create-vasvibe 2.1.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -51,17 +51,22 @@ cd my-new-project
51
51
  - 🧠 **Mengambil keputusan** berdasarkan context dan error feedback
52
52
  - 📝 **Membuat dokumentasi** otomatis dari perubahan yang dilakukan
53
53
 
54
- Dalam workflow ini, kita menggunakan **8 AI Agent persona** yang bekerja secara terspesialisasi (mirip tim development sesungguhnya).
54
+ Dalam workflow ini, kita menggunakan **19 AI Agent persona** yang bekerja secara terspesialisasi (mirip tim development sesungguhnya) di dalam **4-fase model**: Perencanaan → Pengerjaan → Testing → Hardening.
55
55
 
56
56
  ---
57
57
 
58
- ## 🚀 Filosofi
59
- 1. **Context is King:** AI tidak bisa bekerja tanpa konteks. `project_overview.md` adalah otak proyek ini.
60
- 2. **Infrastructure First:** Jangan menulis kode fitur sebelum environment (Docker) siap.
61
- 3. **Role Segregation:** Analis, Developer, dan QA adalah persona berbeda dengan tanggung jawab spesifik.
62
- 4. **Log Everything:** Setiap sesi coding dan testing dicatat untuk menjaga kontinuitas memori AI.
63
- 5. **Human-in-the-Loop:** Manusia sebagai Decision Maker, AI sebagai Executor.
64
- 6. **Git Branching & Repo Management:** Agent seperti Developer, Fixer, dan Tester dibekali pemahaman ketat mengenai *git branching* (membuat branch, pull/merge origin) untuk menjaga keutuhan `main`/`development` branch.
58
+ ## 🚀 Filosofi (v2.2)
59
+
60
+ 1. **4-Phase Model (Fase Gated):** Perencanaan Pengerjaan Testing Hardening. Tiap fase ada **gate** (checkpoint manusia) sebelum lanjut fase berikutnya. Tidak ada yang jalan diam-diam.
61
+ 2. **No Silent Changes:** Setiap perubahan yang diminta harus **ditulis ke dokumen acuan** (spec, requirement, ADR) dan di-propagate ke agen terkait. Result: rework minimal, audit trail jelas.
62
+ 3. **Context is King:** AI tidak bisa bekerja tanpa konteks. `project_overview.md` + specifications/ adalah otak proyek.
63
+ 4. **Work Depth Flexibility:** 3 level kedalaman (`fast`/`standard`/`deep`). Mulai fast untuk validate ide, naik standard saat serius, deep hanya untuk area sensitif.
64
+ 5. **Tool-Agnostic Workflow:** Agent berjalan di Claude Code, OpenCode, GitHub Copilot, Antigravity. Source of truth di `agent/workflows/`, propagate ke tool-specific folders.
65
+ 6. **Desired-State Architecture (Toolsmith):** `state/workspace-manifest.json` adalah manifest platform-agnostic. Toolsmith: install skills + MCP sesuai tech stack, re-applicable saat ganti tool.
66
+ 7. **Role Segregation:** 19 agen specialized dengan tanggung jawab clear. Backend ≠ Frontend ≠ Security ≠ DevOps.
67
+ 8. **Log Everything:** Setiap sesi coding, testing, fixing tercatat untuk kontinuitas AI memori.
68
+ 9. **Human-in-the-Loop:** Manusia = Decision Maker (bisnis, arch, security, UX). AI = Executor (code, test, doc).
69
+ 10. **Git Workflow Compliance:** Agen (Developer, QA, Security, Reliability) mengikuti `_shared/git-branch-management.md` ketat.
65
70
 
66
71
  ---
67
72
 
@@ -91,13 +96,23 @@ root/
91
96
  ├── project_overview.md # [MASTER] Definisi produk, tech stack, & UI/UX
92
97
  │ # 👤 HUMAN: Review & approve setelah Initiator Agent buat
93
98
 
99
+ ├── state/ # [CONFIG] Workspace manifest & knowledge base ⭐ v2.2
100
+ │ ├── workspace-manifest.json # Desired-state: skills[], mcp[], appliedTo platform
101
+ │ └── knowledge_base/ # Living docs: architecture, data-model, design-system, security, ADR/
102
+ │ ├── architecture.md
103
+ │ ├── data-model.md
104
+ │ ├── design-system.md
105
+ │ ├── security-standards.md
106
+ │ └── adr/ # Keputusan teknis (Architecture Decision Records)
107
+
94
108
  ├── specifications/ # [DOCS] Output dari Analyst Agent
95
109
  │ ├── README.md # Index semua spesifikasi
96
110
  │ ├── 000_spec_environment_setup.md # Infrastruktur (Wajib pertama)
97
111
  │ ├── 001_spec_database_schema.md
98
- └── ... # 👤 HUMAN: Review setiap spec sebelum dev
112
+ ├── requirements.md # Hasil Discovery Agent (user story, constraint, scope)
113
+ │ └── api-contract.md # API Contract (final sebelum Fase 2)
99
114
 
100
- ├── task/ # [PROJECT MANAGEMENT] Output dari PM Agent ⭐ NEW
115
+ ├── task/ # [PROJECT MANAGEMENT] Output dari PM Agent
101
116
  │ ├── task_list.md # Central task tracking (priority, status, dependencies)
102
117
  │ ├── PROJECT_STATUS_REPORT.md # Progress reports
103
118
  │ ├── TASK-001/ # Folder khusus per task
@@ -105,27 +120,24 @@ root/
105
120
  │ │ └── ...
106
121
  │ └── TASK-002/ # Setiap task baru akan diisolasi ke dalam sub-folder tersendiri
107
122
 
108
- ├── architecture/ # [INFRA] Output dari SysArch Agent
109
- │ ├── current_state.md # Application analysis
110
- │ ├── server_specifications.md # Server specs (CPU, RAM, Storage)
111
- │ └── ...
112
-
113
- ├── codes/ # [SRC] Output dari Developer Agent
123
+ ├── codes/ # [SRC] Output dari Backend + Frontend atau Fullstack
114
124
  │ ├── docker-compose.yml
115
125
  │ ├── package.json
116
126
  │ ├── app/ # Aplikasi utama
117
127
  │ └── ... # 👤 HUMAN: Code review & testing manual
118
128
 
