gsdd-cli 0.18.5 → 0.19.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (101) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +610 -608
  3. package/agents/DISTILLATION.md +421 -421
  4. package/agents/README.md +62 -62
  5. package/agents/approach-explorer.md +370 -361
  6. package/agents/debugger.md +82 -82
  7. package/agents/executor.md +473 -394
  8. package/agents/integration-checker.md +318 -318
  9. package/agents/mapper.md +103 -103
  10. package/agents/planner.md +342 -313
  11. package/agents/researcher.md +84 -84
  12. package/agents/roadmapper.md +296 -296
  13. package/agents/synthesizer.md +236 -236
  14. package/agents/verifier.md +337 -337
  15. package/bin/adapters/agents.mjs +34 -34
  16. package/bin/adapters/claude.mjs +193 -191
  17. package/bin/adapters/codex.mjs +85 -85
  18. package/bin/adapters/index.mjs +20 -20
  19. package/bin/adapters/opencode.mjs +280 -278
  20. package/bin/gsdd.mjs +123 -116
  21. package/bin/lib/cli-utils.mjs +28 -28
  22. package/bin/lib/evidence-contract.mjs +325 -112
  23. package/bin/lib/file-ops.mjs +186 -144
  24. package/bin/lib/health-truth.mjs +196 -178
  25. package/bin/lib/health.mjs +246 -226
  26. package/bin/lib/init-flow.mjs +247 -231
  27. package/bin/lib/init-prompts.mjs +248 -247
  28. package/bin/lib/init-runtime.mjs +193 -190
  29. package/bin/lib/init.mjs +17 -17
  30. package/bin/lib/lifecycle-preflight.mjs +760 -326
  31. package/bin/lib/lifecycle-state.mjs +356 -267
  32. package/bin/lib/manifest.mjs +116 -114
  33. package/bin/lib/models.mjs +411 -411
  34. package/bin/lib/phase.mjs +365 -358
  35. package/bin/lib/plan-constants.mjs +35 -30
  36. package/bin/lib/provenance.mjs +109 -106
  37. package/bin/lib/rendering.mjs +119 -83
  38. package/bin/lib/runtime-freshness.mjs +214 -214
  39. package/bin/lib/session-fingerprint.mjs +91 -14
  40. package/bin/lib/templates.mjs +225 -224
  41. package/bin/lib/workspace-root.mjs +2 -1
  42. package/distilled/DESIGN.md +2461 -2323
  43. package/distilled/EVIDENCE-INDEX.md +418 -392
  44. package/distilled/README.md +196 -193
  45. package/distilled/SKILL.md +86 -85
  46. package/distilled/templates/agents.block.md +21 -21
  47. package/distilled/templates/agents.md +6 -6
  48. package/distilled/templates/approach.md +272 -232
  49. package/distilled/templates/auth-matrix.md +78 -78
  50. package/distilled/templates/brownfield-change/CHANGE.md +99 -0
  51. package/distilled/templates/brownfield-change/HANDOFF.md +38 -0
  52. package/distilled/templates/brownfield-change/VERIFICATION.md +56 -0
  53. package/distilled/templates/codebase/architecture.md +110 -110
  54. package/distilled/templates/codebase/concerns.md +95 -95
  55. package/distilled/templates/codebase/conventions.md +193 -193
  56. package/distilled/templates/codebase/stack.md +96 -96
  57. package/distilled/templates/delegates/approach-explorer.md +28 -25
  58. package/distilled/templates/delegates/mapper-arch.md +26 -26
  59. package/distilled/templates/delegates/mapper-concerns.md +27 -27
  60. package/distilled/templates/delegates/mapper-quality.md +28 -28
  61. package/distilled/templates/delegates/mapper-tech.md +25 -25
  62. package/distilled/templates/delegates/plan-checker.md +78 -68
  63. package/distilled/templates/delegates/researcher-architecture.md +30 -30
  64. package/distilled/templates/delegates/researcher-features.md +30 -30
  65. package/distilled/templates/delegates/researcher-pitfalls.md +30 -30
  66. package/distilled/templates/delegates/researcher-stack.md +30 -30
  67. package/distilled/templates/delegates/researcher-synthesizer.md +31 -31
  68. package/distilled/templates/research/architecture.md +57 -57
  69. package/distilled/templates/research/features.md +23 -23
  70. package/distilled/templates/research/pitfalls.md +46 -46
