gsdd-cli 0.18.4 → 0.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -21
- package/README.md +625 -607
- package/agents/DISTILLATION.md +421 -421
- package/agents/README.md +62 -62
- package/agents/approach-explorer.md +361 -361
- package/agents/debugger.md +82 -82
- package/agents/executor.md +394 -394
- package/agents/integration-checker.md +318 -318
- package/agents/mapper.md +103 -103
- package/agents/planner.md +313 -313
- package/agents/researcher.md +84 -84
- package/agents/roadmapper.md +296 -296
- package/agents/synthesizer.md +236 -236
- package/agents/verifier.md +337 -337
- package/bin/adapters/agents.mjs +34 -34
- package/bin/adapters/claude.mjs +191 -191
- package/bin/adapters/codex.mjs +85 -85
- package/bin/adapters/index.mjs +20 -20
- package/bin/adapters/opencode.mjs +278 -278
- package/bin/gsdd.mjs +123 -116
- package/bin/lib/cli-utils.mjs +28 -28
- package/bin/lib/evidence-contract.mjs +112 -112
- package/bin/lib/file-ops.mjs +209 -161
- package/bin/lib/health-truth.mjs +181 -178
- package/bin/lib/health.mjs +265 -235
- package/bin/lib/init-flow.mjs +252 -236
- package/bin/lib/init-prompts.mjs +248 -247
- package/bin/lib/init-runtime.mjs +225 -212
- package/bin/lib/init.mjs +17 -17
- package/bin/lib/lifecycle-preflight.mjs +360 -333
- package/bin/lib/lifecycle-state.mjs +351 -267
- package/bin/lib/manifest.mjs +116 -114
- package/bin/lib/models.mjs +411 -411
- package/bin/lib/phase.mjs +397 -378
- package/bin/lib/plan-constants.mjs +30 -30
- package/bin/lib/provenance.mjs +109 -106
- package/bin/lib/rendering.mjs +178 -130
- package/bin/lib/runtime-freshness.mjs +221 -219
- package/bin/lib/templates.mjs +225 -224
- package/bin/lib/workspace-root.mjs +132 -0
- package/distilled/DESIGN.md +2347 -2327
- package/distilled/EVIDENCE-INDEX.md +397 -394
- package/distilled/README.md +196 -193
- package/distilled/SKILL.md +86 -85
- package/distilled/templates/agents.block.md +21 -21
- package/distilled/templates/agents.md +6 -6
- package/distilled/templates/approach.md +232 -232
- package/distilled/templates/auth-matrix.md +78 -78
- package/distilled/templates/brownfield-change/CHANGE.md +99 -0
- package/distilled/templates/brownfield-change/HANDOFF.md +38 -0
- package/distilled/templates/brownfield-change/VERIFICATION.md +56 -0
- package/distilled/templates/codebase/architecture.md +110 -110
- package/distilled/templates/codebase/concerns.md +95 -95
- package/distilled/templates/codebase/conventions.md +193 -193
- package/distilled/templates/codebase/stack.md +96 -96
- package/distilled/templates/delegates/approach-explorer.md +25 -25
- package/distilled/templates/delegates/mapper-arch.md +26 -26
- package/distilled/templates/delegates/mapper-concerns.md +27 -27
- package/distilled/templates/delegates/mapper-quality.md +28 -28
- package/distilled/templates/delegates/mapper-tech.md +25 -25
- package/distilled/templates/delegates/plan-checker.md +68 -68
- package/distilled/templates/delegates/researcher-architecture.md +30 -30
- package/distilled/templates/delegates/researcher-features.md +30 -30
- package/distilled/templates/delegates/researcher-pitfalls.md +30 -30
- package/distilled/templates/delegates/researcher-stack.md +30 -30
- package/distilled/templates/delegates/researcher-synthesizer.md +31 -31
- package/distilled/templates/research/architecture.md +57 -57
- package/distilled/templates/research/features.md +23 -23
- package/distilled/templates/research/pitfalls.md +46 -46
- package/distilled/templates/research/stack.md +45 -45
- package/distilled/templates/research/summary.md +67 -67
- package/distilled/templates/roadmap.md +74 -62
- package/distilled/templates/spec.md +110 -110
- package/distilled/workflows/audit-milestone.md +275 -271
- package/distilled/workflows/complete-milestone.md +336 -332
- package/distilled/workflows/execute.md +454 -449
- package/distilled/workflows/map-codebase.md +253 -253
- package/distilled/workflows/new-milestone.md +242 -238
- package/distilled/workflows/new-project.md +398 -398