119
129
  ├── tests/ # [TEST] Output dari Tester Agent
120
- └── e2e/ # 👤 HUMAN: Verify test results
130
+ ├── e2e/ # Playwright E2E tests
131
+ │ └── integration/ # Integration tests
121
132
 
122
- ├── logs/ # [TRACKING] Auto-generated logs
123
- │ ├── development/ # Developer Agent logs
133
+ ├── logs/ # [TRACKING] Auto-generated logs per phase
134
+ │ ├── development/ # Backend + Frontend + Fullstack logs
124
135
  │ ├── testing/ # Tester Agent logs
125
136
  │ └── fixing/ # Bug fixing logs
126
137
 
127
138
  └── documentation/ # [FINAL] Technical Writer output
128
- └── FSD_{{projectName}}.md # Functional Specification Document
139
+ ├── FSD_{{projectName}}.md # Functional Specification Document
140
+ └── API_Documentation.md
129
141
  ```
130
142
 
131
143
  **Legend:**
@@ -135,27 +147,424 @@ root/
135
147
 
136
148
  ---
137
149
 
138
- ## 🤖 AI Agent Personas & Capabilities
150
+ ## 📊 Folder `state/` Workspace State & Knowledge Base
151
+
152
+ Folder ini adalah **jantung kontinuitas project** — menyimpan manifest provisioning, context session, dan knowledge base project.
153
+
154
+ ### **Struktur dan Fungsi**
155
+
156
+ ```
157
+ state/
158
+ ├── workspace-manifest.json # 🤖 Desired-state (platform-agnostic)
159
+ ├── context.json # 🤖 Session continuity (agent handoff)
160
+ ├── agent_handoff.json # 🤖 Current handoff (agent-to-agent)
161
+ └── knowledge_base/ # 📝 Living docs (architecture, design, decisions)
162
+ ├── requirements/ # User stories, scope, constraint dari Discovery
163
+ ├── architecture.md # High-level design (system architecture, tech decisions)
164
+ ├── data-model.md # Database schema, ERD, relationships
165
+ ├── design-system.md # UI/UX guidelines (colors, typography, components)
166
+ ├── security-standards.md # Security policies, compliance requirements
167
+ └── decisions/ # ADR (Architecture Decision Records)
168
+ └── adr-001-*.md # Keputusan teknis signifikan (why, trade-offs)
169
+ ```
170
+
171
+ ### **1. workspace-manifest.json** — Agentic Workspace Provisioning
172
+
173
+ **Ditulis oleh:** Toolsmith agent (mode `init`, `switch`, `sync`)
174
+
175
+ **Dibaca oleh:** Toolsmith, Orchestrator (untuk verify readiness)
176
+
177
+ **Fungsi:** Platform-agnostic source of truth untuk workspace setup.
178
+
179
+ ```json
180
+ {
181
+ "project": "booking-kapal-wisata",
182
+ "decidedFrom": ["project_overview.md tech stack", "find-skills"],
183
+ "skills": [
184
+ { "id": "find-skills", "reason": "discover further skills" },
185
+ { "id": "ui-ux-pro-max", "reason": "Next.js + Tailwind UI" }
186
+ ],
187
+ "mcp": [
188
+ { "id": "filesystem", "reason": "workspace grounding" },
189
+ { "id": "git", "reason": "code-aware context" }
190
+ ],
191
+ "appliedTo": {
192
+ "claude-code": "2025-06-23 09:15",
193
+ "opencode": null,
194
+ "antigravity": null,
195
+ "github-copilot": null
196
+ },
197
+ "revisionHistory": [
198
+ { "timestamp": "2025-06-23 09:15", "agent": "toolsmith", "change": "initial provisioning" }
199
+ ]
200
+ }
201
+ ```
202
+
203
+ **Workflow Toolsmith:**
204
+ - **Mode init** (Fase 1 step 3b) — Toolsmith read `project_overview.md` tech stack, konsultasi `schemas/workspace-registry.json`, derive skills + MCP, tulis manifest, apply ke tool aktif
205
+ - **Mode sync** (Fase 2 step 0) — Verify manifest sesuai config aktual, deteksi drift, update jika perlu
206
+ - **Mode switch** (developer pindah tool) — Read manifest lama, apply ke tool baru tanpa re-derive
207
+
208
+ **Aturan:**
209
+ - Manifest adalah keputusan shared — jika ada request ganti skill/MCP, **update dokumen acuan terlebih dahulu** (No Silent Changes)
210
+ - Secrets (API keys, db password) ditulis sebagai `${VAR}` placeholder → developer isi di `.env`
211
+ - Per-tool config files (`.mcp.json`, `opencode.json`, dll) adalah **derived artifacts** — jangan edit manual, biarkan Toolsmith manage
212
+
213
+ ---
214
+
215
+ ### **2. context.json** — Session Continuity
216
+
217
+ **Ditulis oleh:** Setiap agent di **akhir session** (jika ada perubahan)
218
+
219
+ **Dibaca oleh:** Setiap agent di **awal session** (context awareness)
220
+
221
+ **Fungsi:** Menjaga continuity workflow antar-session/antar-developer.
222
+
223
+ ```json
224
+ {
225
+ "project_name": "booking-kapal-wisata",
226
+ "last_updated": "2025-06-23 14:30",
227
+ "last_agent": "backend",
228
+ "current_sprint": "Sprint 1 - Auth & Database",
229
+ "active_tasks": ["TASK-001", "TASK-002"],
230
+ "blocked_tasks": [],
231
+ "notes": "TASK-001 (Backend Login) ready for QA. TASK-002 (Frontend Login UI) in progress—waiting for API Contract finalization"
232
+ }
233
+ ```
234
+
235
+ **Aturan:**
236
+ - Setiap agent WAJIB baca file ini di awal untuk understand status project
237
+ - Update di akhir dengan status terkini, task active, blocker, dll
238
+ - Format ketat (JSON) — parser automation bergantung pada structure consistent
239
+
240
+ **Contoh flow:**
241
+ ```
242
+ Backend Agent (09:00) baca context.json
243
+ → lanjut TASK-001 dari status "dev"
244
+ → selesai, update context: active_tasks=[TASK-002], last_agent="backend", notes="ready for QA"
245
+ → simpan context.json
246
+
247
+ Frontend Agent (10:00) baca context.json
248
+ → lihat last_agent="backend", notes="ready for QA"
249
+ → understand Backend sudah selesai, siap kolaborasi via API Contract
250
+ → lanjut TASK-002
251
+ → update context di akhir
252
+ ```
253
+
254
+ ---
255
+
256
+ ### **3. agent_handoff.json** — Agent-to-Agent Handoff
257
+
258
+ **Ditulis oleh:** Agent yang mengirim task (overwrite setiap handoff)
259
+
260
+ **Dibaca oleh:** Agent penerima (instruction + artifacts)
261
+
262
