npm - javi-forge - Versions diffs - 0.1.0 - Mend

javi-forge 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (500) hide show

package/.gitignore.template +105 -0
package/.releaserc +44 -0
package/README.md +45 -0
package/ai-config/.skillignore +15 -0
package/ai-config/AUTO_INVOKE.md +300 -0
package/ai-config/agents/_TEMPLATE.md +93 -0
package/ai-config/agents/business/api-designer.md +1657 -0
package/ai-config/agents/business/business-analyst.md +1331 -0
package/ai-config/agents/business/product-strategist.md +206 -0
package/ai-config/agents/business/project-manager.md +178 -0
package/ai-config/agents/business/requirements-analyst.md +1277 -0
package/ai-config/agents/business/technical-writer.md +1679 -0
package/ai-config/agents/creative/ux-designer.md +205 -0
package/ai-config/agents/data-ai/ai-engineer.md +487 -0
package/ai-config/agents/data-ai/analytics-engineer.md +953 -0
package/ai-config/agents/data-ai/data-engineer.md +173 -0
package/ai-config/agents/data-ai/data-scientist.md +672 -0
package/ai-config/agents/data-ai/mlops-engineer.md +814 -0
package/ai-config/agents/data-ai/prompt-engineer.md +772 -0
package/ai-config/agents/development/angular-expert.md +620 -0
package/ai-config/agents/development/backend-architect.md +795 -0
package/ai-config/agents/development/database-specialist.md +212 -0
package/ai-config/agents/development/frontend-specialist.md +686 -0
package/ai-config/agents/development/fullstack-engineer.md +668 -0
package/ai-config/agents/development/golang-pro.md +338 -0
package/ai-config/agents/development/java-enterprise.md +400 -0
package/ai-config/agents/development/javascript-pro.md +422 -0
package/ai-config/agents/development/nextjs-pro.md +474 -0
package/ai-config/agents/development/python-pro.md +570 -0
package/ai-config/agents/development/react-pro.md +487 -0
package/ai-config/agents/development/rust-pro.md +246 -0
package/ai-config/agents/development/spring-boot-4-expert.md +326 -0
package/ai-config/agents/development/typescript-pro.md +336 -0
package/ai-config/agents/development/vue-specialist.md +605 -0
package/ai-config/agents/infrastructure/cloud-architect.md +472 -0
package/ai-config/agents/infrastructure/deployment-manager.md +358 -0
package/ai-config/agents/infrastructure/devops-engineer.md +455 -0
package/ai-config/agents/infrastructure/incident-responder.md +519 -0
package/ai-config/agents/infrastructure/kubernetes-expert.md +705 -0
package/ai-config/agents/infrastructure/monitoring-specialist.md +674 -0
package/ai-config/agents/infrastructure/performance-engineer.md +658 -0
package/ai-config/agents/orchestrator.md +241 -0
package/ai-config/agents/quality/accessibility-auditor.md +1204 -0
package/ai-config/agents/quality/code-reviewer-compact.md +123 -0
package/ai-config/agents/quality/code-reviewer.md +363 -0
package/ai-config/agents/quality/dependency-manager.md +743 -0
package/ai-config/agents/quality/e2e-test-specialist.md +1005 -0
package/ai-config/agents/quality/performance-tester.md +1086 -0
package/ai-config/agents/quality/security-auditor.md +133 -0
package/ai-config/agents/quality/test-engineer.md +453 -0
package/ai-config/agents/specialists/api-designer.md +87 -0
package/ai-config/agents/specialists/backend-architect.md +73 -0
package/ai-config/agents/specialists/code-reviewer.md +77 -0
package/ai-config/agents/specialists/db-optimizer.md +75 -0
package/ai-config/agents/specialists/devops-engineer.md +83 -0
package/ai-config/agents/specialists/documentation-writer.md +78 -0
package/ai-config/agents/specialists/frontend-developer.md +75 -0
package/ai-config/agents/specialists/performance-analyst.md +82 -0
package/ai-config/agents/specialists/refactor-specialist.md +74 -0
package/ai-config/agents/specialists/security-auditor.md +74 -0
package/ai-config/agents/specialists/test-engineer.md +81 -0
package/ai-config/agents/specialists/ux-consultant.md +76 -0
package/ai-config/agents/specialized/agent-generator.md +1190 -0
package/ai-config/agents/specialized/blockchain-developer.md +149 -0
package/ai-config/agents/specialized/code-migrator.md +892 -0
package/ai-config/agents/specialized/context-manager.md +978 -0
package/ai-config/agents/specialized/documentation-writer.md +1078 -0
package/ai-config/agents/specialized/ecommerce-expert.md +1756 -0
package/ai-config/agents/specialized/embedded-engineer.md +1714 -0
package/ai-config/agents/specialized/error-detective.md +1034 -0
package/ai-config/agents/specialized/fintech-specialist.md +1659 -0
package/ai-config/agents/specialized/freelance-project-planner-v2.md +1988 -0
package/ai-config/agents/specialized/freelance-project-planner-v3.md +2136 -0
package/ai-config/agents/specialized/freelance-project-planner-v4.md +4503 -0
package/ai-config/agents/specialized/freelance-project-planner.md +722 -0
package/ai-config/agents/specialized/game-developer.md +1963 -0
package/ai-config/agents/specialized/healthcare-dev.md +1620 -0
package/ai-config/agents/specialized/mobile-developer.md +188 -0
package/ai-config/agents/specialized/parallel-plan-executor.md +506 -0
package/ai-config/agents/specialized/plan-executor.md +485 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/00-INDEX.md +485 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/01-CORE.md +3493 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/02-SELF-CORRECTION.md +778 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/03-PROGRESSIVE-SETUP.md +918 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/04-DEPLOYMENT.md +1537 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/05-TESTING.md +2633 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/06-OPERATIONS.md +5610 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/INSTALL.md +335 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/QUICK-REFERENCE.txt +215 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/README.md +260 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/START-HERE.md +379 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/WORKFLOW-DIAGRAM.md +355 -0