  71. package/distilled/templates/research/stack.md +45 -45
  72. package/distilled/templates/research/summary.md +67 -67
  73. package/distilled/templates/roadmap.md +74 -62
  74. package/distilled/templates/spec.md +110 -110
  75. package/distilled/workflows/audit-milestone.md +303 -271
  76. package/distilled/workflows/complete-milestone.md +349 -332
  77. package/distilled/workflows/execute.md +457 -450
  78. package/distilled/workflows/map-codebase.md +253 -253
  79. package/distilled/workflows/new-milestone.md +242 -238
  80. package/distilled/workflows/new-project.md +398 -398
  81. package/distilled/workflows/pause.md +160 -156
  82. package/distilled/workflows/plan-milestone-gaps.md +183 -183
  83. package/distilled/workflows/plan.md +454 -448
  84. package/distilled/workflows/progress.md +227 -223
  85. package/distilled/workflows/quick.md +351 -347
  86. package/distilled/workflows/resume.md +220 -212
  87. package/distilled/workflows/verify-work.md +260 -260
  88. package/distilled/workflows/verify.md +431 -429
  89. package/docs/BROWNFIELD-PROOF.md +95 -95
  90. package/docs/RUNTIME-SUPPORT.md +80 -69
  91. package/docs/USER-GUIDE.md +394 -386
  92. package/docs/VERIFICATION-DISCIPLINE.md +59 -59
  93. package/docs/claude/context-monitor.md +98 -98
  94. package/docs/proof/consumer-node-cli/README.md +37 -37
  95. package/docs/proof/consumer-node-cli/ROADMAP.md +14 -14
  96. package/docs/proof/consumer-node-cli/SPEC.md +17 -17
  97. package/docs/proof/consumer-node-cli/brief.md +9 -9
  98. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-PLAN.md +34 -34
  99. package/docs/proof/consumer-node-cli/phases/01-foundation/01-01-SUMMARY.md +10 -10
  100. package/docs/proof/consumer-node-cli/phases/01-foundation/01-VERIFICATION.md +30 -30
  101. package/package.json +62 -61
@@ -1,96 +1,96 @@
1
- # Codebase Stack
2
-
3
- **Analysis Date:** [YYYY-MM-DD]
4
-
5
- <guidelines>
6
- - List versions only when they matter (compatibility, breaking changes, reproducibility).
7
- - Prefer commands and sources of truth (package.json, lockfiles, tool config) over memory.
8
- - Capture the minimum needed for another agent to run, test, and ship changes safely.
9
- - Include concrete commands and file paths.
10
- </guidelines>
11
-
12
- ## Languages
13
-
14
- Primary:
15
- - [Language] [Version if relevant] - used in: `[paths]`
16
-
17
- Secondary:
18
- - [Language] [Version if relevant] - used in: `[paths]`
19
-
20
- ## Runtime
21
-
22
- Environment:
23
- - [Runtime] [Version if relevant]
24
-
25
- Package manager:
26
- - [Manager] [Version if relevant]
27
- - Lockfile: [present/missing] - `[path]`
28
-
29
- ## Frameworks And Tooling
30
-
31
- Core framework(s):
32
- - [Framework] [Version if relevant] - purpose: [purpose]
33
-
34
- Testing:
35
- - [Tool] [Version if relevant] - purpose: [purpose]
36
-
37
- Build / dev:
38
- - [Tool] [Version if relevant] - purpose: [purpose]
39
-
40
- Lint / format:
41
- - [Tool] - config: `[path]`
42
-
43
- ## Key Dependencies (Only What Drives Architecture)
44
-
45
- Critical libraries:
46
- - [Package] - why it matters: [reason] - examples: `[paths]`
47
-
48
- Infra/observability:
49
- - [Package] - purpose: [reason] - config: `[paths]`
50
-
51
- ## Must-Know Packages
52
-
53
- Flag 3–5 packages that new contributors must understand before making changes. These are not necessarily the most-used packages — they are the ones where misuse causes hard-to-debug problems.
54
-
55
- Each entry: `package-name — why it's critical — risk: low|medium|high — common mistake: what goes wrong`
56
-
57
- Risk levels: low (causes build errors — immediately visible), medium (causes runtime bugs — visible in testing), high (causes data corruption or silent failures — hard to detect).