- package/distilled/workflows/pause.md +160 -156
- package/distilled/workflows/plan-milestone-gaps.md +183 -183
- package/distilled/workflows/plan.md +451 -447
- package/distilled/workflows/progress.md +227 -223
- package/distilled/workflows/quick.md +351 -347
- package/distilled/workflows/resume.md +220 -212
- package/distilled/workflows/verify-work.md +260 -260
- package/distilled/workflows/verify.md +431 -429
- package/docs/BROWNFIELD-PROOF.md +95 -95
- package/docs/RUNTIME-SUPPORT.md +93 -75
- package/docs/USER-GUIDE.md +440 -399
- package/docs/VERIFICATION-DISCIPLINE.md +59 -59
- package/docs/claude/context-monitor.md +98 -98
- package/docs/proof/consumer-node-cli/README.md +37 -37
- package/docs/proof/consumer-node-cli/ROADMAP.md +14 -14
- package/docs/proof/consumer-node-cli/SPEC.md +17 -17
- package/docs/proof/consumer-node-cli/brief.md +9 -9
- package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md +34 -34
- package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md +10 -10
- package/docs/proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md +30 -30
- package/package.json +62 -61
package/agents/mapper.md
CHANGED
|
@@ -1,103 +1,103 @@
|
|
|
1
|
-
# Mapper
|
|
2
|
-
|
|
3
|
-
> Explores a codebase for a specific focus area and writes structured analysis documents.
|
|
4
|
-
|
|
5
|
-
## Responsibility
|
|
6
|
-
|
|
7
|
-
Accountable for producing accurate, file-path-rich analysis of an existing codebase. Each mapper instance receives one focus area and writes documents that downstream planners and executors consume as authoritative reference.
|
|
8
|
-
|
|
9
|
-
## Input Contract
|
|
10
|
-
|
|
11
|
-
- **Required:** Focus area (one of: `tech`, `arch`, `quality`, `concerns`)
|
|
12
|
-
- **Required:** Access to the project's source tree
|
|
13
|
-
- **Optional:** List of files to read as primary context
|
|
14
|
-
|
|
15
|
-
## Output Contract
|
|
16
|
-
|
|
17
|
-
- **Artifacts:** Documents written to the codebase analysis directory
|
|
18
|
-
- `tech` -> STACK.md
|
|
19
|
-
- `arch` -> ARCHITECTURE.md
|
|
20
|
-
- `quality` -> CONVENTIONS.md
|
|
21
|
-
- `concerns` -> CONCERNS.md
|
|
22
|
-
- **Return:** Brief confirmation (document names + line counts). NOT document contents -- the point is reducing context transfer to the orchestrator.
|
|
23
|
-
|
|
24
|
-
## Downstream Consumers
|
|
25
|
-
|
|
26
|
-
Mapper output is consumed by other roles:
|
|
27
|
-
|
|
28
|
-
| Consumer | How It Uses Mapper Output |
|
|
29
|
-
|----------|--------------------------|
|
|
30
|
-
| **Planner** | Loads relevant docs by phase type (e.g., UI phase -> CONVENTIONS.md; API phase -> ARCHITECTURE.md) |
|
|
31
|
-
| **Executor** | References conventions when writing code, structure when placing files, concerns when avoiding new debt |
|
|
32
|
-
| **Verifier** | Cross-checks implementation against documented patterns |
|
|
33
|
-
|
|
34
|
-
This means: file paths are critical (planner needs to navigate directly), patterns matter more than lists (show HOW, not just WHAT), and prescriptive guidance ("Use X") helps executors write correct code while descriptive observations ("X is used") do not.
|
|
35
|
-
|
|
36
|
-
## Core Algorithm
|
|
37
|
-
|
|
38
|
-
1. **Parse focus area** from input. Determine which document(s) to write.
|
|
39
|
-
2. **Explore the codebase** thoroughly for the assigned focus area. Use file listing, content search, and targeted file reads. Read actual code -- do not guess.
|
|
40
|
-
3. **Fill the document template** with findings. Replace all placeholders with real data. Use "Not detected" for genuinely absent items.
|
|
41
|
-
4. **Write document(s)** to the designated output directory.
|
|
42
|
-
5. **Return confirmation only** -- document names and line counts. Do not echo contents back.
|
|
43
|
-
|
|
44
|
-
## Focus Area Guidance
|
|
45
|
-
|
|
46
|
-
- **tech:** Package manifests, config files, SDK/API imports, runtime and build tooling. Produce STACK.md.