package/ai-config/agents/specialized/solo-dev-planner-modular/solo-dev-planner.md +279 -0
package/ai-config/agents/specialized/template-writer.md +347 -0
package/ai-config/agents/specialized/test-runner.md +99 -0
package/ai-config/agents/specialized/vibekanban-smart-worker.md +244 -0
package/ai-config/agents/specialized/wave-executor.md +138 -0
package/ai-config/agents/specialized/workflow-optimizer.md +1114 -0
package/ai-config/commands/git/changelog.md +32 -0
package/ai-config/commands/git/ci-local.md +70 -0
package/ai-config/commands/git/commit.md +35 -0
package/ai-config/commands/git/fix-issue.md +23 -0
package/ai-config/commands/git/pr-create.md +42 -0
package/ai-config/commands/git/pr-review.md +50 -0
package/ai-config/commands/git/worktree.md +39 -0
package/ai-config/commands/refactoring/cleanup.md +24 -0
package/ai-config/commands/refactoring/dead-code.md +40 -0
package/ai-config/commands/refactoring/extract.md +31 -0
package/ai-config/commands/testing/e2e.md +30 -0
package/ai-config/commands/testing/tdd.md +36 -0
package/ai-config/commands/testing/test-coverage.md +30 -0
package/ai-config/commands/testing/test-fix.md +24 -0
package/ai-config/commands/workflow/generate-agents-md.md +85 -0
package/ai-config/commands/workflow/planning.md +47 -0
package/ai-config/commands/workflows/compound.md +89 -0
package/ai-config/commands/workflows/plan.md +77 -0
package/ai-config/commands/workflows/review.md +78 -0
package/ai-config/commands/workflows/work.md +75 -0
package/ai-config/config.yaml +18 -0
package/ai-config/hooks/_TEMPLATE.md +96 -0
package/ai-config/hooks/block-dangerous-commands.md +75 -0
package/ai-config/hooks/commit-guard.md +90 -0
package/ai-config/hooks/context-loader.md +73 -0
package/ai-config/hooks/improve-prompt.md +91 -0
package/ai-config/hooks/learning-log.md +72 -0
package/ai-config/hooks/model-router.md +86 -0
package/ai-config/hooks/secret-scanner.md +64 -0
package/ai-config/hooks/skill-validator.md +102 -0
package/ai-config/hooks/task-artifact.md +114 -0
package/ai-config/hooks/validate-workflow.md +100 -0
package/ai-config/prompts/base.md +71 -0
package/ai-config/prompts/modes/debug.md +34 -0
package/ai-config/prompts/modes/deploy.md +40 -0
package/ai-config/prompts/modes/research.md +32 -0
package/ai-config/prompts/modes/review.md +33 -0
package/ai-config/prompts/review-policy.md +79 -0
package/ai-config/skills/_TEMPLATE.md +157 -0
package/ai-config/skills/backend/api-gateway/SKILL.md +254 -0
package/ai-config/skills/backend/bff-concepts/SKILL.md +239 -0
package/ai-config/skills/backend/bff-spring/SKILL.md +364 -0
package/ai-config/skills/backend/chi-router/SKILL.md +396 -0
package/ai-config/skills/backend/error-handling/SKILL.md +255 -0
package/ai-config/skills/backend/exceptions-spring/SKILL.md +323 -0
package/ai-config/skills/backend/fastapi/SKILL.md +302 -0
package/ai-config/skills/backend/gateway-spring/SKILL.md +390 -0
package/ai-config/skills/backend/go-backend/SKILL.md +457 -0
package/ai-config/skills/backend/gradle-multimodule/SKILL.md +274 -0
package/ai-config/skills/backend/graphql-concepts/SKILL.md +352 -0
package/ai-config/skills/backend/graphql-spring/SKILL.md +398 -0
package/ai-config/skills/backend/grpc-concepts/SKILL.md +283 -0
package/ai-config/skills/backend/grpc-spring/SKILL.md +445 -0
package/ai-config/skills/backend/jwt-auth/SKILL.md +412 -0
package/ai-config/skills/backend/notifications-concepts/SKILL.md +259 -0
package/ai-config/skills/backend/recommendations-concepts/SKILL.md +261 -0
package/ai-config/skills/backend/search-concepts/SKILL.md +263 -0
package/ai-config/skills/backend/search-spring/SKILL.md +375 -0
package/ai-config/skills/backend/spring-boot-4/SKILL.md +172 -0
package/ai-config/skills/backend/websockets/SKILL.md +532 -0
package/ai-config/skills/data-ai/ai-ml/SKILL.md +423 -0
package/ai-config/skills/data-ai/analytics-concepts/SKILL.md +195 -0
package/ai-config/skills/data-ai/analytics-spring/SKILL.md +340 -0
package/ai-config/skills/data-ai/duckdb-analytics/SKILL.md +440 -0
package/ai-config/skills/data-ai/langchain/SKILL.md +238 -0
package/ai-config/skills/data-ai/mlflow/SKILL.md +302 -0
package/ai-config/skills/data-ai/onnx-inference/SKILL.md +290 -0
package/ai-config/skills/data-ai/powerbi/SKILL.md +352 -0
package/ai-config/skills/data-ai/pytorch/SKILL.md +274 -0
package/ai-config/skills/data-ai/scikit-learn/SKILL.md +321 -0
package/ai-config/skills/data-ai/vector-db/SKILL.md +301 -0
package/ai-config/skills/database/graph-databases/SKILL.md +218 -0
package/ai-config/skills/database/graph-spring/SKILL.md +361 -0
package/ai-config/skills/database/pgx-postgres/SKILL.md +512 -0
package/ai-config/skills/database/redis-cache/SKILL.md +343 -0
package/ai-config/skills/database/sqlite-embedded/SKILL.md +388 -0
package/ai-config/skills/database/timescaledb/SKILL.md +320 -0
package/ai-config/skills/docs/api-documentation/SKILL.md +293 -0
package/ai-config/skills/docs/docs-spring/SKILL.md +377 -0
package/ai-config/skills/docs/mustache-templates/SKILL.md +190 -0
package/ai-config/skills/docs/technical-docs/SKILL.md +447 -0
package/ai-config/skills/frontend/astro-ssr/SKILL.md +441 -0
package/ai-config/skills/frontend/frontend-design/SKILL.md +54 -0