+ **Fungsi:** Detailed handoff notes + artifact pointers untuk agent berikutnya.
263
+
264
+ ```json
265
+ {
266
+ "from_agent": "backend",
267
+ "to_agent": "qa",
268
+ "task_id": "TASK-001",
269
+ "timestamp": "2025-06-23 14:30",
270
+ "status": "ready_to_test",
271
+ "notes": "Login API selesai (POST /api/auth/login, POST /api/auth/refresh). Test case priority: validasi email invalid, password wrong, token refresh expired.",
272
+ "artifacts": [
273
+ "codes/src/app/api/auth/login/route.ts",
274
+ "codes/src/app/api/auth/refresh/route.ts",
275
+ "logs/development/dev_001_login.md"
276
+ ]
277
+ }
278
+ ```
279
+
280
+ **Aturan:**
281
+ - Hanya menyimpan handoff **terakhir** (overwrite, jangan append)
282
+ - Artifacts path harus relative ke repo root
283
+ - Gunakan saat menyerahkan task antar-agent formal (bukan sekadar update status di task_list.md)
284
+
285
+ ---
286
+
287
+ ### **4. knowledge_base/** — Living Documentation
288
+
289
+ **Ditulis oleh:** Berbagai agen (Discovery, Analyst, Data Architect, UX Designer, Security, PM)
290
+
291
+ **Dibaca oleh:** Semua agen (setiap agen wajib baca acuan sebelum kerja)
292
+
293
+ **Fungsi:** Single source of truth untuk architectural decisions, design, security policies, dll.
294
+
295
+ #### **knowledge_base/requirements/**
296
+ - Ditulis oleh: **Discovery Agent** (Fase 1 awal)
297
+ - Isi: User stories, scope, constraint, acceptance criteria, assumptions
298
+ - Dibaca oleh: Initiator, Analyst, PM
299
+ - Update: Discovery/Analyst saat scope berubah (dengan gate)
300
+
301
+ #### **knowledge_base/architecture.md**
302
+ - Ditulis oleh: **Initiator** → high-level, **Backend/DevOps** → detailed
303
+ - Isi: System design, tech stack rationale, API patterns, deployment strategy
304
+ - Dibaca oleh: Semua agen (terutama Backend, Frontend, DevOps)
305
+ - Update: Saat ada architectural change (ADR required)
306
+
307
+ #### **knowledge_base/data-model.md**
308
+ - Ditulis oleh: **Data Architect** (Fase 1), **Backend** (maintenance)
309
+ - Isi: Database schema, ERD, indexes, relationships, data governance
310
+ - Dibaca oleh: Backend, Frontend (untuk API contract), Analyst
311
+ - Update: Saat ada schema change (migration + dokumentasi)
312
+
313
+ #### **knowledge_base/design-system.md**
314
+ - Ditulis oleh: **UX Designer** (Fase 1), **Frontend** (maintenance)
315
+ - Isi: Color palette, typography, component library, motion, accessibility
316
+ - Dibaca oleh: Frontend, Backend (untuk validation), Design feedback
317
+ - Update: Saat ada design change (dengan gate)
318
+
319
+ #### **knowledge_base/security-standards.md**
320
+ - Ditulis oleh: **Security Expert** (Fase 1 Mode S, atau Fase 4 audit)
321
+ - Isi: Authentication strategy, encryption, data protection, OWASP, compliance
322
+ - Dibaca oleh: Backend, DevOps, QA (untuk security testing)
323
+ - Update: Saat ada security audit findings atau new requirement (dengan gate)
324
+
325
+ #### **knowledge_base/decisions/**
326
+ - ADR (Architecture Decision Records) untuk keputusan signifikan
327
+ - Format: ADR-001-*.md (title-kebab-case)
328
+ - Isi: Decision, context, alternatives considered, rationale, consequences
329
+ - Ditulis oleh: Agent yang propose (dengan human approval)
330
+ - Dibaca oleh: Semua agen (sebelum buat keputusan serupa)
331
+
332
+ ---
333
+
334
+ ### **Aturan Interaksi state/ folder** ⚠️
335
+
336
+ #### **1. Read sebelum action**
337
+ ```bash
338
+ # Setiap agent WAJIB baca di awal session:
339
+ 1. context.json — understand current status
340
+ 2. agent_handoff.json — jika ada handoff yang ditunggu
341
+ 3. knowledge_base/* — acuan untuk domain spesifik
342
+ ```
343
+
344
+ #### **2. Update dengan disiplin**
345
+ - **context.json** — update hanya di akhir session (jika ada change)
346
+ - **agent_handoff.json** — tulis hanya saat handoff formal antar-agent
347
+ - **knowledge_base/** — update hanya jika change terverifikasi/approved (No Silent Changes)
348
+
349
+ #### **3. Jangan edit manual**
350
+ - `workspace-manifest.json` — Toolsmith yang kelola (jangan diedit manual)
351
+ - `context.json`, `agent_handoff.json` — Agent yang kelola (format ketat untuk parser)
352
+ - `knowledge_base/` — Hanya agen authorized yang edit (Discovery → requirements, Architect → architecture, dll)
139
353
 
140
- Dalam workflow ini, kita memecah siklus SDLC (Software Development Life Cycle) menjadi 8 **persona agen terspesialisasi**:
354
+ #### **4. Conflict resolution**
355
+ - Jika ada conflict di `knowledge_base/` (dua agen edit file sama), **winner adalah yang lebih recent** (by timestamp)
356
+ - Jika conflict signifikan, human harus approve di gate
141
357
 
142
- 1. **Initiator Agent** (`/initiator`) - Project kickoff & overview
143
- 2. **PM Agent** (`/pm`) - Task management & coordination
144
- 3. **Analyst Agent** (`/analyst`) - Technical specifications
145
- 4. **Developer Agent** (`/developer`) - Code implementation (termasuk Repo Management)
146
- 5. **Tester Agent** (`/tester`) - Test automation & QA (termasuk Repo Management)
147
- 6. **Fixer Agent** (`/fixer`) - Bug fixing & debugging (termasuk Repo Management)
148
- 7. **SysArch Agent** (`/sysarch`) - Infrastructure & deployment planning
149
- 8. **Document Agent** (`/document`) - Final documentation
358
+ #### **5. Tidak ada "hardcoded state"**
359
+ - state/ folder adalah **tentative** (bisa berubah saat gate review)
360
+ - Final truth tetap di dokumen acuan (specifications/, project_overview.md)
361
+ - state/ adalah **convenience cache** untuk agen continuity, bukan single source of truth
362
+
363
+ ---
364
+
365
+ ### **Contoh Workflow Lengkap**
366
+
367
+ ```
368
+ 🟦 FASE 1 (Perencanaan)
