
|
+
"package-lock.json",
|
|
32
|
+
"README.md",
|
|
33
|
+
"docs/getting-started/**",
|
|
34
|
+
".github/workflows/ci.yml",
|
|
35
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
36
|
+
],
|
|
37
|
+
"depends_on": [
|
|
38
|
+
"slice-00-audit-baseline-and-resolved-findings"
|
|
39
|
+
],
|
|
40
|
+
"parallel_safe": "yes",
|
|
41
|
+
"parallel_safe_reason": "Package metadata can be handled independently after baseline.",
|
|
42
|
+
"must": [
|
|
43
|
+
"Verify the real Node minimum before declaring engines.node.",
|
|
44
|
+
"Keep package-lock.json synchronized with package.json.",
|
|
45
|
+
"Document the Node minimum in installation docs.",
|
|
46
|
+
"Ensure CI tests the declared minimum or records a blocker."
|
|
47
|
+
],
|
|
48
|
+
"not_included": [
|
|
49
|
+
"Adding unrelated dependencies.",
|
|
50
|
+
"Changing release automation."
|
|
51
|
+
],
|
|
52
|
+
"acceptance": [
|
|
53
|
+
"package.json declares engines.node only with evidence.",
|
|
54
|
+
"npm ci passes with the synchronized lockfile.",
|
|
55
|
+
"Docs mention the supported Node version.",
|
|
56
|
+
"CI covers the minimum or the blocker is explicit."
|
|
57
|
+
],
|
|
58
|
+
"tests": [
|
|
59
|
+
"npm ci",
|
|
60
|
+
"node --test",
|
|
61
|
+
"git diff --check"
|
|
62
|
+
],
|
|
63
|
+
"validation_hints": [
|
|
64
|
+
"Do not infer Node minimum from current local Node version."
|
|
65
|
+
],
|
|
66
|
+
"estimated_hours": 3,
|
|
67
|
+
"status": "completed",
|
|
68
|
+
"blocked_reason": null,
|
|
69
|
+
"actual_hours": 2,
|
|
70
|
+
"completed_at": "2026-06-01T22:13:40-0300"
|
|
71
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
# CLOSURE_BRIEF - slice-02 migrate write-safety contract
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
Added a migrate write-safety gate before side effects, with TTY confirmation, no-TTY/JSON-safe refusal without `--yes`, explicit `migrate --yes` automation, dry-run preservation, localized messages, command docs, and tests.
|
|
6
|
+
|
|
7
|
+
## Validation
|
|
8
|
+
|
|
9
|
+
- [x] `node --test tests/commands/cli-contract.test.js`
|
|
10
|
+
- [x] `node --test tests/commands/init-profiles.test.js`
|
|
11
|
+
- [x] `node --test tests/commands/i18n-audit-matrix.test.js`
|
|
12
|
+
- [x] `node --test`
|
|
13
|
+
- [x] `npx -y node@20.12.0 --test tests/commands/cli-contract.test.js tests/commands/init-profiles.test.js tests/commands/i18n-audit-matrix.test.js`
|
|
14
|
+
- [x] `git diff --check`
|
|
15
|
+
|
|
16
|
+
## Closure Conditions
|
|
17
|
+
|
|
18
|
+
- [x] Confirmation occurs before side effects.
|
|
19
|
+
- [x] Cancellation/no-TTY paths are safe.
|
|
20
|
+
- [x] `--yes` and `--dry-run` contracts are tested.
|
|
21
|
+
|
|
22
|
+
## Open Items
|
|
23
|
+
|
|
24
|
+
- None.