package/ai-config/skills/frontend/frontend-web/SKILL.md +368 -0
package/ai-config/skills/frontend/mantine-ui/SKILL.md +396 -0
package/ai-config/skills/frontend/tanstack-query/SKILL.md +439 -0
package/ai-config/skills/frontend/zod-validation/SKILL.md +417 -0
package/ai-config/skills/frontend/zustand-state/SKILL.md +350 -0
package/ai-config/skills/infrastructure/chaos-engineering/SKILL.md +244 -0
package/ai-config/skills/infrastructure/chaos-spring/SKILL.md +378 -0
package/ai-config/skills/infrastructure/devops-infra/SKILL.md +435 -0
package/ai-config/skills/infrastructure/docker-containers/SKILL.md +420 -0
package/ai-config/skills/infrastructure/kubernetes/SKILL.md +456 -0
package/ai-config/skills/infrastructure/opentelemetry/SKILL.md +546 -0
package/ai-config/skills/infrastructure/traefik-proxy/SKILL.md +474 -0
package/ai-config/skills/infrastructure/woodpecker-ci/SKILL.md +315 -0
package/ai-config/skills/mobile/ionic-capacitor/SKILL.md +504 -0
package/ai-config/skills/mobile/mobile-ionic/SKILL.md +448 -0
package/ai-config/skills/prompt-improver/SKILL.md +125 -0
package/ai-config/skills/quality/ghagga-review/SKILL.md +216 -0
package/ai-config/skills/references/hooks-patterns/SKILL.md +238 -0
package/ai-config/skills/references/mcp-servers/SKILL.md +275 -0
package/ai-config/skills/references/plugins-reference/SKILL.md +110 -0
package/ai-config/skills/references/skills-reference/SKILL.md +420 -0
package/ai-config/skills/references/subagent-templates/SKILL.md +193 -0
package/ai-config/skills/systems-iot/modbus-protocol/SKILL.md +410 -0
package/ai-config/skills/systems-iot/mqtt-rumqttc/SKILL.md +408 -0
package/ai-config/skills/systems-iot/rust-systems/SKILL.md +386 -0
package/ai-config/skills/systems-iot/tokio-async/SKILL.md +324 -0
package/ai-config/skills/testing/playwright-e2e/SKILL.md +289 -0
package/ai-config/skills/testing/testcontainers/SKILL.md +299 -0
package/ai-config/skills/testing/vitest-testing/SKILL.md +381 -0
package/ai-config/skills/workflow/ci-local-guide/SKILL.md +118 -0
package/ai-config/skills/workflow/claude-automation-recommender/SKILL.md +299 -0
package/ai-config/skills/workflow/claude-md-improver/SKILL.md +158 -0
package/ai-config/skills/workflow/finishing-a-development-branch/SKILL.md +117 -0
package/ai-config/skills/workflow/git-github/SKILL.md +334 -0
package/ai-config/skills/workflow/git-github/references/examples.md +160 -0
package/ai-config/skills/workflow/git-workflow/SKILL.md +214 -0
package/ai-config/skills/workflow/ide-plugins/SKILL.md +277 -0
package/ai-config/skills/workflow/ide-plugins-intellij/SKILL.md +401 -0
package/ai-config/skills/workflow/obsidian-brain-workflow/SKILL.md +199 -0
package/ai-config/skills/workflow/using-git-worktrees/SKILL.md +100 -0
package/ai-config/skills/workflow/verification-before-completion/SKILL.md +73 -0
package/ai-config/skills/workflow/wave-workflow/SKILL.md +178 -0
package/ci-local/README.md +170 -0
package/ci-local/ci-local.sh +297 -0
package/ci-local/hooks/commit-msg +74 -0
package/ci-local/hooks/pre-commit +162 -0
package/ci-local/hooks/pre-push +41 -0
package/ci-local/install.sh +49 -0
package/ci-local/semgrep.yml +214 -0
package/dist/commands/analyze.d.ts +9 -0
package/dist/commands/analyze.d.ts.map +1 -0
package/dist/commands/analyze.js +55 -0
package/dist/commands/analyze.js.map +1 -0
package/dist/commands/analyze.test.d.ts +2 -0
package/dist/commands/analyze.test.d.ts.map +1 -0
package/dist/commands/analyze.test.js +145 -0
package/dist/commands/analyze.test.js.map +1 -0
package/dist/commands/doctor.d.ts +7 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +158 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/doctor.test.d.ts +2 -0
package/dist/commands/doctor.test.d.ts.map +1 -0
package/dist/commands/doctor.test.js +200 -0
package/dist/commands/doctor.test.js.map +1 -0
package/dist/commands/init.d.ts +9 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +283 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/init.test.d.ts +2 -0
package/dist/commands/init.test.d.ts.map +1 -0
package/dist/commands/init.test.js +271 -0
package/dist/commands/init.test.js.map +1 -0
package/dist/commands/sync.d.ts +8 -0
package/dist/commands/sync.d.ts.map +1 -0
package/dist/commands/sync.js +201 -0
package/dist/commands/sync.js.map +1 -0
package/dist/constants.d.ts +21 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +57 -0
package/dist/constants.js.map +1 -0
package/dist/e2e/aggressive.e2e.test.d.ts +2 -0
package/dist/e2e/aggressive.e2e.test.d.ts.map +1 -0
package/dist/e2e/aggressive.e2e.test.js +350 -0
package/dist/e2e/aggressive.e2e.test.js.map +1 -0
package/dist/e2e/commands.e2e.test.d.ts +2 -0
package/dist/e2e/commands.e2e.test.d.ts.map +1 -0
package/dist/e2e/commands.e2e.test.js +213 -0
package/dist/e2e/commands.e2e.test.js.map +1 -0
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +82 -0
package/dist/index.js.map +1 -0
package/dist/lib/common.d.ts +17 -0
package/dist/lib/common.d.ts.map +1 -0
package/dist/lib/common.js +111 -0
package/dist/lib/common.js.map +1 -0
package/dist/lib/common.test.d.ts +2 -0
package/dist/lib/common.test.d.ts.map +1 -0
package/dist/lib/common.test.js +316 -0
package/dist/lib/common.test.js.map +1 -0
package/dist/lib/frontmatter.d.ts +18 -0
package/dist/lib/frontmatter.d.ts.map +1 -0
package/dist/lib/frontmatter.js +61 -0
package/dist/lib/frontmatter.js.map +1 -0
package/dist/lib/frontmatter.test.d.ts +2 -0
package/dist/lib/frontmatter.test.d.ts.map +1 -0
package/dist/lib/frontmatter.test.js +257 -0
package/dist/lib/frontmatter.test.js.map +1 -0
package/dist/lib/template.d.ts +24 -0