58
-
59
- - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
60
- - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
61
- - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
62
-
63
- ## How To Run
64
-
65
- Install:
66
- - Command(s): `[commands]`
67
-
68
- Dev:
69
- - Command(s): `[commands]`
70
-
71
- Test:
72
- - Command(s): `[commands]`
73
-
74
- Build:
75
- - Command(s): `[commands]`
76
-
77
- ## Configuration
78
-
79
- Env:
80
- - How configured: [dotenv, env vars, config files]
81
- - Key config files: `[paths]`
82
-
83
- CI/CD:
84
- - CI location: `[path]`
85
- - Main checks: [list]
86
-
87
- <good_examples>
88
- Example (good):
89
- - "Node 20, pnpm. Install: `pnpm i`. Tests: `pnpm test` (Vitest) + `pnpm test:e2e` (Playwright). Formatting: Prettier (`.prettierrc`). Lint: ESLint (`eslint.config.mjs`)."
90
- - "DB migrations run via `pnpm db:migrate` (see `package.json` scripts)."
91
- </good_examples>
92
-
93
- ---
94
-
95
- *Stack analysis: [date]*
96
-
1
+ # Codebase Stack
2
+
3
+ **Analysis Date:** [YYYY-MM-DD]
4
+
5
+ <guidelines>
6
+ - List versions only when they matter (compatibility, breaking changes, reproducibility).
7
+ - Prefer commands and sources of truth (package.json, lockfiles, tool config) over memory.
8
+ - Capture the minimum needed for another agent to run, test, and ship changes safely.
9
+ - Include concrete commands and file paths.
10
+ </guidelines>
11
+
12
+ ## Languages
13
+
14
+ Primary:
15
+ - [Language] [Version if relevant] - used in: `[paths]`
16
+
17
+ Secondary:
18
+ - [Language] [Version if relevant] - used in: `[paths]`
19
+
20
+ ## Runtime
21
+
22
+ Environment:
23
+ - [Runtime] [Version if relevant]
24
+
25
+ Package manager:
26
+ - [Manager] [Version if relevant]
27
+ - Lockfile: [present/missing] - `[path]`
28
+
29
+ ## Frameworks And Tooling
30
+
31
+ Core framework(s):
32
+ - [Framework] [Version if relevant] - purpose: [purpose]
33
+
34
+ Testing:
35
+ - [Tool] [Version if relevant] - purpose: [purpose]
36
+
37
+ Build / dev:
38
+ - [Tool] [Version if relevant] - purpose: [purpose]
39
+
40
+ Lint / format:
41
+ - [Tool] - config: `[path]`
42
+
43
+ ## Key Dependencies (Only What Drives Architecture)
44
+
45
+ Critical libraries:
46
+ - [Package] - why it matters: [reason] - examples: `[paths]`
47
+
48
+ Infra/observability:
49
+ - [Package] - purpose: [reason] - config: `[paths]`
50
+
51
+ ## Must-Know Packages
52
+
53
+ Flag 3–5 packages that new contributors must understand before making changes. These are not necessarily the most-used packages — they are the ones where misuse causes hard-to-debug problems.
54
+
55
+ Each entry: `package-name — why it's critical — risk: low|medium|high — common mistake: what goes wrong`
56
+
57
+ Risk levels: low (causes build errors — immediately visible), medium (causes runtime bugs — visible in testing), high (causes data corruption or silent failures — hard to detect).
58
+
59
+ - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
60
+ - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
61
+ - `[package]` — [why critical] — risk: [level] — common mistake: [what goes wrong]
62
+
63
+ ## How To Run
64
+
65
+ Install:
66
+ - Command(s): `[commands]`
67
+
68
+ Dev:
69
+ - Command(s): `[commands]`
70
+
71
+ Test:
72
+ - Command(s): `[commands]`
73
+
74
+ Build:
75
+ - Command(s): `[commands]`
76
+
77
+ ## Configuration
78
+
79
+ Env:
80
+ - How configured: [dotenv, env vars, config files]
81
+ - Key config files: `[paths]`
82
+
83
+ CI/CD:
84
+ - CI location: `[path]`
85
+ - Main checks: [list]
86
+
87
+ <good_examples>
88
+ Example (good):
89
+ - "Node 20, pnpm. Install: `pnpm i`. Tests: `pnpm test` (Vitest) + `pnpm test:e2e` (Playwright). Formatting: Prettier (`.prettierrc`). Lint: ESLint (`eslint.config.mjs`)."