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
# EXECUTION_BRIEF - slice-02 migrate write-safety contract
|
|
2
|
+
|
|
3
|
+
## Context
|
|
4
|
+
|
|
5
|
+
`migrate` writes project files. It must not perform side effects before explicit user confirmation or `--yes`.
|
|
6
|
+
|
|
7
|
+
## Objective
|
|
8
|
+
|
|
9
|
+
Require explicit confirmation before `migrate` performs any side effects.
|
|
10
|
+
|
|
11
|
+
## Scope
|
|
12
|
+
|
|
13
|
+
- TTY confirmation.
|
|
14
|
+
- no-TTY safe behavior.
|
|
15
|
+
- `migrate --yes`.
|
|
16
|
+
- `migrate --dry-run`.
|
|
17
|
+
- Parser/help/i18n/tests.
|
|
18
|
+
|
|
19
|
+
## Acceptance Criteria
|
|
20
|
+
|
|
21
|
+
- No side effects happen before confirmation.
|
|
22
|
+
- Cancellation leaves the tree unchanged.
|
|
23
|
+
- no-TTY without `--yes` is safe and actionable.
|
|
24
|
+
- `migrate --yes` proceeds without prompt.
|
|
25
|
+
- `migrate --dry-run` remains prompt-free and write-free.
|
|
26
|
+
- `--yes` help scope is updated.
|
|
27
|
+
- EN/ES messages exist.
|
|
28
|
+
|
|
29
|
+
## Expected Files To Modify
|
|
30
|
+
|
|
31
|
+
- `src/create-quiver/index.js`
|
|
32
|
+
- `src/create-quiver/lib/i18n/messages/en.js`
|
|
33
|
+
- `src/create-quiver/lib/i18n/messages/es.js`
|
|
34
|
+
- `tests/commands/parser-contract.test.js`
|
|
35
|
+
- `tests/commands/*migrate*.test.js`
|
|
36
|
+
- `docs/reference/commands.md`
|
|
37
|
+
- `docs/CLI_UX_GUIDE.md`
|
|
38
|
+
- `specs/quiver-v50-audit-trust-foundation/EVIDENCE_REPORT.md`
|
|
39
|
+
|
|
40
|
+
## Validations Required
|
|
41
|
+
|
|
42
|
+
- `node --test tests/commands/parser-contract.test.js`
|
|
43
|
+
- `node --test`
|
|
44
|
+
- `git diff --check`
|
|
45
|
+
|
|
46
|
+
## Risks
|
|
47
|
+
|
|
48
|
+
- Prompting too late after side effects.
|
|
49
|
+
- Treating `--yes` as unsupported or too global.
|
|
50
|
+
- Breaking automation/no-TTY flows.
|
|
51
|
+
|
|
52
|
+
## Dependencies
|
|
53
|
+
|
|
54
|
+
- Depends on `slice-00-audit-baseline-and-resolved-findings`.
|
|
55
|
+
|
|
56
|
+
## Instructions For Executor
|
|
57
|
+
|
|
58
|
+
1. Move confirmation before `packTemplate`, file writes, state updates, and install attempts.
|
|
59
|
+
2. Snapshot test cancellation and no-TTY behavior.
|
|
60
|
+
3. Keep dry-run behavior unchanged.
|
|
61
|
+
4. Keep stdout clean for machine-readable paths.
|
|
62
|
+
|
|
63
|
+
## Completion Checklist
|
|
64
|
+
|
|
65
|
+
- [ ] Acceptance criteria satisfied.
|
|
66
|
+
- [ ] Required validations run or blockers documented.
|
|
67
|
+
- [ ] Closure brief updated.
|
|
68
|
+
|
|
69
|
+
## Conditions Of Closure
|
|
70
|
+
|
|
71
|
+
- `migrate` cannot unexpectedly modify a project.