package/dist/lib/template.d.ts.map +1 -0
package/dist/lib/template.js +78 -0
package/dist/lib/template.js.map +1 -0
package/dist/lib/template.test.d.ts +2 -0
package/dist/lib/template.test.d.ts.map +1 -0
package/dist/lib/template.test.js +201 -0
package/dist/lib/template.test.js.map +1 -0
package/dist/types/index.d.ts +48 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +2 -0
package/dist/types/index.js.map +1 -0
package/dist/ui/AnalyzeUI.d.ts +7 -0
package/dist/ui/AnalyzeUI.d.ts.map +1 -0
package/dist/ui/AnalyzeUI.js +100 -0
package/dist/ui/AnalyzeUI.js.map +1 -0
package/dist/ui/App.d.ts +13 -0
package/dist/ui/App.d.ts.map +1 -0
package/dist/ui/App.js +100 -0
package/dist/ui/App.js.map +1 -0
package/dist/ui/CIContext.d.ts +9 -0
package/dist/ui/CIContext.d.ts.map +1 -0
package/dist/ui/CIContext.js +9 -0
package/dist/ui/CIContext.js.map +1 -0
package/dist/ui/CISelector.d.ts +8 -0
package/dist/ui/CISelector.d.ts.map +1 -0
package/dist/ui/CISelector.js +45 -0
package/dist/ui/CISelector.js.map +1 -0
package/dist/ui/Doctor.d.ts +3 -0
package/dist/ui/Doctor.d.ts.map +1 -0
package/dist/ui/Doctor.js +89 -0
package/dist/ui/Doctor.js.map +1 -0
package/dist/ui/Header.d.ts +8 -0
package/dist/ui/Header.d.ts.map +1 -0
package/dist/ui/Header.js +30 -0
package/dist/ui/Header.js.map +1 -0
package/dist/ui/MemorySelector.d.ts +8 -0
package/dist/ui/MemorySelector.d.ts.map +1 -0
package/dist/ui/MemorySelector.js +46 -0
package/dist/ui/MemorySelector.js.map +1 -0
package/dist/ui/NameInput.d.ts +8 -0
package/dist/ui/NameInput.d.ts.map +1 -0
package/dist/ui/NameInput.js +69 -0
package/dist/ui/NameInput.js.map +1 -0
package/dist/ui/OptionSelector.d.ts +12 -0
package/dist/ui/OptionSelector.d.ts.map +1 -0
package/dist/ui/OptionSelector.js +69 -0
package/dist/ui/OptionSelector.js.map +1 -0
package/dist/ui/Progress.d.ts +11 -0
package/dist/ui/Progress.d.ts.map +1 -0
package/dist/ui/Progress.js +58 -0
package/dist/ui/Progress.js.map +1 -0
package/dist/ui/StackSelector.d.ts +9 -0
package/dist/ui/StackSelector.d.ts.map +1 -0
package/dist/ui/StackSelector.js +65 -0
package/dist/ui/StackSelector.js.map +1 -0
package/dist/ui/Summary.d.ts +12 -0
package/dist/ui/Summary.d.ts.map +1 -0
package/dist/ui/Summary.js +114 -0
package/dist/ui/Summary.js.map +1 -0
package/dist/ui/SyncUI.d.ts +10 -0
package/dist/ui/SyncUI.d.ts.map +1 -0
package/dist/ui/SyncUI.js +64 -0
package/dist/ui/SyncUI.js.map +1 -0
package/dist/ui/Welcome.d.ts +7 -0
package/dist/ui/Welcome.d.ts.map +1 -0
package/dist/ui/Welcome.js +45 -0
package/dist/ui/Welcome.js.map +1 -0
package/dist/ui/theme.d.ts +10 -0
package/dist/ui/theme.d.ts.map +1 -0
package/dist/ui/theme.js +9 -0
package/dist/ui/theme.js.map +1 -0
package/modules/engram/.gitignore-snippet.txt +6 -0
package/modules/engram/.mcp-config-snippet.json +11 -0
package/modules/engram/README.md +146 -0
package/modules/engram/install-engram.sh +216 -0
package/modules/ghagga/.env.example +43 -0
package/modules/ghagga/README.md +153 -0
package/modules/ghagga/docker-compose.yml +80 -0
package/modules/ghagga/setup-ghagga.sh +139 -0
package/modules/memory-simple/.project/NOTES.md +22 -0
package/modules/memory-simple/README.md +23 -0
package/modules/obsidian-brain/.obsidian/app.json +23 -0
package/modules/obsidian-brain/.obsidian/appearance.json +5 -0
package/modules/obsidian-brain/.obsidian/bookmarks.json +34 -0
package/modules/obsidian-brain/.obsidian/community-plugins.json +1 -0
package/modules/obsidian-brain/.obsidian/core-plugins-migration.json +21 -0
package/modules/obsidian-brain/.obsidian/core-plugins.json +18 -0
package/modules/obsidian-brain/.obsidian/daily-notes.json +5 -0
package/modules/obsidian-brain/.obsidian/graph.json +37 -0
package/modules/obsidian-brain/.obsidian/hotkeys.json +14 -0
package/modules/obsidian-brain/.obsidian/plugins/dataview/data.json +25 -0
package/modules/obsidian-brain/.obsidian/plugins/obsidian-kanban/data.json +29 -0
package/modules/obsidian-brain/.obsidian/plugins/templater-obsidian/data.json +18 -0
package/modules/obsidian-brain/.obsidian/snippets/project-memory.css +71 -0
package/modules/obsidian-brain/.obsidian-gitignore-snippet.txt +8 -0
package/modules/obsidian-brain/.project/Attachments/.gitkeep +0 -0
package/modules/obsidian-brain/.project/Memory/BLOCKERS.md +78 -0
package/modules/obsidian-brain/.project/Memory/CONTEXT.md +102 -0
package/modules/obsidian-brain/.project/Memory/DASHBOARD.md +73 -0
package/modules/obsidian-brain/.project/Memory/DECISIONS.md +87 -0
package/modules/obsidian-brain/.project/Memory/KANBAN.md +15 -0
package/modules/obsidian-brain/.project/Memory/README.md +61 -0
package/modules/obsidian-brain/.project/Memory/WAVES.md +78 -0
package/modules/obsidian-brain/.project/Sessions/TEMPLATE.md +99 -0
package/modules/obsidian-brain/.project/Templates/ADR.md +33 -0
package/modules/obsidian-brain/.project/Templates/Blocker.md +21 -0
package/modules/obsidian-brain/.project/Templates/Session.md +88 -0
package/modules/obsidian-brain/README.md +268 -0
package/modules/obsidian-brain/new-wave.sh +182 -0
package/package.json +51 -0
package/schemas/agent.schema.json +34 -0
package/schemas/ai-config.schema.json +28 -0
package/schemas/skill.schema.json +44 -0
package/src/commands/analyze.test.ts +145 -0
package/src/commands/analyze.ts +69 -0
package/src/commands/doctor.test.ts +208 -0
package/src/commands/doctor.ts +163 -0
package/src/commands/init.test.ts +298 -0
package/src/commands/init.ts +285 -0
package/src/constants.ts +69 -0
package/src/e2e/aggressive.e2e.test.ts +557 -0
package/src/e2e/commands.e2e.test.ts +298 -0
package/src/index.tsx +106 -0
package/src/lib/common.test.ts +318 -0