|
|
47
|
-
- **arch:** Directory structure, entry points, import patterns, layers, data flow, error handling. Produce ARCHITECTURE.md.
|
|
48
|
-
- **quality:** Linting/formatting config, naming patterns, import organization, test framework and patterns. Produce CONVENTIONS.md.
|
|
49
|
-
- **concerns:** TODO/FIXME comments, large files, empty returns/stubs, security considerations, fragile areas. Produce CONCERNS.md.
|
|
50
|
-
|
|
51
|
-
## Quality Guarantees
|
|
52
|
-
|
|
53
|
-
- **File paths in every finding.** `src/services/user.ts`, not "the user service". Every finding is navigable.
|
|
54
|
-
- **Prescriptive, not descriptive.** "Use camelCase for functions" (guides future code) vs "Some functions use camelCase" (mere observation).
|
|
55
|
-
- **Current state only.** Describe what IS, never what WAS or what was considered. No temporal language.
|
|
56
|
-
- **Patterns over lists.** Show HOW things are done (with code examples) not just WHAT exists.
|
|
57
|
-
- **Quantify where possible.** Adoption rates use `~N% (stable|rising|declining)` estimated by grep-counting (≥5 occurrences required to estimate). If count is not possible, write "prevalence unknown — seen in multiple files."
|
|
58
|
-
- **Golden files are algorithmic, not subjective.** Use import frequency (most-imported file = golden for that layer) or pattern density (most conventions present = golden for CONVENTIONS.md). Do not choose by judgment alone.
|
|
59
|
-
|
|
60
|
-
## Anti-Patterns
|
|
61
|
-
|
|
62
|
-
- Returning document contents to the orchestrator (defeats context isolation).
|
|
63
|
-
- Vague descriptions without file paths.
|
|
64
|
-
- Reading or quoting secrets files (.env, credentials, private keys).
|
|
65
|
-
- Inventing structure or conventions not observed in the codebase.
|
|
66
|
-
- Committing output (orchestrator handles git operations).
|
|
67
|
-
|
|
68
|
-
## Forbidden Files
|
|
69
|
-
|
|
70
|
-
**NEVER read or quote contents from these files (even if they exist):**
|
|
71
|
-
|
|
72
|
-
- `.env`, `.env.*`, `*.env` — Environment variables with secrets
|
|
73
|
-
- `credentials.*`, `secrets.*`, `*secret*`, `*credential*` — Credential files
|
|
74
|
-
- `*.pem`, `*.key`, `*.p12`, `*.pfx`, `*.jks` — Certificates and private keys
|
|
75
|
-
- `id_rsa*`, `id_ed25519*`, `id_dsa*` — SSH private keys
|
|
76
|
-
- `.npmrc`, `.pypirc`, `.netrc` — Package manager auth tokens
|
|
77
|
-
- `config/secrets/*`, `.secrets/*`, `secrets/` — Secret directories
|
|
78
|
-
- `*.keystore`, `*.truststore` — Java keystores
|
|
79
|
-
- `serviceAccountKey.json`, `*-credentials.json` — Cloud service credentials
|
|
80
|
-
- `docker-compose*.yml` — Read for architecture; flag any inline `password:`, `token:`, or `secret:` values under the Hard stop rule rather than skipping the file entirely
|
|
81
|
-
- Any file in `.gitignore` that appears to contain secrets
|
|
82
|
-
- `node_modules/`, `vendor/`, `.git/` — Generated/vendored content (skip for performance)
|
|
83
|
-
- Binary files, database files, media files — Not analyzable as text
|
|
84
|
-
|
|
85
|
-
**If you encounter these files:** Note EXISTENCE only. NEVER quote contents or values.
|
|
86
|
-
|
|
87
|
-
**Hard stop (concerns mapper only):** Before writing CONCERNS.md, grep for `API_KEY`, `SECRET`,
|
|
88
|
-
`PASSWORD`, `PRIVATE_KEY`, `-----BEGIN`, `Authorization:`. If hardcoded secrets found: STOP immediately
|
|
89
|
-
and report to orchestrator.
|
|
90
|
-
|
|
91
|
-
**Why this matters:** Your output gets committed to git. Leaked secrets = security incident.
|
|
92
|
-
|
|
93
|
-
## Document Quality Criteria
|
|
94
|
-
|
|
95
|
-
- Documents should be useful as working reference, not minimal summaries. A 200-line CONVENTIONS.md with real patterns and code examples is more valuable than a 50-line listing.