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
{
|
|
2
|
+
"slice_id": "slice-02-migrate-write-safety-contract",
|
|
3
|
+
"ticket": "QUIVER-50-02",
|
|
4
|
+
"type": "feature",
|
|
5
|
+
"title": "Migrate write-safety contract",
|
|
6
|
+
"objective": "Require explicit confirmation before migrate performs any side effects.",
|
|
7
|
+
"description": "Protects migrate writes with TTY confirmation, no-TTY safety, and a documented --yes automation path.",
|
|
8
|
+
"git": {
|
|
9
|
+
"branch_type": "feature",
|
|
10
|
+
"base_branch": "main",
|
|
11
|
+
"branch_slug": "v50-migrate-write-safety",
|
|
12
|
+
"branch_name": "feature/QUIVER-50-02-v50-migrate-write-safety"
|
|
13
|
+
},
|
|
14
|
+
"files": [
|
|
15
|
+
"src/create-quiver/index.js",
|
|
16
|
+
"src/create-quiver/lib/i18n/messages/en.js",
|
|
17
|
+
"src/create-quiver/lib/i18n/messages/es.js",
|
|
18
|
+
"tests/commands/cli-contract.test.js",
|
|
19
|
+
"tests/commands/init-profiles.test.js",
|
|
20
|
+
"tests/commands/i18n-audit-matrix.test.js",
|
|
21
|
+
"docs/reference/commands.md",
|
|
22
|
+
"docs/CLI_UX_GUIDE.md",
|
|
23
|
+
"specs/quiver-v43-cli-i18n-audit-release-readiness/command-language-mode-matrix.json",
|
|
24
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
25
|
+
],
|
|
26
|
+
"expected_read_paths": [
|
|
27
|
+
"src/create-quiver/index.js",
|
|
28
|
+
"src/create-quiver/commands/init.js",
|
|
29
|
+
"src/create-quiver/lib/cli/ux.js",
|
|
30
|
+
"tests/commands/cli-contract.test.js",
|
|
31
|
+
"tests/commands/init-profiles.test.js",
|
|
32
|
+
"tests/commands/i18n-audit-matrix.test.js"
|
|
33
|
+
],
|
|
34
|
+
"allowed_write_paths": [
|
|
35
|
+
"src/create-quiver/**",
|
|
36
|
+
"tests/**",
|
|
37
|
+
"docs/reference/commands.md",
|
|
38
|
+
"docs/CLI_UX_GUIDE.md",
|
|
39
|
+
"specs/quiver-v43-cli-i18n-audit-release-readiness/command-language-mode-matrix.json",
|
|
40
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
41
|
+
],
|
|
42
|
+
"depends_on": [
|
|
43
|
+
"slice-00-audit-baseline-and-resolved-findings"
|
|
44
|
+
],
|
|
45
|
+
"parallel_safe": "yes",
|
|
46
|
+
"parallel_safe_reason": "Touches migrate/parser/help but is isolated from runtime metadata and docs work.",
|
|
47
|
+
"must": [
|
|
48
|
+
"Prompt before any migrate side effect in TTY.",
|
|
49
|
+
"Refuse or guide safely in no-TTY without --yes.",
|
|
50
|
+
"Allow migrate --yes for automation.",
|
|
51
|
+
"Keep migrate --dry-run side-effect free and prompt-free.",
|
|
52
|
+
"Update --yes parser/help scope."
|
|
53
|
+
],
|
|
54
|
+
"not_included": [
|
|
55
|
+
"Changing migration semantics.",
|
|
56
|
+
"Removing legacy migrate paths."
|
|
57
|
+
],
|
|
58
|
+
"acceptance": [
|
|
59
|
+
"Cancellation leaves the file tree unchanged.",
|
|
60
|
+
"migrate --yes proceeds without prompt.",
|
|
61
|
+
"migrate --dry-run does not require --yes.",
|
|
62
|
+
"Warnings/prompts never pollute JSON stdout.",
|
|
63
|
+
"EN/ES messages are covered."
|
|
64
|
+
],
|
|
65
|
+
"tests": [
|
|
66
|
+
"node --test tests/commands/cli-contract.test.js",
|
|
67
|
+
"node --test tests/commands/init-profiles.test.js",
|
|
68
|
+
"node --test tests/commands/i18n-audit-matrix.test.js",
|
|
69
|
+
"node --test",
|
|
70
|
+
"npx -y node@20.12.0 --test tests/commands/cli-contract.test.js tests/commands/init-profiles.test.js tests/commands/i18n-audit-matrix.test.js",
|
|
71
|
+
"git diff --check"
|
|
72
|
+
],
|
|
73
|
+
"validation_hints": [
|
|
74
|
+
"Snapshot files before and after cancellation/no-TTY tests."