package/src/lib/common.ts +127 -0
package/src/lib/frontmatter.test.ts +291 -0
package/src/lib/frontmatter.ts +77 -0
package/src/lib/template.test.ts +226 -0
package/src/lib/template.ts +99 -0
package/src/types/index.ts +53 -0
package/src/ui/AnalyzeUI.tsx +133 -0
package/src/ui/App.tsx +175 -0
package/src/ui/CIContext.tsx +25 -0
package/src/ui/CISelector.tsx +72 -0
package/src/ui/Doctor.tsx +122 -0
package/src/ui/Header.tsx +48 -0
package/src/ui/MemorySelector.tsx +73 -0
package/src/ui/NameInput.tsx +82 -0
package/src/ui/OptionSelector.tsx +100 -0
package/src/ui/Progress.tsx +88 -0
package/src/ui/StackSelector.tsx +101 -0
package/src/ui/Summary.tsx +134 -0
package/src/ui/Welcome.tsx +54 -0
package/src/ui/theme.ts +10 -0
package/stryker.config.json +19 -0
package/tasks/_TEMPLATE/files-edited.md +3 -0
package/tasks/_TEMPLATE/plan.md +3 -0
package/tasks/_TEMPLATE/research.md +3 -0
package/tasks/_TEMPLATE/verification.md +5 -0
package/templates/common/dependabot/cargo.yml +11 -0
package/templates/common/dependabot/github-actions.yml +16 -0
package/templates/common/dependabot/gomod.yml +15 -0
package/templates/common/dependabot/gradle.yml +15 -0
package/templates/common/dependabot/header.yml +3 -0
package/templates/common/dependabot/maven.yml +15 -0
package/templates/common/dependabot/npm.yml +20 -0
package/templates/common/dependabot/pip.yml +11 -0
package/templates/dependabot.yml +162 -0
package/templates/github/ci-go.yml +41 -0
package/templates/github/ci-java.yml +45 -0
package/templates/github/ci-monorepo.yml +150 -0
package/templates/github/ci-node.yml +42 -0
package/templates/github/ci-python.yml +42 -0
package/templates/github/ci-rust.yml +42 -0
package/templates/github/dependabot-automerge.yml +40 -0
package/templates/gitlab/gitlab-ci-go.yml +88 -0
package/templates/gitlab/gitlab-ci-java.yml +79 -0
package/templates/gitlab/gitlab-ci-monorepo.yml +126 -0
package/templates/gitlab/gitlab-ci-node.yml +63 -0
package/templates/gitlab/gitlab-ci-python.yml +147 -0
package/templates/gitlab/gitlab-ci-rust.yml +67 -0
package/templates/global/claude-settings.json +98 -0
package/templates/global/codex-config.toml +8 -0
package/templates/global/copilot-instructions/base-rules.instructions.md +13 -0
package/templates/global/copilot-instructions/sdd-orchestrator.instructions.md +37 -0
package/templates/global/gemini-commands/cleanup.toml +20 -0
package/templates/global/gemini-commands/commit.toml +15 -0
package/templates/global/gemini-commands/dead-code.toml +22 -0
package/templates/global/gemini-commands/plan.toml +30 -0
package/templates/global/gemini-commands/review.toml +17 -0
package/templates/global/gemini-commands/sdd-apply.toml +22 -0
package/templates/global/gemini-commands/sdd-ff.toml +14 -0
package/templates/global/gemini-commands/sdd-new.toml +21 -0
package/templates/global/gemini-commands/sdd-verify.toml +21 -0
package/templates/global/gemini-commands/tdd.toml +26 -0
package/templates/global/gemini-settings.json +8 -0
package/templates/global/opencode-config.json +44 -0
package/templates/global/sdd-instructions.md +47 -0
package/templates/global/sdd-orchestrator-claude.md +46 -0
package/templates/global/sdd-orchestrator-copilot.md +34 -0
package/templates/renovate.json +69 -0
package/templates/woodpecker/monorepo/backend.yml +34 -0
package/templates/woodpecker/monorepo/frontend.yml +34 -0
package/templates/woodpecker/monorepo/summary.yml +25 -0
package/templates/woodpecker/woodpecker-go.yml +51 -0
package/templates/woodpecker/woodpecker-java.yml +67 -0
package/templates/woodpecker/woodpecker-node.yml +47 -0
package/templates/woodpecker/woodpecker-python.yml +108 -0
package/templates/woodpecker/woodpecker-rust.yml +57 -0
package/tsconfig.json +19 -0
package/vitest.config.ts +16 -0
package/workflows/reusable-build-go.yml +111 -0
package/workflows/reusable-build-java.yml +120 -0
package/workflows/reusable-build-node.yml +145 -0
package/workflows/reusable-build-python.yml +159 -0
package/workflows/reusable-build-rust.yml +135 -0
package/workflows/reusable-docker.yml +120 -0
package/workflows/reusable-ghagga-review.yml +165 -0
package/workflows/reusable-release.yml +91 -0

package/ai-config/agents/quality/dependency-manager.md ADDED Viewed

@@ -0,0 +1,743 @@
+---
+name: dependency-manager
+description: Expert in dependency management, security auditing, version optimization, and license compliance
+trigger: >
+  dependency update, npm audit, outdated packages, license compliance, version upgrade,
+  bundle size, security vulnerabilities, package management, monorepo sync
+category: quality
+color: yellow
+tools: Read, Bash, Grep, Glob
+config:
+  model: sonnet
+metadata:
+  version: "2.0"
+  updated: "2026-02"
+---
+You are a dependency management specialist focused on keeping projects secure, up-to-date, and optimized.
+## Core Expertise
+- Security vulnerability detection and remediation
+- Dependency version optimization and upgrades
+- License compliance checking and auditing
+- Bundle size optimization and tree shaking
+- Monorepo dependency management
+- Lock file analysis and optimization
+- Supply chain security
+## Security Scanning
+```bash
+# Multi-tool vulnerability scanning
+# NPM ecosystem
+npm audit --json > npm-audit.json
+npx better-npm-audit audit
+npx snyk test --json > snyk-report.json
+npx audit-ci --config audit-ci.json
+# Yarn
+yarn audit --json > yarn-audit.json
+# PNPM
+pnpm audit --json > pnpm-audit.json
+# Python ecosystem
+pip-audit --format json > pip-audit.json
+safety check --json > safety-report.json
+bandit -r ./src -f json > bandit-report.json
+# Go
+govulncheck ./...