90
+ - "DB migrations run via `pnpm db:migrate` (see `package.json` scripts)."
91
+ </good_examples>
92
+
93
+ ---
94
+
95
+ *Stack analysis: [date]*
96
+
@@ -1,25 +1,28 @@
1
- **Role contract:** Read `.planning/templates/roles/approach-explorer.md` before starting. Follow its algorithm, scope, anti-patterns, and quality standards.
2
-
3
- You are the approach explorer delegate for the plan workflow.
4
-
5
- **Your job:** Identify gray areas in the target phase, research viable approaches for technical decisions, conduct an adaptive conversation with the user to capture locked decisions, and write APPROACH.md to the phase directory.
6
-
7
- Read only the explicit inputs provided by the orchestrator:
8
- - target phase goal and requirement IDs from `.planning/ROADMAP.md`
9
- - locked decisions and deferred items from `.planning/SPEC.md`
10
- - phase research file (if exists)
11
- - relevant codebase files (existing patterns and conventions)
12
- - approach template at `.planning/templates/approach.md`
13
-
14
- ## Gray Area Classification
15
-
16
- Classify each gray area before acting on it:
17
- - **Taste:** Ask directly, no research needed
18
- - **Technical:** Research 2-3 approaches first, then present with trade-offs
19
- - **Hybrid:** Research the technical part, ask about taste
20
-
21
- ## Output
22
-
23
- Write `{padded_phase}-APPROACH.md` to the phase directory using the approach template.
24
-
25
- Return structured summary: gray areas explored, decisions captured, assumptions validated/corrected, deferred ideas, path to APPROACH.md.
1
+ **Role contract:** Read `.planning/templates/roles/approach-explorer.md` before starting. Follow its algorithm, scope, anti-patterns, and quality standards.
2
+
3
+ You are the approach explorer delegate for the plan workflow.
4
+
5
+ **Your job:** Identify gray areas in the target phase, research viable approaches for technical decisions, conduct an adaptive conversation with the user to capture locked decisions, and write APPROACH.md to the phase directory.
6
+
7
+ When `workflow.discuss: true`, APPROACH.md must prove user alignment before planning: use `alignment_status: user_confirmed` for real user-confirmed decisions or `alignment_status: approved_skip` only when the user explicitly approves skipping discussion. Record the canonical fields `alignment_method`, `user_confirmed_at`, `explicit_skip_approved`, `skip_scope`, `skip_rationale`, and `confirmed_decisions`. `Agent's Discretion` and agent-only "No questions needed" are not valid alignment proof.
8
+
9
+ Read only the explicit inputs provided by the orchestrator:
10
+ - target phase goal and requirement IDs from `.planning/ROADMAP.md`
11
+ - project config from `.planning/config.json`, especially `workflow.discuss`
12
+ - locked decisions and deferred items from `.planning/SPEC.md`
13
+ - phase research file (if exists)
14
+ - relevant codebase files (existing patterns and conventions)
15
+ - approach template at `.planning/templates/approach.md`
16
+
17
+ ## Gray Area Classification
18
+
19
+ Classify each gray area before acting on it:
20
+ - **Taste:** Ask directly, no research needed
21
+ - **Technical:** Research 2-3 approaches first, then present with trade-offs
22
+ - **Hybrid:** Research the technical part, ask about taste
23
+
24
+ ## Output
25
+
26
+ Write `{padded_phase}-APPROACH.md` to the phase directory using the approach template.
27
+
28
+ Return structured summary: gray areas explored, decisions captured, assumptions validated/corrected, deferred ideas, path to APPROACH.md.
@@ -1,26 +1,26 @@
1
- **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
-
3
- Map the architecture and structure of this codebase. Read key source files to understand component boundaries, data flow, and patterns.
4
-
5
- Write ARCHITECTURE.md to `.planning/codebase/` using the template at `.planning/templates/codebase/architecture.md`.