|
|
75
|
+
],
|
|
76
|
+
"estimated_hours": 6,
|
|
77
|
+
"status": "completed",
|
|
78
|
+
"blocked_reason": null,
|
|
79
|
+
"actual_hours": 6,
|
|
80
|
+
"completed_at": "2026-06-01T22:34:50-0300"
|
|
81
|
+
}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
# CLOSURE_BRIEF - slice-03 security reporting channel
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
Documented a concrete private email channel for vulnerability reports and recorded that GitHub Private Vulnerability Reporting is disabled until repository owners enable it.
|
|
6
|
+
|
|
7
|
+
## Validation
|
|
8
|
+
|
|
9
|
+
- [x] `gh repo view FabriJuncal/quiver --json nameWithOwner,isPrivate,viewerPermission,url`
|
|
10
|
+
- [x] `gh api repos/FabriJuncal/quiver/private-vulnerability-reporting --jq '.'`
|
|
11
|
+
- [x] `git diff --check`
|
|
12
|
+
- [x] `node bin/create-quiver.js spec validate specs/quiver-v50-audit-trust-foundation`
|
|
13
|
+
- [x] `node bin/create-quiver.js check-slice specs/quiver-v50-audit-trust-foundation/slices/slice-03-security-reporting-channel/slice.json --local`
|
|
14
|
+
|
|
15
|
+
## Closure Conditions
|
|
16
|
+
|
|
17
|
+
- [x] Concrete private security channel documented.
|
|
18
|
+
- [x] Evidence or external owner action recorded.
|
|
19
|
+
|
|
20
|
+
## Open Items
|
|
21
|
+
|
|
22
|
+
- Repository owners should enable GitHub Private Vulnerability Reporting in GitHub settings before replacing the email fallback.
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# EXECUTION_BRIEF - slice-03 security reporting channel
|
|
2
|
+
|
|
3
|
+
## Context
|
|
4
|
+
|
|
5
|
+
`SECURITY.md` currently asks for private reporting but must provide a concrete, usable channel.
|
|
6
|
+
|
|
7
|
+
## Objective
|
|
8
|
+
|
|
9
|
+
Make private vulnerability reporting concrete and verifiable.
|
|
10
|
+
|
|
11
|
+
## Scope
|
|
12
|
+
|
|
13
|
+
- `SECURITY.md`.
|
|
14
|
+
- Evidence of GitHub private reporting or fallback contact.
|
|
15
|
+
- Closure notes for any external owner action.
|
|
16
|
+
|
|
17
|
+
## Acceptance Criteria
|
|
18
|
+
|
|
19
|
+
- A concrete private reporting channel is documented.
|
|
20
|
+
- If GitHub Private Vulnerability Reporting is used, evidence or owner confirmation is recorded.
|
|
21
|
+
- If remote settings cannot be verified, a functional fallback channel is documented.
|
|
22
|
+
- No vague reporting instruction remains without a channel.
|
|
23
|
+
|
|
24
|
+
## Expected Files To Modify
|
|
25
|
+
|
|
26
|
+
- `SECURITY.md`
|
|
27
|
+
- `specs/quiver-v50-audit-trust-foundation/EVIDENCE_REPORT.md`
|
|
28
|
+
- `specs/quiver-v50-audit-trust-foundation/STATUS.md`
|
|
29
|
+
|
|
30
|
+
## Validations Required
|
|
31
|
+
|
|
32
|
+
- `git diff --check`
|
|
33
|
+
|
|
34
|
+
## Risks
|
|
35
|
+
|
|
36
|
+
- Treating an unverifiable GitHub setting as done.
|
|
37
|
+
- Publishing security contact instructions that do not work.
|
|
38
|
+
|
|
39
|
+
## Dependencies
|
|
40
|
+
|
|
41
|
+
- Depends on `slice-00-audit-baseline-and-resolved-findings`.