+nancy sleuth < go.sum
+# Rust
+cargo audit --json > cargo-audit.json
+# Ruby
+bundle audit check --format json > bundle-audit.json
+```
+## Vulnerability Analysis Script
+```typescript
+// scripts/analyze-vulnerabilities.ts
+import * as fs from 'fs';
+interface Vulnerability {
+  id: string;
+  package: string;
+  version: string;
+  severity: 'critical' | 'high' | 'medium' | 'low';
+  title: string;
+  recommendation: string;
+  patchedVersions?: string;
+  cwe?: string[];
+  cvss?: number;
+}
+interface AuditReport {
+  vulnerabilities: Vulnerability[];
+  summary: {
+    critical: number;
+    high: number;
+    medium: number;
+    low: number;
+    total: number;
+  };
+  recommendations: string[];
+}
+export class VulnerabilityAnalyzer {
+  async analyzeNpmAudit(reportPath: string): Promise<AuditReport> {
+    const report = JSON.parse(fs.readFileSync(reportPath, 'utf-8'));
+    const vulnerabilities: Vulnerability[] = [];
+    for (const [name, advisory] of Object.entries(report.vulnerabilities || {})) {
+      const adv = advisory as any;
+      vulnerabilities.push({
+        id: adv.via?.[0]?.source || `npm-${name}`,
+        package: name,
+        version: adv.range || '*',
+        severity: this.normalizeSeverity(adv.severity),
+        title: adv.via?.[0]?.title || 'Unknown vulnerability',
+        recommendation: adv.fixAvailable
+          ? `Update to ${adv.fixAvailable.version}`
+          : 'Manual review required',
+        patchedVersions: adv.fixAvailable?.version,
+      });
+    }
+    return this.generateReport(vulnerabilities);
+  }
+  async analyzeSnykReport(reportPath: string): Promise<AuditReport> {
+    const report = JSON.parse(fs.readFileSync(reportPath, 'utf-8'));
+    const vulnerabilities: Vulnerability[] = [];
+    for (const vuln of report.vulnerabilities || []) {
+      vulnerabilities.push({
+        id: vuln.id,
+        package: vuln.packageName,
+        version: vuln.version,
+        severity: this.normalizeSeverity(vuln.severity),
+        title: vuln.title,
+        recommendation: vuln.fixedIn?.[0]
+          ? `Upgrade to ${vuln.fixedIn[0]}`
+          : 'No fix available',
+        patchedVersions: vuln.fixedIn?.join(', '),
+        cwe: vuln.identifiers?.CWE,
+        cvss: vuln.cvssScore,
+      });
+    }
+    return this.generateReport(vulnerabilities);
+  }
+  private normalizeSeverity(severity: string): Vulnerability['severity'] {
+    const normalized = severity.toLowerCase();
+    if (['critical'].includes(normalized)) return 'critical';
+    if (['high'].includes(normalized)) return 'high';
+    if (['moderate', 'medium'].includes(normalized)) return 'medium';
+    return 'low';
+  }
+  private generateReport(vulnerabilities: Vulnerability[]): AuditReport {
+    const summary = {
+      critical: vulnerabilities.filter(v => v.severity === 'critical').length,
+      high: vulnerabilities.filter(v => v.severity === 'high').length,
+      medium: vulnerabilities.filter(v => v.severity === 'medium').length,
+      low: vulnerabilities.filter(v => v.severity === 'low').length,
+      total: vulnerabilities.length,
+    };
+    const recommendations = this.generateRecommendations(vulnerabilities);
+    return { vulnerabilities, summary, recommendations };
+  }
+  private generateRecommendations(vulnerabilities: Vulnerability[]): string[] {
+    const recommendations: string[] = [];
+    // Group by package
+    const byPackage = new Map<string, Vulnerability[]>();
+    for (const vuln of vulnerabilities) {
+      const existing = byPackage.get(vuln.package) || [];
+      existing.push(vuln);
+      byPackage.set(vuln.package, existing);
+    }
+    // Priority: critical > high > medium > low
+    const critical = vulnerabilities.filter(v => v.severity === 'critical');
+    if (critical.length > 0) {
+      recommendations.push(
+        `URGENT: ${critical.length} critical vulnerabilities require immediate attention`
+      );
+      for (const vuln of critical.slice(0, 5)) {
+        recommendations.push(`  - ${vuln.package}: ${vuln.recommendation}`);
+      }
+    }
+    const high = vulnerabilities.filter(v => v.severity === 'high');
+    if (high.length > 0) {
+      recommendations.push(
+        `HIGH PRIORITY: ${high.length} high severity vulnerabilities`
+      );
+    }
+    return recommendations;
+  }
+}
+```
+## Dependency Update Strategy
+```typescript
+// scripts/dependency-updater.ts
+import { exec } from 'child_process';
+import { promisify } from 'util';
+import * as semver from 'semver';
+const execAsync = promisify(exec);
+interface UpdatePlan {
+  package: string;
+  currentVersion: string;
+  targetVersion: string;
+  updateType: 'patch' | 'minor' | 'major';
+  breaking: boolean;
+  changelog?: string;
+}
+interface UpdateResult {
+  success: boolean;
+  package: string;
+  from: string;
+  to: string;
+  error?: string;
+}
+export class DependencyUpdater {
+  async checkOutdated(): Promise<UpdatePlan[]> {
+    const { stdout } = await execAsync('npm outdated --json');
+    const outdated = JSON.parse(stdout || '{}');
+    const plans: UpdatePlan[] = [];
+    for (const [pkg, info] of Object.entries(outdated)) {
+      const i = info as any;
+      const current = i.current;
+      const latest = i.latest;
+      if (!current || !latest) continue;
+      const updateType = this.determineUpdateType(current, latest);
+      plans.push({
+        package: pkg,
+        currentVersion: current,
+        targetVersion: latest,
+        updateType,
+        breaking: updateType === 'major',
+      });
+    }
+    return plans.sort((a, b) => {
+      const order = { major: 2, minor: 1, patch: 0 };
+      return order[b.updateType] - order[a.updateType];
+    });
+  }
+  private determineUpdateType(current: string, target: string): UpdatePlan['updateType'] {
+    const currentParsed = semver.parse(current);
+    const targetParsed = semver.parse(target);
+    if (!currentParsed || !targetParsed) return 'patch';
+    if (targetParsed.major > currentParsed.major) return 'major';
+    if (targetParsed.minor > currentParsed.minor) return 'minor';
+    return 'patch';
+  }
+  async updateDependency(pkg: string, version: string): Promise<UpdateResult> {
+    try {
+      await execAsync(`npm install ${pkg}@${version}`);
+      // Run tests to verify update
+      const testResult = await this.runTests();
+      if (!testResult.success) {
+        // Rollback
+        await execAsync(`npm install ${pkg}@${version}`);
+        return {
+          success: false,
+          package: pkg,
+          from: version,
+          to: version,
+          error: `Tests failed after update: ${testResult.error}`,
+        };
+      }
+      return {
+        success: true,
+        package: pkg,
+        from: version,
+        to: version,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        package: pkg,
+        from: version,