369
+
370
+ [Discovery] Interview → tulis requirements.md di state/knowledge_base/requirements/
371
+ [Initiator] Baca requirements.md → tulis project_overview.md + architecture.md di knowledge_base/
372
+ [Analyst] Baca project_overview.md → tulis api-contract.md di specifications/
373
+ → Update context.json: active_tasks=[TASK-001], notes="API Contract finalized, ready for Fase 2"
374
+ [UX Designer] Baca architecture.md → tulis design-system.md di knowledge_base/
375
+ [Data Architect] Baca architecture.md → tulis data-model.md di knowledge_base/
376
+ [Toolsmith] (Mode init) Baca project_overview.md → derive workspace manifest → tulis state/workspace-manifest.json
377
+ → Apply ke tool aktif (.mcp.json / opencode.json / dll)
378
+
379
+ 👤 GATE: Human approve API Contract + workspace setup → Fase 1 done
380
+
381
+ ---
382
+
383
+ 🟩 FASE 2 (Pengerjaan)
384
+
385
+ [Toolsmith] (Mode sync) Verify manifest sesuai config aktif → detect drift jika ada
386
+ [Backend] Baca context.json → active_tasks=[TASK-001]
387
+ → Baca api-contract.md di specifications/
388
+ → Baca data-model.md di knowledge_base/
389
+ → Implementasi login API
390
+ → Update context.json: last_agent="backend", notes="Login API ready"
391
+ → Tulis agent_handoff.json → to_agent="qa", status="ready_to_test"
392
+
393
+ [QA] Baca context.json → lihat last_agent="backend"
394
+ → Baca agent_handoff.json → understand task & artifacts
395
+ → Review code, run security checks
396
+ → Approve atau request fix
397
+
398
+ [Frontend] Paralel dengan Backend
399
+ → Baca api-contract.md, design-system.md
400
+ → Implementasi login UI
401
+ → Update context.json
402
+
403
+ 👤 GATE: Human approve kode → Fase 2 done
404
+
405
+ ---
406
+
407
+ 🟨 FASE 3 (Testing) & 🟧 FASE 4 (Hardening)
408
+
409
+ [Tester] Baca context.json → understand status
410
+ → Run E2E tests
411
+ → Report findings
412
+
413
+ [Security] Baca knowledge_base/security-standards.md (jika ada)
414
+ → Audit code
415
+ → Propose changes → ADR jika signifikan
416
+ → Update knowledge_base/decisions/
417
+
418
+ → Update context.json, agent_handoff.json sesuai handoff
419
+ ```
420
+
421
+ ---
422
+
423
+ ### **Best Practice**
424
+
425
+ 1. **Treat state/ as continuity**, not source of truth
426
+ - Source of truth tetap di `specifications/`, `project_overview.md`, `knowledge_base/`
427
+ - state/ adalah **derived convenience** untuk agen awareness
428
+
429
+ 2. **Keep context.json brief**
430
+ - Jangan simpan data besar — hanya summary + pointers
431
+ - Detail ada di task/task_list.md, logs/, artifacts
432
+
433
+ 3. **Honor handoff protocol**
434
+ - Jangan skip agent_handoff.json saat formal handoff
435
+ - Frontend tunggu Backend siap sebelum mulai (via handoff + API Contract)
436
+
437
+ 4. **Document decisions**
438
+ - Keputusan signifikan (architecture, security, data-model) → ADR di decisions/
439
+ - Jangan hanya di chat/notes — harus permanent di KB
440
+
441
+ ---
442
+
443
+ ## 🤖 19 AI Agent Personas & Capabilities
444
+
445
+ {{projectName}} v2.2 menggunakan **19 agent terspesialisasi** di 4 fase:
446
+
447
+ **Fase 1 — Perencanaan (Discovery & Blueprint):**
448
+ - **Discovery Agent** — Wawancara kebutuhan → requirements.md
449
+ - **Initiator Agent** — Tulis project_overview.md (tech stack, UI/UX, roadmap)
450
+ - **Data Architect** — Design data model & ERD
451
+ - **UX Designer** — Design system (colors, components, motion)
452
+ - **Analyst Agent** — Spesifikasi & API Contract
453
+ - **Toolsmith Agent** ⭐ NEW — Provisioning workspace agentik (skills + MCP)
454
+
455
+ **Fase 2 — Pengerjaan (Implementation):**
456
+ - **Backend Engineer** — Server-side API & business logic (standard/deep)
457
+ - **Frontend Engineer** — Client-side UI & integration (standard/deep)
458
+ - **Fullstack Developer** — Satu developer untuk dua sisi (fast mode)
459
+ - **QA Agent** — Code review & static analysis
460
+ - **Fixer Agent** — Bug fixing & debugging
461
+
462
+ **Fase 3 — Testing (E2E & Verification):**
463
+ - **Tester Agent** — Playwright automation & QA testing
464
+
465
+ **Fase 4 — Hardening (Release Readiness):**
466
+ - **Security Expert** — Threat modeling & OWASP audit
467
+ - **Reliability Engineer** — Performance & load testing
468
+
469
+ **Cross-Phase (Coordination & Documentation):**
470
+ - **Orchestrator** — Pipeline coordinator (/plan-project, /build-feature, /test-feature, /release, dll)
471
+ - **PM Agent** — Task management & progress tracking
472
+ - **DevOps Agent** — Infrastructure & CI/CD setup
473
+ - **Document Agent** — Technical documentation
150
474
 
151
475
  > 🔗 **Detail lengkap** mengenai cara kerja, rules, integrasi alur tugas, serta kemampuan (*capabilities*) dari tiap-tiap agen dapat dibaca di panduan terpisah:
152
476
  > 👉 **[BACA: Panduan Persona & Kemampuan Agen (AGENT_PERSONAS.md)](./AGENT_PERSONAS.md)**
153
477
 
154
478
  ---
155
479
 
480
+ ## ✨ Perubahan Utama v2.2
481
+
482
+ ### **1. Toolsmith Agent — Workspace Provisioning Agentik** ⭐
483
+ Agen baru (ke-19) yang mengotomatisasi setup AI tool. Membedakan:
484
+ - **Toolsmith** → Setup tool AI (skills + MCP) untuk agent bekerja optimal
485
+ - **DevOps** → Setup runtime produk (Docker, infrastructure)
486
+
487
+ **Desired-State Architecture:**
488
+ - `state/workspace-manifest.json` — Single source of truth (platform-agnostic)
489
+ - Per-tool config (`.mcp.json`, `opencode.json`, `.vscode/mcp.json`) — Derived artifacts
490
+ - `/setup-workspace [init|switch|sync]` — Otomatis detect tool aktif, apply manifest
491
+
492
+ **Benefit:** Ganti tool (Claude Code → OpenCode) tanpa re-derive requirements. Just run `/setup-workspace switch tool=opencode`.