|
|
42
|
+
|
|
43
|
+
## Instructions For Executor
|
|
44
|
+
|
|
45
|
+
1. Pick the concrete reporting channel based on available repository settings.
|
|
46
|
+
2. If external verification is impossible, document the required owner action and fallback.
|
|
47
|
+
3. Keep wording concise and actionable.
|
|
48
|
+
|
|
49
|
+
## Completion Checklist
|
|
50
|
+
|
|
51
|
+
- [ ] Acceptance criteria satisfied.
|
|
52
|
+
- [ ] Required validations run or blockers documented.
|
|
53
|
+
- [ ] Closure brief updated.
|
|
54
|
+
|
|
55
|
+
## Conditions Of Closure
|
|
56
|
+
|
|
57
|
+
- Security reporters have a private path that can actually be used.
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
{
|
|
2
|
+
"slice_id": "slice-03-security-reporting-channel",
|
|
3
|
+
"ticket": "QUIVER-50-03",
|
|
4
|
+
"type": "documentation",
|
|
5
|
+
"title": "Security reporting channel",
|
|
6
|
+
"objective": "Make private vulnerability reporting concrete and verifiable.",
|
|
7
|
+
"description": "Updates SECURITY.md with a real private reporting path and records evidence or required owner confirmation.",
|
|
8
|
+
"git": {
|
|
9
|
+
"branch_type": "feature",
|
|
10
|
+
"base_branch": "main",
|
|
11
|
+
"branch_slug": "v50-security-reporting",
|
|
12
|
+
"branch_name": "feature/QUIVER-50-03-v50-security-reporting"
|
|
13
|
+
},
|
|
14
|
+
"files": [
|
|
15
|
+
"SECURITY.md",
|
|
16
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
17
|
+
],
|
|
18
|
+
"expected_read_paths": [
|
|
19
|
+
"SECURITY.md",
|
|
20
|
+
"docs/GITFLOW_PR_GUIDE.md"
|
|
21
|
+
],
|
|
22
|
+
"allowed_write_paths": [
|
|
23
|
+
"SECURITY.md",
|
|
24
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
25
|
+
],
|
|
26
|
+
"depends_on": [
|
|
27
|
+
"slice-00-audit-baseline-and-resolved-findings"
|
|
28
|
+
],
|
|
29
|
+
"parallel_safe": "yes",
|
|
30
|
+
"parallel_safe_reason": "Security docs are independent from code changes.",
|
|
31
|
+
"must": [
|
|
32
|
+
"Replace vague private reporting guidance with a concrete channel.",
|
|
33
|
+
"Record whether GitHub Private Vulnerability Reporting is activated or use an email fallback.",
|
|
34
|
+
"Document any required manual owner action."
|
|
35
|
+
],
|
|
36
|
+
"not_included": [
|
|
37
|
+
"Changing repository settings from code.",
|
|
38
|
+
"Creating public issue templates for vulnerabilities."
|
|
39
|
+
],
|
|
40
|
+
"acceptance": [
|
|
41
|
+
"SECURITY.md contains a concrete private channel.",
|
|
42
|
+
"Closure records evidence or owner-confirmation requirement.",
|
|
43
|
+
"No vague 'contact privately' wording remains without a channel."
|
|
44
|
+
],
|
|
45
|
+
"tests": [
|
|
46
|
+
"git diff --check"
|
|
47
|
+
],
|
|
48
|
+
"validation_hints": [
|
|
49
|
+
"If GitHub settings cannot be verified locally, record the external action explicitly."
|
|
50
|
+
],
|
|
51
|
+
"estimated_hours": 1,
|
|
52
|
+
"status": "completed",
|
|
53
|
+
"blocked_reason": null,
|
|
54
|
+
"actual_hours": 1,
|
|
55
|
+
"completed_at": "2026-06-01T22:23:21-0300"
|
|
56
|
+
}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
# CLOSURE_BRIEF - slice-04 user-facing i18n error coverage
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
Localized covered user-facing error wrappers for `config`, `evidence`, `graph`, and `spec` command paths, including parser/wiring paths in `index.js`, command-to-library evidence errors, graph format errors, and spec create/validate wrappers. Documented technical allowlist and confirmed `commands/ai-core.js` does not exist in the current repo.