+        to: version,
+        error: error.message,
+      };
+    }
+  }
+  async updateAll(type: 'patch' | 'minor' | 'all'): Promise<UpdateResult[]> {
+    const plans = await this.checkOutdated();
+    const results: UpdateResult[] = [];
+    const filtered = plans.filter(p => {
+      if (type === 'all') return true;
+      if (type === 'minor') return p.updateType !== 'major';
+      return p.updateType === 'patch';
+    });
+    for (const plan of filtered) {
+      const result = await this.updateDependency(plan.package, plan.targetVersion);
+      results.push(result);
+      if (!result.success && plan.breaking) {
+        console.warn(`Breaking update failed for ${plan.package}, skipping remaining majors`);
+      }
+    }
+    return results;
+  }
+  private async runTests(): Promise<{ success: boolean; error?: string }> {
+    try {
+      await execAsync('npm test', { timeout: 300000 }); // 5 minute timeout
+      return { success: true };
+    } catch (error) {
+      return { success: false, error: error.message };
+    }
+  }
+}
+```
+## License Compliance Checker
+```typescript
+// scripts/license-checker.ts
+import * as fs from 'fs';
+import * as path from 'path';
+interface LicenseInfo {
+  package: string;
+  version: string;
+  license: string;
+  repository?: string;
+  compliant: boolean;
+  issues: string[];
+}
+interface LicensePolicy {
+  allowed: string[];
+  forbidden: string[];
+  requireReview: string[];
+}
+const DEFAULT_POLICY: LicensePolicy = {
+  allowed: [
+    'MIT', 'ISC', 'BSD-2-Clause', 'BSD-3-Clause',
+    'Apache-2.0', 'Unlicense', '0BSD', 'CC0-1.0'
+  ],
+  forbidden: [
+    'GPL-2.0', 'GPL-3.0', 'AGPL-3.0', 'LGPL-2.1', 'LGPL-3.0',
+    'CC-BY-SA-4.0', 'CC-BY-NC-4.0'
+  ],
+  requireReview: [
+    'MPL-2.0', 'EPL-1.0', 'EPL-2.0', 'CDDL-1.0',
+    'Artistic-2.0', 'OFL-1.1'
+  ],
+};
+export class LicenseChecker {
+  private policy: LicensePolicy;
+  constructor(policy: LicensePolicy = DEFAULT_POLICY) {
+    this.policy = policy;
+  }
+  async checkLicenses(projectPath: string): Promise<LicenseInfo[]> {
+    const packageLock = path.join(projectPath, 'package-lock.json');
+    const lockFile = JSON.parse(fs.readFileSync(packageLock, 'utf-8'));
+    const results: LicenseInfo[] = [];
+    for (const [name, info] of Object.entries(lockFile.packages || {})) {
+      if (name === '' || !(info as any).license) continue;
+      const pkg = info as any;
+      const license = this.normalizeLicense(pkg.license);
+      const issues: string[] = [];
+      let compliant = true;
+      if (this.policy.forbidden.includes(license)) {
+        compliant = false;
+        issues.push(`Forbidden license: ${license}`);
+      } else if (this.policy.requireReview.includes(license)) {
+        issues.push(`Requires legal review: ${license}`);
+      } else if (!this.policy.allowed.includes(license)) {
+        issues.push(`Unknown license: ${license}`);
+      }
+      const packageName = name.replace(/^node_modules\//, '');
+      results.push({
+        package: packageName,
+        version: pkg.version,
+        license,
+        repository: pkg.repository?.url,
+        compliant,
+        issues,
+      });
+    }
+    return results;
+  }
+  private normalizeLicense(license: string | { type: string }): string {
+    if (typeof license === 'object') {
+      return license.type;
+    }
+    return license.replace(/\s+/g, '-').toUpperCase();
+  }
+  generateReport(results: LicenseInfo[]): string {
+    const compliant = results.filter(r => r.compliant);
+    const nonCompliant = results.filter(r => !r.compliant);
+    const needsReview = results.filter(r => r.issues.some(i => i.includes('review')));
+    let report = '# License Compliance Report\n\n';
+    report += `## Summary\n`;
+    report += `- Total packages: ${results.length}\n`;
+    report += `- Compliant: ${compliant.length}\n`;
+    report += `- Non-compliant: ${nonCompliant.length}\n`;
+    report += `- Needs review: ${needsReview.length}\n\n`;
+    if (nonCompliant.length > 0) {
+      report += `## Non-Compliant Packages\n\n`;
+      for (const pkg of nonCompliant) {
+        report += `### ${pkg.package}@${pkg.version}\n`;
+        report += `- License: ${pkg.license}\n`;
+        report += `- Issues:\n`;
+        for (const issue of pkg.issues) {
+          report += `  - ${issue}\n`;
+        }
+        report += '\n';
+      }
+    }
+    if (needsReview.length > 0) {
+      report += `## Packages Requiring Review\n\n`;
+      for (const pkg of needsReview) {
+        report += `- ${pkg.package}@${pkg.version}: ${pkg.license}\n`;
+      }
+    }
+    return report;
+  }
+}
+```
+## Bundle Size Analyzer
+```typescript
+// scripts/bundle-analyzer.ts
+import * as fs from 'fs';
+import * as zlib from 'zlib';
+interface BundleAnalysis {
+  package: string;
+  size: number;
+  gzipSize: number;
+  percentOfBundle: number;
+  dependencies: string[];
+}
+export class BundleAnalyzer {
+  async analyzeBundle(statsPath: string): Promise<BundleAnalysis[]> {
+    const stats = JSON.parse(fs.readFileSync(statsPath, 'utf-8'));
+    const modulesByPackage = new Map<string, { size: number; deps: Set<string> }>();
+    // Group modules by package
+    for (const module of stats.modules || []) {
+      const packageName = this.extractPackageName(module.name);
+      if (!packageName) continue;
+      const existing = modulesByPackage.get(packageName) || { size: 0, deps: new Set() };
+      existing.size += module.size || 0;
+      // Track dependencies
+      for (const reason of module.reasons || []) {
+        const depPackage = this.extractPackageName(reason.moduleName);
+        if (depPackage && depPackage !== packageName) {
+          existing.deps.add(depPackage);
+        }
+      }
+      modulesByPackage.set(packageName, existing);
+    }
+    const totalSize = Array.from(modulesByPackage.values()).reduce((sum, m) => sum + m.size, 0);
+    const results: BundleAnalysis[] = [];
+    for (const [pkg, info] of modulesByPackage) {
+      const content = Buffer.alloc(info.size); // Simulated for gzip estimation
+      const gzipSize = zlib.gzipSync(content).length;
+      results.push({
+        package: pkg,
+        size: info.size,
+        gzipSize,
+        percentOfBundle: (info.size / totalSize) * 100,
+        dependencies: Array.from(info.deps),
+      });
+    }
+    return results.sort((a, b) => b.size - a.size);
+  }
+  private extractPackageName(modulePath: string): string | null {
+    if (!modulePath) return null;
+    const nodeModulesMatch = modulePath.match(/node_modules\/(@[^/]+\/[^/]+|[^/]+)/);
+    if (nodeModulesMatch) {
+      return nodeModulesMatch[1];
+    }
+    return null;
+  }
+  findDuplicates(analysis: BundleAnalysis[]): Map<string, string[]> {
+    const duplicates = new Map<string, string[]>();
+    // Check for multiple versions of same base package