6
-
7
- Include:
8
- - Major components and their responsibilities (what belongs in each, what doesn't)
9
- - Data flow direction (not just "they communicate" — which way does data move)
10
- - "Change Routing" table: where to add new code by change type (new endpoint? new model? new UI component?)
11
- - Key architectural patterns used (e.g., event-driven, layered, modular monolith)
12
- - Golden files per layer: for each major layer, the single most-imported file (highest inbound import count = most stable, most understood); use import frequency as the signal, not judgment
13
-
14
- **Anti-staleness:** Do NOT include static directory trees or full file inventories. DO include file paths for key components, entry points, and architectural boundaries (e.g., `src/services/user.ts`) -- downstream agents navigate directly to files.
15
-
16
- <quality_gate>
17
- - [ ] Components have clear responsibility boundaries
18
- - [ ] Data flow direction is explicit
19
- - [ ] Change Routing table is populated (where to add new code by type)
20
- - [ ] Hard-to-reverse architectural decisions flagged
21
- - [ ] Golden files table populated with at least one file per major layer
22
- </quality_gate>
23
-
24
- Write to: `.planning/codebase/ARCHITECTURE.md`
25
- Return: 3-5 sentence summary to the Orchestrator when done.
26
- Guardrails: Max Agent Hops = 3. No static directory dumps.
1
+ **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
+
3
+ Map the architecture and structure of this codebase. Read key source files to understand component boundaries, data flow, and patterns.
4
+
5
+ Write ARCHITECTURE.md to `.planning/codebase/` using the template at `.planning/templates/codebase/architecture.md`.
6
+
7
+ Include:
8
+ - Major components and their responsibilities (what belongs in each, what doesn't)
9
+ - Data flow direction (not just "they communicate" — which way does data move)
10
+ - "Change Routing" table: where to add new code by change type (new endpoint? new model? new UI component?)
11
+ - Key architectural patterns used (e.g., event-driven, layered, modular monolith)
12
+ - Golden files per layer: for each major layer, the single most-imported file (highest inbound import count = most stable, most understood); use import frequency as the signal, not judgment
13
+
14
+ **Anti-staleness:** Do NOT include static directory trees or full file inventories. DO include file paths for key components, entry points, and architectural boundaries (e.g., `src/services/user.ts`) -- downstream agents navigate directly to files.
15
+
16
+ <quality_gate>
17
+ - [ ] Components have clear responsibility boundaries
18
+ - [ ] Data flow direction is explicit
19
+ - [ ] Change Routing table is populated (where to add new code by type)
20
+ - [ ] Hard-to-reverse architectural decisions flagged
21
+ - [ ] Golden files table populated with at least one file per major layer
22
+ </quality_gate>
23
+
24
+ Write to: `.planning/codebase/ARCHITECTURE.md`
25
+ Return: 3-5 sentence summary to the Orchestrator when done.
26
+ Guardrails: Max Agent Hops = 3. No static directory dumps.
@@ -1,27 +1,27 @@
1
- **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
-
3
- Map the technical debt, security concerns, and risks in this codebase.
4
-
5
- **Security check first (hard stop):** Follow the Hard stop directive in `.planning/templates/roles/mapper.md` — grep for secrets before writing anything. If found: STOP and report to Orchestrator immediately.
6
-
7
- If no secrets found, write CONCERNS.md to `.planning/codebase/` using the template at `.planning/templates/codebase/concerns.md`.
8
-
9
- Include:
10
- - Known bugs or fragile areas (with file references where possible)
11
- - Security vulnerabilities or missing validations
12
- - Performance bottlenecks
13
- - Missing test coverage for critical paths
14
- - Deprecated or end-of-life dependencies
15
- - Downstream impact ranking: top 3 concerns ranked by how much future work they block (concerns blocking multiple change-routing rows from ARCHITECTURE.md rank highest, not just by severity)
16
-
17
- <quality_gate>
18
- - [ ] Secret scan completed and result reported
19
- - [ ] Concerns are specific (file references, not vague "some places")
20
- - [ ] Severity assigned per concern: critical / moderate / minor
21
- - [ ] Deprecated dependencies listed with EOL dates if known
22
- - [ ] Downstream impact table ranks at least top 3 concerns with Blocks column populated
23
- </quality_gate>
24
-
25
- Write to: `.planning/codebase/CONCERNS.md`
26
- Return: 3-5 sentence summary to the Orchestrator when done. If secrets found, STOP and report immediately.