|
|
6
|
+
|
|
7
|
+
## Validation
|
|
8
|
+
|
|
9
|
+
- [x] `node --test tests/commands/i18n-audit-matrix.test.js`
|
|
10
|
+
- [x] `node --test tests/lib/i18n-catalog.test.js`
|
|
11
|
+
- [x] `node --test tests/commands/config-language.test.js tests/commands/evidence.test.js tests/commands/graph.test.js tests/commands/spec-validate.test.js tests/commands/spec-create.test.js tests/lib/i18n-catalog.test.js tests/commands/i18n-audit-matrix.test.js`
|
|
12
|
+
- [x] `node --test`
|
|
13
|
+
- [x] `git diff --check`
|
|
14
|
+
|
|
15
|
+
## Closure Conditions
|
|
16
|
+
|
|
17
|
+
- [x] User-facing errors localized in covered paths.
|
|
18
|
+
- [x] Allowlist documented in `EVIDENCE_REPORT.md`.
|
|
19
|
+
- [x] JSON stdout contracts preserved for covered error tests.
|
|
20
|
+
|
|
21
|
+
## Open Items
|
|
22
|
+
|
|
23
|
+
- None.
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
# EXECUTION_BRIEF - slice-04 user-facing i18n error coverage
|
|
2
|
+
|
|
3
|
+
## Context
|
|
4
|
+
|
|
5
|
+
The audit found user-facing errors that bypass i18n. Some errors originate in libraries invoked by commands, not only command files.
|
|
6
|
+
|
|
7
|
+
## Objective
|
|
8
|
+
|
|
9
|
+
Ensure user-facing errors in covered command paths respect EN/ES language selection.
|
|
10
|
+
|
|
11
|
+
## Scope
|
|
12
|
+
|
|
13
|
+
- Covered command paths and invoked libraries.
|
|
14
|
+
- EN/ES catalog keys.
|
|
15
|
+
- Allowlist for technical strings.
|
|
16
|
+
- Behavior tests for errors.
|
|
17
|
+
|
|
18
|
+
## Acceptance Criteria
|
|
19
|
+
|
|
20
|
+
- Covered errors localize with `--lang es` and `--lang en`.
|
|
21
|
+
- JSON stdout remains parseable and free of human warnings.
|
|
22
|
+
- Catalog completeness passes.
|
|
23
|
+
- Allowlisted strings are documented.
|
|
24
|
+
- No command semantics change.
|
|
25
|
+
|
|
26
|
+
## Expected Files To Modify
|
|
27
|
+
|
|
28
|
+
- `src/create-quiver/commands/**`
|
|
29
|
+
- `src/create-quiver/lib/**`
|
|
30
|
+
- `src/create-quiver/lib/i18n/messages/en.js`
|
|
31
|
+
- `src/create-quiver/lib/i18n/messages/es.js`
|
|
32
|
+
- `tests/commands/i18n-audit-matrix.test.js`
|
|
33
|
+
- `tests/lib/i18n-catalog.test.js`
|
|
34
|
+
- `specs/quiver-v50-audit-trust-foundation/EVIDENCE_REPORT.md`
|
|
35
|
+
|
|
36
|
+
## Validations Required
|
|
37
|
+
|
|
38
|
+
- `node --test tests/commands/i18n-audit-matrix.test.js`
|
|
39
|
+
- `node --test tests/lib/i18n-catalog.test.js`
|
|
40
|
+
- `node --test`
|
|
41
|
+
- `git diff --check`
|
|
42
|
+
|
|
43
|
+
## Risks
|
|
44
|
+
|
|
45
|
+
- Localizing machine-readable values.
|
|
46
|
+
- Missing errors thrown by libs.
|
|
47
|
+
- Breaking tests that assert exact messages.
|
|
48
|
+
|
|
49
|
+
## Dependencies
|
|
50
|
+
|
|
51
|
+
- Depends on `slice-00-audit-baseline-and-resolved-findings`.