493
+
494
+ ### **2. Developer → Fullstack (v2.0 contd.)**
495
+ - **Fast mode** (`depth=fast`) → Satu **Fullstack** developer
496
+ - **Standard/Deep** (`depth=standard|deep`) → **Backend + Frontend paralel** via API Contract
497
+
498
+ ### **3. Multi-Tool Support Sync** ⭐ v2.2
499
+ - **GitHub Copilot prompt files** → `.github/prompts/*.prompt.md` (19 agents synced)
500
+ - **Source of truth** → `agent/workflows/` (auto-propagate ke `.claude/`, `.opencode/`, `.agents/`, `.github/prompts/`)
501
+ - **Template sync** → `npm run sync-template` (create-vasvibe template always up-to-date)
502
+
503
+ ### **4. Git Workflow Audit** ⭐ v2.2
504
+ - **4 agen** ditambahkan pointer ke `_shared/git-branch-management.md`:
505
+ - DevOps (sebelum menulis infrastructure code)
506
+ - QA (code review checkpoint)
507
+ - Security (vulnerability fix phase)
508
+ - Reliability (hardening phase)
509
+ - **Kenapa:** Consistency git workflow di semua agen, prevent merge conflicts
510
+
511
+ ### **5. No Silent Changes Protocol** ⭐ v2.0
512
+ Setiap perubahan yang diminta **harus ditulis ke dokumen acuan**:
513
+ - Request change → Analyst (atau agen terkait) update spec/requirement/design-system
514
+ - Dokumen di-review & approve
515
+ - Agen downstream di-notify
516
+ - Result: No rework, clear audit trail
517
+
518
+ ---
519
+
156
520
  ## 🛠️ Cara Memulai (Step-by-Step)
157
521
 
158
- ### **Phase 0: Project Initialization** 👤🤖
522
+ ### **4-Phase Model Ringkas**
523
+
524
+ Workflow ini diorganisir dalam **4 fase**, tiap fase diakhiri **gate** (approval manusia):
525
+
526
+ ```
527
+ 🟦 FASE 1: Perencanaan
528
+ Discovery → Requirements → project_overview.md → Tech stack + Design system → Spesifikasi → API Contract
529
+ ↓ GATE: Approve API Contract
530
+
531
+ 🟩 FASE 2: Pengerjaan
532
+ Analyst spec-lock → Backend + Frontend coding paralel (atau Fullstack fast) → QA review
533
+ ↓ GATE: Approve kode
534
+
535
+ 🟨 FASE 3: Testing
536
+ E2E Playwright tests → Fixer fixes bugs sampai hijau
537
+ ↓ GATE: Approve test results
538
+
539
+ 🟧 FASE 4: Hardening
540
+ Security audit + Reliability test → CHANGELOG → Git tag
541
+ ↓ GATE: Approve rilis
542
+ ```
543
+
544
+ **Aturan:**
545
+ - Tidak boleh lanjut fase tanpa approval di gate
546
+ - Setiap perubahan dicatat ke dokumen acuan (No Silent Changes)
547
+ - Jika ada blocker → discuss & document, jangan skip
548
+
549
+ ---
550
+
551
+ ### **Phase 1: Perencanaan** 👤🤖
552
+
553
+ **Step 0: Tentukan Work Depth**
554
+
555
+ Buka `project_overview.md` (atau buat baru), set:
556
+ ```yaml
557
+ WORK_DEPTH: standard # fast | standard | deep
558
+ ```
559
+
560
+ **Kapan:**
561
+ - `fast` — MVP, prototype, eksplorasi ide (Fullstack 1 agen)
562
+ - `standard` — Produksi normal (Backend + Frontend terpisah) **← DEFAULT**
563
+ - `deep` — Fintech, auth, data sensitif (+ Security + Reliability)
564
+
565
+ ---
566
+
567
+ ### **Phase 1a: Project Initialization** 👤🤖
159
568
 
160
569
  **👤 Human Decision:**
161
570
  1. Tentukan ide proyek (apa yang ingin dibuat?)
@@ -190,11 +599,37 @@ Target launch April 2025."
190
599
  - [ ] Check development roadmap (realistis tidak?)
191
600
  - [ ] **APPROVE** atau minta revisi ke Agent
192
601
 
193
- **⚠️ Jangan lanjut ke Phase 1 jika belum approve!**
602
+ **⚠️ Jangan lanjut jika belum approve project_overview.md!**
194
603
 
195
604
  ---
196
605
 
197
- ### **Phase 1: Infrastructure Setup** 👤🤖
606
+ ### **Phase 1b: Workspace Provisioning** 🤖 ⭐ v2.2
607
+
608
+ **Setelah tech stack diketahui (di project_overview.md), setup workspace agentik:**
609
+
610
+ ```bash
611
+ /setup-workspace init
612
+ ```
613
+
614
+ **Toolsmith Agent akan:**
615
+ 1. Detect tool aktif (Claude Code? OpenCode? GitHub Copilot?)
616
+ 2. Baca `project_overview.md` → extract tech stack
617
+ 3. Konsultasi `schemas/workspace-registry.json` → recommend skills + MCP
618
+ 4. Present manifest untuk approval
619
+
620
+ **Output:**
621
+ - `state/workspace-manifest.json` — Desired state (platform-agnostic)
622
+ - `.mcp.json` (Claude) / `opencode.json` (OpenCode) / `.vscode/mcp.json` (Copilot) / `.agents/mcp.json` (Antigravity)
623
+ - Secrets sebagai `${VAR}` placeholder → developer isi di `.env`
624
+
625
+ **👤 Human:**
626
+ - [ ] Review manifest (skills + MCP sesuai tech stack?)
627
+ - [ ] Fill `.env` dengan secrets
628
+ - [ ] Verify MCP servers functional
629
+
630
+ ---
631
+
632
+ ### **Phase 1c: Infrastructure Setup** 👤🤖
198
633
 
199
634
  **👤 Human Decision:**
200
635
  - Hosting: Local Docker? Cloud (Vercel + Supabase)? VPS?
@@ -299,11 +734,27 @@ npx prisma generate
299
734
 
300
735
  ---
301
736
 
302
- ### **Phase 3: Feature Development Loop** 🔄 👤🤖
737
+ ### **Phase 2: Pengerjaan** 👤🤖
738
+
739
+ **Step 0: Sync Workspace** ⭐ v2.2
740
+
741
+ Sebelum build feature, pastikan workspace sync (special jika ganti tool):
742
+
743
+ ```bash
744
+ /setup-workspace sync
745
+ # atau jika switch tool:
746
+ /setup-workspace switch tool=opencode
747
+ ```
748
+
749
+ **Tujuan:** Verifikasi manifest sesuai config aktual, deteksi drift, update jika ada perubahan tech stack.
750
+
751
+ ---
752
+
753
+ ### **Step 1: Feature Development Loop** 🔄 👤🤖
303
754
 
304
755
  Ulangi siklus ini untuk **setiap fitur**:
305
756
 
306
- #### **Step 3.1: Specification (Analyst)**
757
+ #### **Step 1.1: Specification (Analyst)**
307
758
 
308
759
  **👤 Human:** Tentukan fitur mana yang dikerjakan duluan (prioritas)
309
760
 
@@ -342,26 +793,42 @@ Ulangi siklus ini untuk **setiap fitur**:
342
793
  - **Description:** Implement booking CRUD operations with DP calculation
343
794
  ```
344
795
 
