gitnexushub 0.4.4 → 0.6.0

package/skills/gitnexus-impact-analysis.md

@@ -1,99 +1,99 @@
----
-name: gitnexus-impact-analysis
-description: "Use when the user wants to know what will break if they change something, or needs safety analysis before editing code. Examples: \"Is it safe to change X?\", \"What depends on this?\", \"What will break?\""
----
-
-# Impact Analysis with GitNexus
-
-## When to Use
-
-- "Is it safe to change this function?"
-- "What will break if I modify X?"
-- "Show me the blast radius"
-- "Who uses this code?"
-- Before making non-trivial code changes
-
-## Workflow
-
-```
-1. gitnexus_impact({target: "X", direction: "upstream"})  → What depends on this
-2. Review d=1 items (WILL BREAK) and affected processes
-3. gitnexus_context({name: "<high-risk symbol>"})         → Understand callers/callees
-4. READ gitnexus://repo/{name}/process/{name}              → Trace affected execution flows
-5. Assess risk and report to user
-```
-
-## Checklist
-
-```
-- [ ] gitnexus_impact({target, direction: "upstream"}) to find dependents
-- [ ] Review d=1 items first (these WILL BREAK)
-- [ ] Check high-confidence (>0.8) dependencies
-- [ ] gitnexus_context on high-risk d=1 symbols
-- [ ] READ processes to check affected execution flows
-- [ ] Assess risk level and report to user
-```
-
-## Understanding Output
-
-| Depth | Risk Level       | Meaning                  |
-| ----- | ---------------- | ------------------------ |
-| d=1   | **WILL BREAK**   | Direct callers/importers |
-| d=2   | LIKELY AFFECTED  | Indirect dependencies    |
-| d=3   | MAY NEED TESTING | Transitive effects       |
-
-## Risk Assessment
-
-| Affected                       | Risk     |
-| ------------------------------ | -------- |
-| <5 symbols, few processes      | LOW      |
-| 5-15 symbols, 2-5 processes    | MEDIUM   |
-| >15 symbols or many processes  | HIGH     |
-| Critical path (auth, payments) | CRITICAL |
-
-## Tools
-
-**gitnexus_impact** — the primary tool for symbol blast radius:
-
-```
-gitnexus_impact({
-  target: "validateUser",
-  direction: "upstream",
-  minConfidence: 0.8,
-  maxDepth: 3
-})
-
-→ d=1 (WILL BREAK):
-  - loginHandler (src/auth/login.ts:42) [CALLS, 100%]
-  - apiMiddleware (src/api/middleware.ts:15) [CALLS, 100%]
-
-→ d=2 (LIKELY AFFECTED):
-  - authRouter (src/routes/auth.ts:22) [CALLS, 95%]
-```
-
-**gitnexus_context** — understand high-risk dependents:
-
-```
-gitnexus_context({name: "loginHandler"})
-→ Incoming calls: authRouter, oauthCallback
-→ Outgoing calls: validateUser, createSession
-→ Processes: LoginFlow (step 2/5)
-```
-
-## Example: "What breaks if I change validateUser?"
-
-```
-1. gitnexus_impact({target: "validateUser", direction: "upstream"})
-   → d=1: loginHandler, apiMiddleware (WILL BREAK)
-   → d=2: authRouter, sessionManager (LIKELY AFFECTED)
-   → Affected processes: LoginFlow, TokenRefresh
-   → Risk: MEDIUM
-
-2. gitnexus_context({name: "loginHandler"})
-   → Understand how loginHandler uses validateUser
-
-3. READ gitnexus://repo/my-app/process/LoginFlow
-   → Full execution trace to see where validateUser fits
-
-4. Risk: 2 direct callers, 2 processes = MEDIUM
-```
+---
+name: gitnexus-impact-analysis
+description: "Use when the user wants to know what will break if they change something, or needs safety analysis before editing code. Examples: \"Is it safe to change X?\", \"What depends on this?\", \"What will break?\""
+---
+
+# Impact Analysis with GitNexus
+
+## When to Use
+
+- "Is it safe to change this function?"