|
|
52
|
+
|
|
53
|
+
## Instructions For Executor
|
|
54
|
+
|
|
55
|
+
1. Trace real command failure paths.
|
|
56
|
+
2. Add catalog keys only for user-facing text.
|
|
57
|
+
3. Keep JSON fields and codes stable.
|
|
58
|
+
4. Record allowlist rationale.
|
|
59
|
+
|
|
60
|
+
## Completion Checklist
|
|
61
|
+
|
|
62
|
+
- [ ] Acceptance criteria satisfied.
|
|
63
|
+
- [ ] Required validations run or blockers documented.
|
|
64
|
+
- [ ] Closure brief updated.
|
|
65
|
+
|
|
66
|
+
## Conditions Of Closure
|
|
67
|
+
|
|
68
|
+
- Covered command errors honor Quiver's bilingual contract.
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
{
|
|
2
|
+
"slice_id": "slice-04-user-facing-i18n-error-coverage",
|
|
3
|
+
"ticket": "QUIVER-50-04",
|
|
4
|
+
"type": "quality",
|
|
5
|
+
"title": "User-facing i18n error coverage",
|
|
6
|
+
"objective": "Ensure user-facing errors in covered command paths respect EN/ES language selection.",
|
|
7
|
+
"description": "Audits commands and invoked libraries for hardcoded user-facing errors and replaces them with catalog-backed messages where needed.",
|
|
8
|
+
"git": {
|
|
9
|
+
"branch_type": "feature",
|
|
10
|
+
"base_branch": "main",
|
|
11
|
+
"branch_slug": "v50-i18n-error-coverage",
|
|
12
|
+
"branch_name": "feature/QUIVER-50-04-v50-i18n-error-coverage"
|
|
13
|
+
},
|
|
14
|
+
"files": [
|
|
15
|
+
"src/create-quiver/commands/**",
|
|
16
|
+
"src/create-quiver/index.js",
|
|
17
|
+
"src/create-quiver/lib/**",
|
|
18
|
+
"tests/commands/config-language.test.js",
|
|
19
|
+
"tests/commands/evidence.test.js",
|
|
20
|
+
"tests/commands/graph.test.js",
|
|
21
|
+
"tests/commands/spec-create.test.js",
|
|
22
|
+
"tests/commands/spec-validate.test.js",
|
|
23
|
+
"tests/commands/i18n-audit-matrix.test.js",
|
|
24
|
+
"tests/lib/i18n-catalog.test.js",
|
|
25
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
26
|
+
],
|
|
27
|
+
"expected_read_paths": [
|
|
28
|
+
"src/create-quiver/commands/config.js",
|
|
29
|
+
"src/create-quiver/commands/evidence.js",
|
|
30
|
+
"src/create-quiver/commands/spec.js",
|
|
31
|
+
"src/create-quiver/commands/graph.js",
|
|
32
|
+
"src/create-quiver/commands/prepare.js",
|
|
33
|
+
"src/create-quiver/commands/ai.js",
|
|
34
|
+
"src/create-quiver/index.js",
|
|
35
|
+
"src/create-quiver/lib/evidence.js",
|
|
36
|
+
"src/create-quiver/lib/i18n/catalog.js",
|
|
37
|
+
"src/create-quiver/lib/i18n/messages/en.js",
|
|
38
|
+
"src/create-quiver/lib/i18n/messages/es.js"
|
|
39
|
+
],
|
|
40
|
+
"allowed_write_paths": [
|
|
41
|
+
"src/create-quiver/commands/**",
|
|
42
|
+
"src/create-quiver/index.js",
|
|
43
|
+
"src/create-quiver/lib/**",
|
|
44
|
+
"tests/commands/**",
|
|
45
|
+
"tests/lib/**",
|
|
46
|
+
"specs/quiver-v50-audit-trust-foundation/**"
|
|
47
|
+
],
|
|
48
|
+
"depends_on": [
|
|
49
|
+
"slice-00-audit-baseline-and-resolved-findings"
|
|
50
|
+
],
|
|
51
|
+
"parallel_safe": "yes",
|
|
52
|
+
"parallel_safe_reason": "Can run independently after baseline, but coordinate catalog keys with slice-05.",
|
|
53
|
+
"must": [
|
|
54
|
+
"Audit command-to-library error paths.",
|
|
55
|
+
"Localize user-facing errors in EN/ES.",
|
|
56
|
+
"Maintain JSON stdout cleanliness.",
|
|
57
|
+
"Document allowlisted technical strings."