345
- #### **Step 3.2: Implementation (Developer)**
796
+ #### **Step 1.2: Implementation**
346
797
 
798
+ **Jika depth=fast:**
347
799
  ```bash
348
- /developer
800
+ /fullstack
349
801
 
350
802
  "Implementasikan SPEC-003 (Booking Management)"
351
803
  ```
804
+ → Satu Fullstack agent koding dua sisi
805
+
806
+ **Jika depth=standard atau depth=deep:**
807
+ ```bash
808
+ /backend
809
+
810
+ "Implementasikan backend SPEC-003 (Booking Management)"
811
+ ```
812
+
813
+ ```bash
814
+ /frontend
815
+
816
+ "Implementasikan frontend SPEC-003 (Booking Management)"
817
+ ```
818
+ → Backend + Frontend jalankan paralel via API Contract
352
819
 
353
820
  **🤖 Agent akan:**
354
821
  1. Read `task/task_list.md` → Find TASK-003
355
822
  2. **Update status:** `not_started` → `dev`
356
- 3. **Set Assigned To:** Developer Agent
357
- 4. Implement code
823
+ 3. **Set Assigned To:** [Backend/Frontend/Fullstack] Agent
824
+ 4. Implement code sesuai spec + API Contract
358
825
  5. Create development log
359
826
  6. **Update status:** `dev` → `ready_to_test`
360
827
 
361
828
  **🤖 Agent Output:**
362
- - API routes: `codes/app/api/backoffice/bookings/route.ts`
363
- - Components: `codes/components/bookings/BookingForm.tsx`
364
- - Development log: `logs/development/dev_003_booking_management.md`
829
+ - Backend: API routes, business logic, DB queries
830
+ - Frontend: UI components, API integration, styling
831
+ - Log: `logs/development/dev_003_booking_management.md`
365
832
 
366
833
  **👤 Human Tasks:**
367
834
  1. **Code Review:**
@@ -388,7 +855,7 @@ Ulangi siklus ini untuk **setiap fitur**:
388
855
  npm run lint
389
856
  ```
390
857
 
391
- **If bugs found:**
858
+ **Jika ada bugs di testing:**
392
859
  ```bash
393
860
  /fixer
394
861
 