+- "What will break if I modify X?"
+- "Show me the blast radius"
+- "Who uses this code?"
+- Before making non-trivial code changes
+
+## Workflow
+
+```
+1. gitnexus_impact({target: "X", direction: "upstream"})  → What depends on this
+2. Review d=1 items (WILL BREAK) and affected processes
+3. gitnexus_context({name: "<high-risk symbol>"})         → Understand callers/callees
+4. READ gitnexus://repo/{name}/process/{name}              → Trace affected execution flows
+5. Assess risk and report to user
+```
+
+## Checklist
+
+```
+- [ ] gitnexus_impact({target, direction: "upstream"}) to find dependents
+- [ ] Review d=1 items first (these WILL BREAK)
+- [ ] Check high-confidence (>0.8) dependencies
+- [ ] gitnexus_context on high-risk d=1 symbols
+- [ ] READ processes to check affected execution flows
+- [ ] Assess risk level and report to user
+```
+
+## Understanding Output
+
+| Depth | Risk Level       | Meaning                  |
+| ----- | ---------------- | ------------------------ |
+| d=1   | **WILL BREAK**   | Direct callers/importers |
+| d=2   | LIKELY AFFECTED  | Indirect dependencies    |
+| d=3   | MAY NEED TESTING | Transitive effects       |
+
+## Risk Assessment
+
+| Affected                       | Risk     |
+| ------------------------------ | -------- |
+| <5 symbols, few processes      | LOW      |
+| 5-15 symbols, 2-5 processes    | MEDIUM   |
+| >15 symbols or many processes  | HIGH     |
+| Critical path (auth, payments) | CRITICAL |
+
+## Tools
+
+**gitnexus_impact** — the primary tool for symbol blast radius:
+
+```
+gitnexus_impact({
+  target: "validateUser",
+  direction: "upstream",
+  minConfidence: 0.8,
+  maxDepth: 3
+})
+
+→ d=1 (WILL BREAK):
+  - loginHandler (src/auth/login.ts:42) [CALLS, 100%]
+  - apiMiddleware (src/api/middleware.ts:15) [CALLS, 100%]
+
+→ d=2 (LIKELY AFFECTED):
+  - authRouter (src/routes/auth.ts:22) [CALLS, 95%]
+```
+
+**gitnexus_context** — understand high-risk dependents:
+
+```
+gitnexus_context({name: "loginHandler"})
+→ Incoming calls: authRouter, oauthCallback
+→ Outgoing calls: validateUser, createSession
+→ Processes: LoginFlow (step 2/5)
+```
+
+## Example: "What breaks if I change validateUser?"
+
+```
+1. gitnexus_impact({target: "validateUser", direction: "upstream"})
+   → d=1: loginHandler, apiMiddleware (WILL BREAK)
+   → d=2: authRouter, sessionManager (LIKELY AFFECTED)
+   → Affected processes: LoginFlow, TokenRefresh
+   → Risk: MEDIUM
+
+2. gitnexus_context({name: "loginHandler"})
+   → Understand how loginHandler uses validateUser
+
+3. READ gitnexus://repo/my-app/process/LoginFlow
+   → Full execution trace to see where validateUser fits
+
+4. Risk: 2 direct callers, 2 processes = MEDIUM
+```

package/skills/gitnexus-pr-review.md

@@ -1,161 +1,161 @@
----
-name: gitnexus-pr-review
-description: "Use when the user wants to review a pull request, understand what a PR changes, assess risk of merging, or check for missing test coverage. Examples: \"Review this PR\", \"What does PR #42 change?\", \"Is this PR safe to merge?\""
----
-
-# PR Review with GitNexus
-
-## When to Use
-
-- "Review this PR"
-- "What does PR #42 change?"
-- "Is this safe to merge?"
-- "What's the blast radius of this PR?"
-- "Are there missing tests for this PR?"