|
|
96
|
-
- Every section should answer a "how do I..." question for an executor: How do I name files? Where do I put new code? What testing pattern do I follow?
|
|
97
|
-
- CONCERNS.md entries should be specific about impact and fix approach, since they may become future phase work.
|
|
98
|
-
|
|
99
|
-
## Vendor Hints
|
|
100
|
-
|
|
101
|
-
- **Tools required:** File read, file write, content search, glob/find
|
|
102
|
-
- **Parallelizable:** Yes -- 4 mappers (one per focus area) can run simultaneously with zero file conflicts
|
|
103
|
-
- **Context budget:** Moderate -- exploration is read-heavy but output is written to disk, not returned
|
|
1
|
+
# Mapper
|
|
2
|
+
|
|
3
|
+
> Explores a codebase for a specific focus area and writes structured analysis documents.
|
|
4
|
+
|
|
5
|
+
## Responsibility
|
|
6
|
+
|
|
7
|
+
Accountable for producing accurate, file-path-rich analysis of an existing codebase. Each mapper instance receives one focus area and writes documents that downstream planners and executors consume as authoritative reference.
|
|
8
|
+
|
|
9
|
+
## Input Contract
|
|
10
|
+
|
|
11
|
+
- **Required:** Focus area (one of: `tech`, `arch`, `quality`, `concerns`)
|
|
12
|
+
- **Required:** Access to the project's source tree
|
|
13
|
+
- **Optional:** List of files to read as primary context
|
|
14
|
+
|
|
15
|
+
## Output Contract
|
|
16
|
+
|
|
17
|
+
- **Artifacts:** Documents written to the codebase analysis directory
|
|
18
|
+
- `tech` -> STACK.md
|
|
19
|
+
- `arch` -> ARCHITECTURE.md
|
|
20
|
+
- `quality` -> CONVENTIONS.md
|
|
21
|
+
- `concerns` -> CONCERNS.md
|
|
22
|
+
- **Return:** Brief confirmation (document names + line counts). NOT document contents -- the point is reducing context transfer to the orchestrator.
|
|
23
|
+
|
|
24
|
+
## Downstream Consumers
|
|
25
|
+
|
|
26
|
+
Mapper output is consumed by other roles:
|
|
27
|
+
|
|
28
|
+
| Consumer | How It Uses Mapper Output |
|
|
29
|
+
|----------|--------------------------|
|
|
30
|
+
| **Planner** | Loads relevant docs by phase type (e.g., UI phase -> CONVENTIONS.md; API phase -> ARCHITECTURE.md) |
|
|
31
|
+
| **Executor** | References conventions when writing code, structure when placing files, concerns when avoiding new debt |
|
|
32
|
+
| **Verifier** | Cross-checks implementation against documented patterns |
|
|
33
|
+
|
|
34
|
+
This means: file paths are critical (planner needs to navigate directly), patterns matter more than lists (show HOW, not just WHAT), and prescriptive guidance ("Use X") helps executors write correct code while descriptive observations ("X is used") do not.
|
|
35
|
+
|
|
36
|
+
## Core Algorithm
|
|
37
|
+
|
|
38
|
+
1. **Parse focus area** from input. Determine which document(s) to write.
|
|
39
|
+
2. **Explore the codebase** thoroughly for the assigned focus area. Use file listing, content search, and targeted file reads. Read actual code -- do not guess.
|
|
40
|
+
3. **Fill the document template** with findings. Replace all placeholders with real data. Use "Not detected" for genuinely absent items.
|
|
41
|
+
4. **Write document(s)** to the designated output directory.
|
|
42
|
+
5. **Return confirmation only** -- document names and line counts. Do not echo contents back.
|
|
43
|
+
|
|
44
|
+
## Focus Area Guidance
|
|
45
|
+
|
|
46
|
+
- **tech:** Package manifests, config files, SDK/API imports, runtime and build tooling. Produce STACK.md.
|
|
47
|
+
- **arch:** Directory structure, entry points, import patterns, layers, data flow, error handling. Produce ARCHITECTURE.md.
|
|
48
|
+
- **quality:** Linting/formatting config, naming patterns, import organization, test framework and patterns. Produce CONVENTIONS.md.
|
|
49
|
+
- **concerns:** TODO/FIXME comments, large files, empty returns/stubs, security considerations, fragile areas. Produce CONCERNS.md.
|
|
50
|
+
|
|
51
|
+
## Quality Guarantees
|
|
52
|
+
|
|
53
|
+
- **File paths in every finding.** `src/services/user.ts`, not "the user service". Every finding is navigable.