@@ -410,7 +877,7 @@ Reproduce steps:
410
877
  4. Read related code files
411
878
  5. Identify root cause
412
879
  6. Apply fix
413
- 7. **PENTING:** Lakukan update dokumen spesifikasi di direktori `specifications/` terkait fitur yang difixing sesuai dengan scope fixing yang diberikan oleh user.
880
+ 7. **PENTING:** Update dokumen spesifikasi (`specifications/`) jika scope fixing melebihi bug kecil
414
881
  8. Run tests untuk verify fix
415
882
  9. **Update status:** `fixing` → `ready_to_test` (back to Tester)
416
883
  10. Create fixing log di `logs/fixing/fixing_003_booking_dp_bug.md`
@@ -420,22 +887,56 @@ Reproduce steps:
420
887
  - [ ] No side effects? (test related features)
421
888
  - [ ] Root cause addressed? (bukan just symptom fix)
422
889
 
423
- #### **Step 3.3: Testing (Tester)**
890
+ ---
891
+
892
+ #### **Step 2.2: Re-test (Tester)**
893
+
894
+ Setelah Fixer fix bugs, Tester run tests ulang sampai hijau.
895
+
896
+ **Gate: Approve saat semua test hijau ✅**
897
+
898
+ #### **Step 1.3: Code Review (QA Agent)**
899
+
900
+ ```bash
901
+ /qa
902
+
903
+ "Review SPEC-003 implementation code untuk correctness, security, performance"
904
+ ```
905
+
906
+ **🤖 QA Agent akan:**
907
+ 1. Static code analysis (TypeScript, linting)
908
+ 2. Security checks (OWASP top 10, input validation)
909
+ 3. Performance review (N+1 queries, unnecessary re-renders)
910
+ 4. Report findings
911
+
912
+ **Output:**
913
+ - Code review comments
914
+ - Pass/Fail status
915
+
916
+ **👤 Human:**
917
+ - [ ] Review QA findings
918
+ - [ ] Approve jika OK, atau minta developer fix
919
+
920
+ ---
921
+
922
+ ### **Step 2: Testing** 👤🤖
923
+
924
+ **Step 2.1: Testing (Tester)**
424
925
 
425
926
  ```bash
426
927
  /tester
427
928
 
428
- "Buat dan jalankan test untuk Booking Management API"
929
+ "Buat dan jalankan E2E test untuk Booking Management API"
429
930
  ```
430
931
 
431
932
  **🤖 Agent akan:**
432
933
  1. Read `task/task_list.md` → Find TASK-003 with status "ready_to_test"
433
- 2. Create test scenarios → **Update status:** `ready_to_test` → `testing_ready`
934
+ 2. Create test scenarios (Playwright) → **Update status:** `ready_to_test` → `testing_ready`
434
935
  3. Run tests → **Update status:** `testing_ready` → `testing`
435
936
  4. Analyze results → **Update status:** `testing` → `passed` (or `failed`)
436
937
 
437
938
  **🤖 Agent Output:**
438
- - `tests/integration/booking.test.ts`
939
+ - `tests/e2e/booking.test.ts`
439
940
  - `logs/testing/test_003_booking_management.md`
440
941
 
441
942
  **👤 Human Tasks:**
@@ -456,15 +957,41 @@ Reproduce steps:
456
957
 
457
958
  ---
458
959
 
459
- ### **Phase 4: Infrastructure Planning & Deployment** 👤🤖 ⭐ NEW
960
+ ### **Step 3: Hardening** 👤🤖 (Per-Release)
961
+
962
+ Setelah 3-5 fitur selesai & siap rilis, jalankan hardening:
963
+
964
+ ```bash
965
+ /harden-release "1.0.0"
966
+ ```
967
+
968
+ **Agents yang jalan:**
969
+ - **Security Agent** — OWASP audit, threat modeling, vulnerability scan
970
+ - **Reliability Agent** — Load testing, performance optimization
971
+ - **Document Agent** — CHANGELOG generation
972
+
973
+ **Output:**
974
+ - `logs/hardening/security_audit_1.0.0.md`
975
+ - `logs/hardening/reliability_test_1.0.0.md`
976
+ - Updated `CHANGELOG.md`
977
+ - `git tag v1.0.0`
978
+
979
+ **👤 Human:**
980
+ - [ ] Review security findings
981
+ - [ ] Review performance metrics
982
+ - [ ] Approve release
983
+
984
+ ---
985
+
986
+ ### **Step 4 (Optional): Production Deployment** 👤🤖
460
987
 
461
988
  **When to do this:**
462
- - Setelah MVP selesai development & testing (minimum 3-5 features implemented)
989
+ - Setelah hardening disetujui
463
990
  - Sebelum deployment ke production
464
- - Saat merencanakan scaling untuk high season
465
- - Saat ada budget review atau cost optimization needs
991
+ - Saat merencanakan scaling atau cost optimization
992
+ - Saat ada infrastructure review perlu
466
993
 
467
- **Step 7: Infrastructure Requirements Gathering**
994
+ **Step 4.1: Infrastructure Analysis**
468
995
 