-- Reviewing someone else's code changes before merge
-
-## Workflow
-
-```
-1. gh pr diff <number> or git diff main...HEAD               → Get changed files
-2. git diff main...HEAD --name-only                           → Get file list
-3. gitnexus_detect_changes({changed_files: ["file1", "file2", ...]})  → Map to affected flows
-4. For each changed symbol:
-   gitnexus_impact({target: "<symbol>", direction: "upstream"})       → Blast radius per change
-5. gitnexus_context({name: "<key symbol>"})                   → Understand callers/callees
-6. Summarize findings with risk assessment
-```
-
-## Checklist
-
-```
-- [ ] Get PR diff and file list (gh pr diff / git diff --name-only)
-- [ ] gitnexus_detect_changes({changed_files: [...]}) to map changes to affected flows
-- [ ] gitnexus_impact on each non-trivial changed symbol
-- [ ] Review d=1 items (WILL BREAK) — are callers updated?
-- [ ] gitnexus_context on key changed symbols to understand full picture
-- [ ] Check if affected processes have test coverage
-- [ ] Assess overall risk level
-- [ ] Write review summary with findings
-```
-
-## Review Dimensions
-
-| Dimension | How GitNexus Helps |
-| --- | --- |
-| **Correctness** | `context` shows callers — are they all compatible with the change? |
-| **Blast radius** | `impact` shows d=1/d=2/d=3 dependents — anything missed? |
-| **Completeness** | `detect_changes` shows all affected flows — are they all handled? |
-| **Test coverage** | `impact({includeTests: true})` shows which tests touch changed code |
-| **Breaking changes** | d=1 upstream items that aren't updated in the PR = potential breakage |
-
-## Risk Assessment
-
-| Signal | Risk |
-| --- | --- |
-| Changes touch <3 symbols, 0-1 processes | LOW |
-| Changes touch 3-10 symbols, 2-5 processes | MEDIUM |
-| Changes touch >10 symbols or many processes | HIGH |
-| Changes touch auth, payments, or data integrity code | CRITICAL |
-| d=1 callers exist outside the PR diff | Potential breakage — flag it |
-
-## Tools
-
-**gitnexus_detect_changes** — map PR diff to affected execution flows:
-
-```
-gitnexus_detect_changes({changed_files: ["src/payments.ts", "src/checkout.ts", "src/types.ts"]})
-
-→ Changed: 8 symbols in 3 files
-→ Affected processes: CheckoutFlow, RefundFlow, WebhookHandler
-→ Risk: MEDIUM
-```
-
-**gitnexus_impact** — blast radius per changed symbol:
-
-```
-gitnexus_impact({target: "validatePayment", direction: "upstream"})
-
-→ d=1 (WILL BREAK):
-  - processCheckout (src/checkout.ts:42) [CALLS, 100%]
-  - webhookHandler (src/webhooks.ts:15) [CALLS, 100%]
-
-→ d=2 (LIKELY AFFECTED):
-  - checkoutRouter (src/routes/checkout.ts:22) [CALLS, 95%]
-```
-
-**gitnexus_impact with tests** — check test coverage:
-
-```
-gitnexus_impact({target: "validatePayment", direction: "upstream", includeTests: true})
-
-→ Tests that cover this symbol:
-  - validatePayment.test.ts [direct]
-  - checkout.integration.test.ts [via processCheckout]
-```
-
-**gitnexus_context** — understand a changed symbol's role:
-
-```
-gitnexus_context({name: "validatePayment"})
-
-→ Incoming calls: processCheckout, webhookHandler
-→ Outgoing calls: verifyCard, fetchRates
-→ Processes: CheckoutFlow (step 3/7), RefundFlow (step 1/5)
-```
-
-## Example: "Review PR #42"
-
-```
-1. git diff main...HEAD --name-only
-   → payments.ts, checkout.ts, types.ts, utils.ts
-
-2. gitnexus_detect_changes({changed_files: ["src/payments.ts", "src/checkout.ts", "src/types.ts", "src/utils.ts"]})
-   → Changed symbols: validatePayment, PaymentInput, formatAmount
-   → Affected processes: CheckoutFlow, RefundFlow
-   → Risk: MEDIUM
-
-3. gitnexus_impact({target: "validatePayment", direction: "upstream"})
-   → d=1: processCheckout, webhookHandler (WILL BREAK)
-   → webhookHandler is NOT in the PR diff — potential breakage!