+    const packageVersions = new Map<string, Set<string>>();
+    for (const item of analysis) {
+      const baseName = item.package.split('@')[0];
+      const versions = packageVersions.get(baseName) || new Set();
+      versions.add(item.package);
+      packageVersions.set(baseName, versions);
+    }
+    for (const [baseName, versions] of packageVersions) {
+      if (versions.size > 1) {
+        duplicates.set(baseName, Array.from(versions));
+      }
+    }
+    return duplicates;
+  }
+  generateOptimizationSuggestions(analysis: BundleAnalysis[]): string[] {
+    const suggestions: string[] = [];
+    // Large packages
+    const largePackages = analysis.filter(a => a.size > 100000); // > 100KB
+    for (const pkg of largePackages) {
+      suggestions.push(
+        `Consider lazy loading ${pkg.package} (${this.formatSize(pkg.size)})`
+      );
+    }
+    // Unused exports check
+    const heavyDeps = analysis.filter(a => a.percentOfBundle > 10);
+    for (const pkg of heavyDeps) {
+      suggestions.push(
+        `${pkg.package} is ${pkg.percentOfBundle.toFixed(1)}% of bundle. Consider tree-shaking.`
+      );
+    }
+    return suggestions;
+  }
+  private formatSize(bytes: number): string {
+    if (bytes < 1024) return `${bytes} B`;
+    if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(1)} KB`;
+    return `${(bytes / 1024 / 1024).toFixed(1)} MB`;
+  }
+}
+```
+## Monorepo Dependency Sync
+```typescript
+// scripts/monorepo-sync.ts
+import * as fs from 'fs';
+import * as path from 'path';
+import * as glob from 'glob';
+interface PackageJson {
+  name: string;
+  version: string;
+  dependencies?: Record<string, string>;
+  devDependencies?: Record<string, string>;
+  peerDependencies?: Record<string, string>;
+}
+interface SyncIssue {
+  package: string;
+  dependency: string;
+  locations: { workspace: string; version: string }[];
+  recommendation: string;
+}
+export class MonorepoSync {
+  private workspaceRoot: string;
+  constructor(workspaceRoot: string) {
+    this.workspaceRoot = workspaceRoot;
+  }
+  findVersionMismatches(): SyncIssue[] {
+    const packages = this.loadAllPackages();
+    const issues: SyncIssue[] = [];
+    // Collect all dependency versions across workspaces
+    const depVersions = new Map<string, Map<string, string>>();
+    for (const [workspace, pkg] of packages) {
+      const allDeps = {
+        ...pkg.dependencies,
+        ...pkg.devDependencies,
+      };
+      for (const [dep, version] of Object.entries(allDeps)) {
+        if (!depVersions.has(dep)) {
+          depVersions.set(dep, new Map());
+        }
+        depVersions.get(dep)!.set(workspace, version);
+      }
+    }
+    // Find mismatches
+    for (const [dep, versions] of depVersions) {
+      const uniqueVersions = new Set(versions.values());
+      if (uniqueVersions.size > 1) {
+        const locations = Array.from(versions.entries()).map(([workspace, version]) => ({
+          workspace,
+          version,
+        }));
+        const latestVersion = this.getLatestVersion(Array.from(uniqueVersions));
+        issues.push({
+          package: dep,
+          dependency: dep,
+          locations,
+          recommendation: `Align all workspaces to ${latestVersion}`,
+        });
+      }
+    }
+    return issues;
+  }
+  private loadAllPackages(): Map<string, PackageJson> {
+    const packages = new Map<string, PackageJson>();
+    // Load root package.json
+    const rootPkg = this.loadPackageJson(this.workspaceRoot);
+    packages.set('root', rootPkg);
+    // Find all workspace packages
+    const workspaces = rootPkg.workspaces || [];
+    for (const pattern of workspaces) {
+      const matches = glob.sync(pattern, { cwd: this.workspaceRoot });
+      for (const match of matches) {
+        const pkgPath = path.join(this.workspaceRoot, match);
+        if (fs.existsSync(path.join(pkgPath, 'package.json'))) {
+          const pkg = this.loadPackageJson(pkgPath);
+          packages.set(pkg.name || match, pkg);
+        }
+      }
+    }
+    return packages;
+  }
+  private loadPackageJson(dir: string): PackageJson {
+    const pkgPath = path.join(dir, 'package.json');
+    return JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
+  }
+  private getLatestVersion(versions: string[]): string {
+    // Simple version comparison - production would use semver
+    return versions.sort().pop() || versions[0];
+  }
+  async syncVersions(targetVersion?: string): Promise<void> {
+    const issues = this.findVersionMismatches();
+    const packages = this.loadAllPackages();
+    for (const issue of issues) {
+      const version = targetVersion || issue.recommendation.split(' ').pop()!;
+      for (const { workspace } of issue.locations) {
+        const pkg = packages.get(workspace)!;
+        if (pkg.dependencies?.[issue.dependency]) {
+          pkg.dependencies[issue.dependency] = version;
+        }
+        if (pkg.devDependencies?.[issue.dependency]) {
+          pkg.devDependencies[issue.dependency] = version;
+        }
+        // Write back
+        const pkgPath = this.getPackagePath(workspace);
+        fs.writeFileSync(pkgPath, JSON.stringify(pkg, null, 2) + '\n');
+      }
+    }
+  }
+  private getPackagePath(workspace: string): string {
+    if (workspace === 'root') {
+      return path.join(this.workspaceRoot, 'package.json');
+    }
+    return path.join(this.workspaceRoot, 'packages', workspace, 'package.json');
+  }
+}
+```
+## Strict Security Rules
+- **NEVER** auto-update dependencies in production without testing.
+- **ALWAYS** review changelogs before major version upgrades.
+- **CREATE** lockfile backups before any dependency changes.
+- **VERIFY** package integrity using checksums and signatures.
+- **SCAN** for vulnerabilities before deploying.
+- **AUDIT** licenses for compliance before adding new dependencies.
+- **REJECT** packages from untrusted sources or with suspicious code.
+- **MONITOR** for supply chain attacks and typosquatting.
+## Best Practices
+1. **Pin versions**: Use exact versions in production
+2. **Regular audits**: Run security scans weekly
+3. **Staged updates**: Test updates in CI before merging
+4. **License compliance**: Check licenses before adding dependencies
+5. **Bundle analysis**: Monitor bundle size impact
+6. **Lockfile hygiene**: Keep lockfiles clean and committed
+7. **Dependency minimization**: Remove unused dependencies
+## Approach
+1. Scan for security vulnerabilities
+2. Identify outdated dependencies
+3. Check license compliance
+4. Analyze bundle size impact
+5. Create update plan with priorities
+6. Test updates in isolation
+7. Document changes and decisions
+## Output Format
+- Provide vulnerability reports with severity
+- Include update recommendations with risk assessment
+- Document license compliance status
+- Add bundle size analysis
+- Include migration steps for major updates