27
- Guardrails: Max Agent Hops = 3. Hard stop on secrets.
1
+ **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
+
3
+ Map the technical debt, security concerns, and risks in this codebase.
4
+
5
+ **Security check first (hard stop):** Follow the Hard stop directive in `.planning/templates/roles/mapper.md` — grep for secrets before writing anything. If found: STOP and report to Orchestrator immediately.
6
+
7
+ If no secrets found, write CONCERNS.md to `.planning/codebase/` using the template at `.planning/templates/codebase/concerns.md`.
8
+
9
+ Include:
10
+ - Known bugs or fragile areas (with file references where possible)
11
+ - Security vulnerabilities or missing validations
12
+ - Performance bottlenecks
13
+ - Missing test coverage for critical paths
14
+ - Deprecated or end-of-life dependencies
15
+ - Downstream impact ranking: top 3 concerns ranked by how much future work they block (concerns blocking multiple change-routing rows from ARCHITECTURE.md rank highest, not just by severity)
16
+
17
+ <quality_gate>
18
+ - [ ] Secret scan completed and result reported
19
+ - [ ] Concerns are specific (file references, not vague "some places")
20
+ - [ ] Severity assigned per concern: critical / moderate / minor
21
+ - [ ] Deprecated dependencies listed with EOL dates if known
22
+ - [ ] Downstream impact table ranks at least top 3 concerns with Blocks column populated
23
+ </quality_gate>
24
+
25
+ Write to: `.planning/codebase/CONCERNS.md`
26
+ Return: 3-5 sentence summary to the Orchestrator when done. If secrets found, STOP and report immediately.
27
+ Guardrails: Max Agent Hops = 3. Hard stop on secrets.
@@ -1,28 +1,28 @@
1
- **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
-
3
- Map the conventions and quality patterns of this codebase. Read existing tests, lint config, and code samples.
4
-
5
- Write CONVENTIONS.md to `.planning/codebase/` using the template at `.planning/templates/codebase/conventions.md`.
6
-
7
- Include:
8
- - Naming patterns (files, functions, variables, exports)
9
- - Code style rules enforced by lint/format config
10
- - Testing and mocking boundaries — explicit "Do mock" / "Do NOT mock" rules with examples
11
- - External integration patterns: webhook signature verification, auth session management, environment config
12
- - CI reliability rules (what must pass before merge)
13
- - Convention adoption rates: for each major convention, estimate `~N% (stable|rising|declining)` using grep-counting (≥5 occurrences required; below that write "prevalence unknown — seen in multiple files")
14
- - Golden files: 2–3 production files with the highest density of documented conventions (not scaffolding, not generated, not tests); format: `file path — which conventions it demonstrates`
15
-
16
- **Anti-staleness:** Do NOT enumerate test files or list every convention observed. Document rules and patterns: the invariants, not the inventory.
17
-
18
- <quality_gate>
19
- - [ ] Mocking boundaries are explicit ("Do mock: X" / "Do NOT mock: Y")
20
- - [ ] External integration security rules included (webhook, auth, env config)
21
- - [ ] Rules are actionable ("always do X"), not descriptive ("the codebase uses X")
22
- - [ ] At least one convention has a quantified adoption rate (e.g., `~N% (stable|rising|declining)`)
23
- - [ ] Golden files section lists at least 2 files with rationale
24
- </quality_gate>
25
-
26
- Write to: `.planning/codebase/CONVENTIONS.md`
27
- Return: 3-5 sentence summary to the Orchestrator when done.
28
- Guardrails: Max Agent Hops = 3. Rules not inventories.
1
+ **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
+
3
+ Map the conventions and quality patterns of this codebase. Read existing tests, lint config, and code samples.
4
+
5
+ Write CONVENTIONS.md to `.planning/codebase/` using the template at `.planning/templates/codebase/conventions.md`.