-
-4. gitnexus_impact({target: "PaymentInput", direction: "upstream"})
-   → d=1: validatePayment (in PR), createPayment (NOT in PR)
-   → createPayment uses the old PaymentInput shape — breaking change!
-
-5. gitnexus_context({name: "formatAmount"})
-   → Called by 12 functions — but change is backwards-compatible (added optional param)
-
-6. Review summary:
-   - MEDIUM risk — 3 changed symbols affect 2 execution flows
-   - BUG: webhookHandler calls validatePayment but isn't updated for new signature
-   - BUG: createPayment depends on PaymentInput type which changed
-   - OK: formatAmount change is backwards-compatible
-   - Tests: checkout.test.ts covers processCheckout path, but no webhook test
-```
-
-## Review Output Format
-
-Structure your review as:
-
-```markdown
-## PR Review: <title>
-
-**Risk: LOW / MEDIUM / HIGH / CRITICAL**
-
-### Changes Summary
-- <N> symbols changed across <M> files
-- <P> execution flows affected
-
-### Findings
-1. **[severity]** Description of finding
-   - Evidence from GitNexus tools
-   - Affected callers/flows
-
-### Missing Coverage
-- Callers not updated in PR: ...
-- Untested flows: ...
-
-### Recommendation
-APPROVE / REQUEST CHANGES / NEEDS DISCUSSION
-```
+---
+name: gitnexus-pr-review
+description: "Use when the user wants to review a pull request, understand what a PR changes, assess risk of merging, or check for missing test coverage. Examples: \"Review this PR\", \"What does PR #42 change?\", \"Is this PR safe to merge?\""
+---
+
+# PR Review with GitNexus
+
+## When to Use
+
+- "Review this PR"
+- "What does PR #42 change?"
+- "Is this safe to merge?"
+- "What's the blast radius of this PR?"
+- "Are there missing tests for this PR?"
+- Reviewing someone else's code changes before merge
+
+## Workflow
+
+```
+1. gh pr diff <number> or git diff main...HEAD               → Get changed files
+2. git diff main...HEAD --name-only                           → Get file list
+3. gitnexus_detect_changes({changed_files: ["file1", "file2", ...]})  → Map to affected flows
+4. For each changed symbol:
+   gitnexus_impact({target: "<symbol>", direction: "upstream"})       → Blast radius per change
+5. gitnexus_context({name: "<key symbol>"})                   → Understand callers/callees
+6. Summarize findings with risk assessment
+```
+
+## Checklist
+
+```
+- [ ] Get PR diff and file list (gh pr diff / git diff --name-only)
+- [ ] gitnexus_detect_changes({changed_files: [...]}) to map changes to affected flows
+- [ ] gitnexus_impact on each non-trivial changed symbol
+- [ ] Review d=1 items (WILL BREAK) — are callers updated?