|
|
58
|
+
],
|
|
59
|
+
"not_included": [
|
|
60
|
+
"Localizing machine-readable JSON keys.",
|
|
61
|
+
"Changing command semantics."
|
|
62
|
+
],
|
|
63
|
+
"acceptance": [
|
|
64
|
+
"Covered errors respect --lang es and --lang en.",
|
|
65
|
+
"Catalog completeness passes.",
|
|
66
|
+
"No user-facing hardcoded English error remains in covered paths outside allowlist.",
|
|
67
|
+
"JSON outputs remain parseable."
|
|
68
|
+
],
|
|
69
|
+
"tests": [
|
|
70
|
+
"node --test tests/commands/i18n-audit-matrix.test.js",
|
|
71
|
+
"node --test tests/lib/i18n-catalog.test.js",
|
|
72
|
+
"node --test tests/commands/config-language.test.js tests/commands/evidence.test.js tests/commands/graph.test.js tests/commands/spec-validate.test.js tests/commands/spec-create.test.js tests/lib/i18n-catalog.test.js tests/commands/i18n-audit-matrix.test.js",
|
|
73
|
+
"node --test",
|
|
74
|
+
"git diff --check"
|
|
75
|
+
],
|
|
76
|
+
"validation_hints": [
|
|
77
|
+
"Validate behavior by executing commands, not only by grep."
|
|
78
|
+
],
|
|
79
|
+
"estimated_hours": 6,
|
|
80
|
+
"status": "completed",
|
|
81
|
+
"blocked_reason": null,
|
|
82
|
+
"actual_hours": 6,
|
|
83
|
+
"completed_at": "2026-06-01T22:51:25-0300"
|
|
84
|
+
}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# CLOSURE_BRIEF - slice-05 init/analyze progress and summaries
|
|
2
|
+
|
|
3
|
+
## Summary
|
|
4
|
+
|
|
5
|
+
Added safe transient progress for `init` and `analyze` using `createUx.withSpinner(..., { echo: false })`, preserving existing final summaries and suppressing progress in no-TTY, CI, JSON, and `--no-color` paths. The repo does not have separate `commands/init.js` or `commands/analyze.js`; both flows are implemented in `src/create-quiver/index.js`.
|
|
6
|
+
|
|
7
|
+
## Validation
|
|
8
|
+
|
|
9
|
+
- [x] `node --test tests/commands/analyze.test.js`
|
|
10
|
+
- [x] `node --test tests/commands/init-profiles.test.js`
|
|
11
|
+
- [x] `node --test tests/lib/cli-ux.test.js tests/lib/i18n-catalog.test.js`
|
|
12
|
+
- [x] `node --test`
|
|
13
|
+
- [x] `git diff --check`
|
|
14
|
+
- [x] `node bin/create-quiver.js spec validate specs/quiver-v50-audit-trust-foundation`
|
|
15
|
+
- [x] `node bin/create-quiver.js check-slice specs/quiver-v50-audit-trust-foundation/slices/slice-05-init-analyze-progress-and-summaries/slice.json --local`
|
|
16
|
+
|
|
17
|
+
## Closure Conditions
|
|
18
|
+
|
|
19
|
+
- [x] TTY progress added safely.
|
|
20
|
+
- [x] CI/no-TTY/JSON/no-color behavior preserved by tests and `echo:false` contract.
|
|
21
|
+
- [x] Stable summaries and i18n complete for new messages.
|
|
22
|
+
|
|
23
|
+
## Open Items
|
|
24
|
+
|
|
25
|
+
- None.
|