6
+
7
+ Include:
8
+ - Naming patterns (files, functions, variables, exports)
9
+ - Code style rules enforced by lint/format config
10
+ - Testing and mocking boundaries — explicit "Do mock" / "Do NOT mock" rules with examples
11
+ - External integration patterns: webhook signature verification, auth session management, environment config
12
+ - CI reliability rules (what must pass before merge)
13
+ - Convention adoption rates: for each major convention, estimate `~N% (stable|rising|declining)` using grep-counting (≥5 occurrences required; below that write "prevalence unknown — seen in multiple files")
14
+ - Golden files: 2–3 production files with the highest density of documented conventions (not scaffolding, not generated, not tests); format: `file path — which conventions it demonstrates`
15
+
16
+ **Anti-staleness:** Do NOT enumerate test files or list every convention observed. Document rules and patterns: the invariants, not the inventory.
17
+
18
+ <quality_gate>
19
+ - [ ] Mocking boundaries are explicit ("Do mock: X" / "Do NOT mock: Y")
20
+ - [ ] External integration security rules included (webhook, auth, env config)
21
+ - [ ] Rules are actionable ("always do X"), not descriptive ("the codebase uses X")
22
+ - [ ] At least one convention has a quantified adoption rate (e.g., `~N% (stable|rising|declining)`)
23
+ - [ ] Golden files section lists at least 2 files with rationale
24
+ </quality_gate>
25
+
26
+ Write to: `.planning/codebase/CONVENTIONS.md`
27
+ Return: 3-5 sentence summary to the Orchestrator when done.
28
+ Guardrails: Max Agent Hops = 3. Rules not inventories.
@@ -1,25 +1,25 @@
1
- **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
-
3
- Map the technology stack of this codebase. Read package manifests, lockfiles, and entry points.
4
-
5
- Write STACK.md to `.planning/codebase/` using the template at `.planning/templates/codebase/stack.md`.
6
-
7
- Include:
8
- - Languages and runtimes (with versions)
9
- - Frameworks and key libraries (10-20 most important, not the full lockfile)
10
- - Infrastructure and deployment tooling
11
- - For each package: why it matters to this project (not just what it is)
12
- - Must-know packages: 3–5 packages where misuse causes the hardest-to-debug problems; include risk index (low/medium/high) and the common mistake to avoid
13
-
14
- **Anti-staleness:** Do NOT dump the full lockfile or dependency tree. Include only packages with architectural significance and note why they matter.
15
-
16
- <quality_gate>
17
- - [ ] 10-20 packages listed with version + rationale (not a lockfile dump)
18
- - [ ] Build/deploy tooling included
19
- - [ ] Any deprecated or risky dependencies flagged
20
- - [ ] Must-know packages section identifies at least 3 packages with risk index (low/medium/high)
21
- </quality_gate>
22
-
23
- Write to: `.planning/codebase/STACK.md`
24
- Return: 3-5 sentence summary to the Orchestrator when done.
25
- Guardrails: Max Agent Hops = 3. No static dependency dumps.
1
+ **Role contract:** Read `.planning/templates/roles/mapper.md` before starting. Follow its algorithm, quality guarantees, and anti-patterns.
2
+
3
+ Map the technology stack of this codebase. Read package manifests, lockfiles, and entry points.
4
+
5
+ Write STACK.md to `.planning/codebase/` using the template at `.planning/templates/codebase/stack.md`.
6
+
7
+ Include:
8
+ - Languages and runtimes (with versions)
9
+ - Frameworks and key libraries (10-20 most important, not the full lockfile)
10
+ - Infrastructure and deployment tooling
11
+ - For each package: why it matters to this project (not just what it is)
12
+ - Must-know packages: 3–5 packages where misuse causes the hardest-to-debug problems; include risk index (low/medium/high) and the common mistake to avoid
13
+
14
+ **Anti-staleness:** Do NOT dump the full lockfile or dependency tree. Include only packages with architectural significance and note why they matter.
15
+
16
+ <quality_gate>
17
+ - [ ] 10-20 packages listed with version + rationale (not a lockfile dump)
18
+ - [ ] Build/deploy tooling included
19
+ - [ ] Any deprecated or risky dependencies flagged
20
+ - [ ] Must-know packages section identifies at least 3 packages with risk index (low/medium/high)
21
+ </quality_gate>
22
+
23
+ Write to: `.planning/codebase/STACK.md`
24
+ Return: 3-5 sentence summary to the Orchestrator when done.
25
+ Guardrails: Max Agent Hops = 3. No static dependency dumps.