469
996
  ```bash
470
997
  /sysarch
@@ -485,137 +1012,58 @@ for production deployment. Create deployment plan."
485
1012
  - Budget & deployment preferences
486
1013
  - Security & compliance needs
487
1014
 
488
- **👤 Human Tasks:**
489
- - [ ] **ANSWER semua questions** dari SysArch Agent dengan data yang akurat
490
- - Estimasi conservative (jangan over-promise)
491
- - Consider seasonal peaks (high season bisa 3-5x normal)
492
- - Include growth projection (6 months, 1 year, 2 years)
493
-
494
- **Step 8: Review Architecture Plan**
495
-
496
- **🤖 SysArch Agent Output:**
497
- - `architecture/current_state.md` - Application analysis & tech stack summary
498
- - `architecture/server_specifications.md` - Detailed specs:
499
- - Development server specs
500
- - Staging server specs
501
- - Production server specs (with scaling recommendations)
502
- - Database server specs
503
- - Storage requirements
504
- - `architecture/deployment_plan.md` - Step-by-step deployment guide
505
- - `architecture/cost_analysis.md` - Monthly cost breakdown by component
506
- - `architecture/monitoring_plan.md` - Observability setup (metrics, alerts, logs)
1015
+ **👤 Human:**
1016
+ - [ ] Answer all questions accurately
1017
+ - [ ] Provide conservative estimates
507
1018
 
508
- **👤 Human Review (CRITICAL):**
509
- - [ ] Server specs realistic untuk workload?
510
- - [ ] Cost analysis sesuai budget? (jika over budget, diskusikan trade-offs)
511
- - [ ] Deployment plan clear & executable?
512
- - [ ] Monitoring plan comprehensive? (uptime, performance, errors, business metrics)
513
- - [ ] Backup & disaster recovery adequate?
514
- - [ ] Security measures sufficient? (SSL, firewall, WAF, DDoS)
1019
+ **Output:**
1020
+ - `architecture/current_state.md`
1021
+ - `architecture/server_specifications.md`
1022
+ - `architecture/deployment_plan.md`
1023
+ - `architecture/cost_analysis.md`
1024
+ - `architecture/monitoring_plan.md`
1025
+
1026
+ **Step 4.2: Review & Approve**
1027
+
1028
+ **👤 Human Review:**
1029
+ - [ ] Server specs sufficient?
1030
+ - [ ] Cost sesuai budget?
1031
+ - [ ] Deployment plan clear?
1032
+ - [ ] Monitoring comprehensive?
1033
+ - [ ] Backup & disaster recovery OK?
515
1034
 
516
1035
  **If cost too high:**
517
1036
  ```bash
518
1037
  /sysarch
519
1038
 
520
- "Cost analysis shows $500/month but budget is $200/month.
521
- Provide cost optimization options with trade-offs.
522
-
523
- Priorities:
524
- 1. Data integrity & backup (non-negotiable)
525
- 2. Reasonable performance (acceptable: 2-3s page load)
526
- 3. 99% uptime (99.9% nice to have)
527
-
528
- Can consider:
529
- - Smaller instance sizes (scale later when needed)
530
- - Managed database vs self-hosted
531
- - CDN optional for MVP
532
- - Monitoring with free tier tools"
1039
+ "Cost $500/month, budget $200/month.
1040
+ Provide 2-3 cost optimization scenarios dengan trade-offs."
533
1041
  ```
534
1042
 
535
- **🤖 SysArch Agent will:**
536
- - Provide 2-3 cost optimization scenarios
537
- - Show trade-offs for each option
538
- - Recommend which option for MVP vs scale-up plan
539
-
540
- **Step 9: Deploy to Production**
541
-
542
- **👤 Human Tasks:**
543
- 1. **Setup Infrastructure:**
544
- ```bash
545
- # Follow deployment_plan.md step-by-step
546
- # Example: Setup VPS, install Docker, configure firewall
547
- ```
548
-
549
- 2. **Ask Developer/SysArch Agent for deployment help:**
550
- ```bash
551
- /developer
552
-
553
- "Follow architecture/deployment_plan.md, deploy application to production.
554
-
555
- Server: Ubuntu 22.04 VPS (IP: xxx.xxx.xxx.xxx)
556
- Domain: example.com
557
- SSL: Let's Encrypt
558
-
559
- Setup:
560
- 1. Docker & Docker Compose
561
- 2. PostgreSQL (managed service: Supabase/AWS RDS)
562
- 3. Redis (optional for caching)
563
- 4. Nginx reverse proxy
564
- 5. SSL certificate
565
- 6. Environment variables from .env.production"
566
- ```
567
-
568
- 3. **Setup Monitoring:**
569
- ```bash
570
- /sysarch
571
-
572
- "Setup monitoring following monitoring_plan.md.
573
-
574
- Tools available:
575
- - Uptime: UptimeRobot (free tier)
576
- - APM: New Relic / Datadog (free tier)
577
- - Logs: Papertrail / Logtail (free tier)
578
- - Error tracking: Sentry (free tier)
579
-
580
- Setup alerts for:
581
- - Server down (uptime < 99%)
582
- - API response time > 2s
583
- - Database connections > 80%
584
- - Disk usage > 80%
585
- - Error rate > 1%"
586
- ```
1043
+ **Step 4.3: Deploy**
587
1044
 
588
- **Verify Production Deployment:**
589
- - [ ] Application accessible via domain (https://example.com)
590
- - [ ] SSL certificate valid (green padlock)
591
- - [ ] Database connected & migrations applied
592
- - [ ] All API endpoints working
593
- - [ ] Monitoring alerts configured
594
- - [ ] Backup scheduled (daily database backup)
595
- - [ ] Test booking flow end-to-end
596
- - [ ] Test payment flow (if integrated)
1045
+ **👤 Human:**
1046
+ - [ ] Follow deployment_plan.md step-by-step
1047
+ - [ ] Setup infrastructure (VPS, Docker, PostgreSQL, monitoring, SSL, backups)
1048
+ - [ ] Verify deployment (app accessible, SSL valid, monitoring alerts OK, backup running)
597
1049
  - [ ] Performance check (page load < 3s)
598
1050
 
599
1051
  ---
600
1052
 
601
- ### **Phase 5: Documentation** 👤🤖
602
-
603
- **Step 10: Generate Final Documentation**
1053
+ ### **Step 5: Final Documentation** 👤🤖 (Per-Release)
604
1054
 
605
1055
  ```bash
606
1056
  /document
607
1057
 
608
- "Generate FSD lengkap dari semua specifications"
1058
+ "Generate FSD + API documentation dari semua specifications"
609
1059
  ```
610
1060
 
611
1061
  **Output:**
612
1062
  - `documentation/FSD_{{projectName}}.md`
613
1063
  - `documentation/API_Documentation.md`
614
1064
 
615
- **👤 Human Review:**
616
- - [ ] Documentation complete?
617
- - [ ] Deployment guide clear?
618
- - [ ] API examples working?
1065
+ **👤 Human:**
1066
+ - [ ] Documentation complete & clear?
619
1067
 
620
1068
  ---
621
1069