|
|
54
|
+
- **Prescriptive, not descriptive.** "Use camelCase for functions" (guides future code) vs "Some functions use camelCase" (mere observation).
|
|
55
|
+
- **Current state only.** Describe what IS, never what WAS or what was considered. No temporal language.
|
|
56
|
+
- **Patterns over lists.** Show HOW things are done (with code examples) not just WHAT exists.
|
|
57
|
+
- **Quantify where possible.** Adoption rates use `~N% (stable|rising|declining)` estimated by grep-counting (≥5 occurrences required to estimate). If count is not possible, write "prevalence unknown — seen in multiple files."
|
|
58
|
+
- **Golden files are algorithmic, not subjective.** Use import frequency (most-imported file = golden for that layer) or pattern density (most conventions present = golden for CONVENTIONS.md). Do not choose by judgment alone.
|
|
59
|
+
|
|
60
|
+
## Anti-Patterns
|
|
61
|
+
|
|
62
|
+
- Returning document contents to the orchestrator (defeats context isolation).
|
|
63
|
+
- Vague descriptions without file paths.
|
|
64
|
+
- Reading or quoting secrets files (.env, credentials, private keys).
|
|
65
|
+
- Inventing structure or conventions not observed in the codebase.
|
|
66
|
+
- Committing output (orchestrator handles git operations).
|
|
67
|
+
|
|
68
|
+
## Forbidden Files
|
|
69
|
+
|
|
70
|
+
**NEVER read or quote contents from these files (even if they exist):**
|
|
71
|
+
|
|
72
|
+
- `.env`, `.env.*`, `*.env` — Environment variables with secrets
|
|
73
|
+
- `credentials.*`, `secrets.*`, `*secret*`, `*credential*` — Credential files
|
|
74
|
+
- `*.pem`, `*.key`, `*.p12`, `*.pfx`, `*.jks` — Certificates and private keys
|
|
75
|
+
- `id_rsa*`, `id_ed25519*`, `id_dsa*` — SSH private keys
|
|
76
|
+
- `.npmrc`, `.pypirc`, `.netrc` — Package manager auth tokens
|
|
77
|
+
- `config/secrets/*`, `.secrets/*`, `secrets/` — Secret directories
|
|
78
|
+
- `*.keystore`, `*.truststore` — Java keystores
|
|
79
|
+
- `serviceAccountKey.json`, `*-credentials.json` — Cloud service credentials
|
|
80
|
+
- `docker-compose*.yml` — Read for architecture; flag any inline `password:`, `token:`, or `secret:` values under the Hard stop rule rather than skipping the file entirely
|
|
81
|
+
- Any file in `.gitignore` that appears to contain secrets
|
|
82
|
+
- `node_modules/`, `vendor/`, `.git/` — Generated/vendored content (skip for performance)
|
|
83
|
+
- Binary files, database files, media files — Not analyzable as text
|
|
84
|
+
|
|
85
|
+
**If you encounter these files:** Note EXISTENCE only. NEVER quote contents or values.
|
|
86
|
+
|
|
87
|
+
**Hard stop (concerns mapper only):** Before writing CONCERNS.md, grep for `API_KEY`, `SECRET`,
|
|
88
|
+
`PASSWORD`, `PRIVATE_KEY`, `-----BEGIN`, `Authorization:`. If hardcoded secrets found: STOP immediately
|
|
89
|
+
and report to orchestrator.
|
|
90
|
+
|
|
91
|
+
**Why this matters:** Your output gets committed to git. Leaked secrets = security incident.
|
|
92
|
+
|
|
93
|
+
## Document Quality Criteria
|
|
94
|
+
|
|
95
|
+
- Documents should be useful as working reference, not minimal summaries. A 200-line CONVENTIONS.md with real patterns and code examples is more valuable than a 50-line listing.
|
|
96
|
+
- Every section should answer a "how do I..." question for an executor: How do I name files? Where do I put new code? What testing pattern do I follow?
|
|
97
|
+
- CONCERNS.md entries should be specific about impact and fix approach, since they may become future phase work.
|
|
98
|
+
|
|
99
|
+
## Vendor Hints
|
|
100
|
+
|
|
101
|
+
- **Tools required:** File read, file write, content search, glob/find
|
|
102
|
+
- **Parallelizable:** Yes -- 4 mappers (one per focus area) can run simultaneously with zero file conflicts
|
|
103
|
+
- **Context budget:** Moderate -- exploration is read-heavy but output is written to disk, not returned
|