+- [ ] gitnexus_context on key changed symbols to understand full picture
+- [ ] Check if affected processes have test coverage
+- [ ] Assess overall risk level
+- [ ] Write review summary with findings
+```
+
+## Review Dimensions
+
+| Dimension | How GitNexus Helps |
+| --- | --- |
+| **Correctness** | `context` shows callers — are they all compatible with the change? |
+| **Blast radius** | `impact` shows d=1/d=2/d=3 dependents — anything missed? |
+| **Completeness** | `detect_changes` shows all affected flows — are they all handled? |
+| **Test coverage** | `impact({includeTests: true})` shows which tests touch changed code |
+| **Breaking changes** | d=1 upstream items that aren't updated in the PR = potential breakage |
+
+## Risk Assessment
+
+| Signal | Risk |
+| --- | --- |
+| Changes touch <3 symbols, 0-1 processes | LOW |
+| Changes touch 3-10 symbols, 2-5 processes | MEDIUM |
+| Changes touch >10 symbols or many processes | HIGH |
+| Changes touch auth, payments, or data integrity code | CRITICAL |
+| d=1 callers exist outside the PR diff | Potential breakage — flag it |
+
+## Tools
+
+**gitnexus_detect_changes** — map PR diff to affected execution flows:
+
+```
+gitnexus_detect_changes({changed_files: ["src/payments.ts", "src/checkout.ts", "src/types.ts"]})
+
+→ Changed: 8 symbols in 3 files
+→ Affected processes: CheckoutFlow, RefundFlow, WebhookHandler
+→ Risk: MEDIUM
+```
+
+**gitnexus_impact** — blast radius per changed symbol:
+
+```
+gitnexus_impact({target: "validatePayment", direction: "upstream"})
+
+→ d=1 (WILL BREAK):
+  - processCheckout (src/checkout.ts:42) [CALLS, 100%]
+  - webhookHandler (src/webhooks.ts:15) [CALLS, 100%]
+
+→ d=2 (LIKELY AFFECTED):
+  - checkoutRouter (src/routes/checkout.ts:22) [CALLS, 95%]
+```
+
+**gitnexus_impact with tests** — check test coverage:
+
+```
+gitnexus_impact({target: "validatePayment", direction: "upstream", includeTests: true})
+
+→ Tests that cover this symbol:
+  - validatePayment.test.ts [direct]
+  - checkout.integration.test.ts [via processCheckout]
+```
+
+**gitnexus_context** — understand a changed symbol's role:
+
+```
+gitnexus_context({name: "validatePayment"})
+
+→ Incoming calls: processCheckout, webhookHandler
+→ Outgoing calls: verifyCard, fetchRates
+→ Processes: CheckoutFlow (step 3/7), RefundFlow (step 1/5)
+```
+
+## Example: "Review PR #42"
+
+```
+1. git diff main...HEAD --name-only
+   → payments.ts, checkout.ts, types.ts, utils.ts
+
+2. gitnexus_detect_changes({changed_files: ["src/payments.ts", "src/checkout.ts", "src/types.ts", "src/utils.ts"]})
+   → Changed symbols: validatePayment, PaymentInput, formatAmount
+   → Affected processes: CheckoutFlow, RefundFlow
+   → Risk: MEDIUM
+
+3. gitnexus_impact({target: "validatePayment", direction: "upstream"})
+   → d=1: processCheckout, webhookHandler (WILL BREAK)
+   → webhookHandler is NOT in the PR diff — potential breakage!
+
+4. gitnexus_impact({target: "PaymentInput", direction: "upstream"})
+   → d=1: validatePayment (in PR), createPayment (NOT in PR)
+   → createPayment uses the old PaymentInput shape — breaking change!
+
+5. gitnexus_context({name: "formatAmount"})
+   → Called by 12 functions — but change is backwards-compatible (added optional param)
+
+6. Review summary:
+   - MEDIUM risk — 3 changed symbols affect 2 execution flows
+   - BUG: webhookHandler calls validatePayment but isn't updated for new signature
+   - BUG: createPayment depends on PaymentInput type which changed
+   - OK: formatAmount change is backwards-compatible
+   - Tests: checkout.test.ts covers processCheckout path, but no webhook test
+```
+
+## Review Output Format
+
+Structure your review as:
+
+```markdown
+## PR Review: <title>
+
+**Risk: LOW / MEDIUM / HIGH / CRITICAL**
+
+### Changes Summary
+- <N> symbols changed across <M> files
+- <P> execution flows affected
+
+### Findings
+1. **[severity]** Description of finding
+   - Evidence from GitNexus tools
+   - Affected callers/flows
+
+### Missing Coverage
+- Callers not updated in PR: ...
+- Untested flows: ...
+
+### Recommendation
+APPROVE / REQUEST CHANGES / NEEDS DISCUSSION
+```