moicle 2.3.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -47
- package/assets/commands/marketing.md +6 -6
- package/assets/skills/docs/sync/SKILL.md +195 -157
- package/assets/skills/feature/build/SKILL.md +891 -0
- package/assets/skills/feature/track/SKILL.md +157 -0
- package/assets/skills/fix/bug/SKILL.md +449 -0
- package/assets/skills/fix/incident/SKILL.md +6 -6
- package/assets/skills/marketing/brand/SKILL.md +304 -0
- package/assets/skills/marketing/content/SKILL.md +199 -141
- package/assets/skills/research/explore/SKILL.md +392 -0
- package/assets/skills/review/code/SKILL.md +622 -0
- package/dist/commands/install/usage.js +2 -2
- package/dist/commands/install/usage.js.map +1 -1
- package/package.json +1 -1
- package/assets/skills/docs/write/SKILL.md +0 -274
- package/assets/skills/feature/api/SKILL.md +0 -277
- package/assets/skills/feature/deprecate/SKILL.md +0 -276
- package/assets/skills/feature/new/SKILL.md +0 -273
- package/assets/skills/feature/refactor/SKILL.md +0 -269
- package/assets/skills/fix/hotfix/SKILL.md +0 -233
- package/assets/skills/fix/pr-comment/SKILL.md +0 -186
- package/assets/skills/fix/root-cause/SKILL.md +0 -276
- package/assets/skills/marketing/logo/SKILL.md +0 -252
- package/assets/skills/marketing/seo-blog/SKILL.md +0 -367
- package/assets/skills/marketing/video/SKILL.md +0 -258
- package/assets/skills/research/onboarding/SKILL.md +0 -225
- package/assets/skills/research/spike/SKILL.md +0 -228
- package/assets/skills/research/web/SKILL.md +0 -204
- package/assets/skills/review/architect/SKILL.md +0 -274
- package/assets/skills/review/branch/SKILL.md +0 -277
- package/assets/skills/review/pr/SKILL.md +0 -231
- package/assets/skills/review/tdd/SKILL.md +0 -245
|
@@ -0,0 +1,891 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: feature-build
|
|
3
|
+
description: Feature lifecycle workflow — build new DDD features, refactor existing code into DDD, add/integrate APIs, or deprecate features. Stack-aware with phase-based checks and a review loop. Use when user says "implement feature", "add feature", "build feature", "create feature", "new feature", "refactor", "clean up", "improve code", "restructure", "migrate to ddd", "refactor ddd", "integrate api", "add endpoint", "new api", "connect api", "api integration", "deprecate", "remove feature", "sunset", "phase out", "delete feature".
|
|
4
|
+
args: "[MODE] [DOMAIN] [FEATURE]"
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# Feature Build Workflow
|
|
8
|
+
|
|
9
|
+
One skill for the full lifecycle of a feature: **create it, restructure it, expose it via API, or sunset it** — all following DDD layers with rule checks per phase and a review loop.
|
|
10
|
+
|
|
11
|
+
**ARGUMENTS:** `<mode> <domain> <feature>` — `mode` ∈ `new | refactor | api | deprecate`. e.g. `new wallet savings`, `refactor marketing notification`, `api catalog`, `deprecate payments legacy-checkout`.
|
|
12
|
+
|
|
13
|
+
## Pick your mode
|
|
14
|
+
|
|
15
|
+
| If you are… | Mode | Jump to |
|
|
16
|
+
|-------------|------|---------|
|
|
17
|
+
| Building a brand-new feature across DDD layers | **NEW** | [Mode NEW](#mode-new) |
|
|
18
|
+
| Restructuring existing code into DDD / fixing drift | **REFACTOR** | [Mode REFACTOR](#mode-refactor) |
|
|
19
|
+
| Adding an endpoint or integrating a third-party API | **API** | [Mode API](#mode-api) |
|
|
20
|
+
| Safely sunsetting a feature / endpoint / module | **DEPRECATE** | [Mode DEPRECATE](#mode-deprecate) |
|
|
21
|
+
|
|
22
|
+
- ❌ Quick bug fix → use `/fix-bug`
|
|
23
|
+
- ❌ Don't know the right approach yet → `/research-explore` (WEB or SPIKE) first
|
|
24
|
+
- ❌ Multi-step task you want to run as a tracked checklist loop → `/feature-track`
|
|
25
|
+
|
|
26
|
+
## Read Architecture First (all modes)
|
|
27
|
+
|
|
28
|
+
Detect stack via `~/.claude/architecture/_shared/stack-detection.md`. Load `ddd-architecture.md` + the stack doc — extract directory layout, layer rules, forbidden imports, check scripts before any code. Severity definitions live in `~/.claude/architecture/_shared/severity-levels.md`.
|
|
29
|
+
|
|
30
|
+
---
|
|
31
|
+
---
|
|
32
|
+
|
|
33
|
+
# Mode NEW
|
|
34
|
+
|
|
35
|
+
Build a new feature following DDD layers with rule checks per phase and a final review loop until score ≥ B.
|
|
36
|
+
|
|
37
|
+
## When to use
|
|
38
|
+
|
|
39
|
+
- ✅ Feature spans multiple DDD layers (domain + app + infra)
|
|
40
|
+
- ✅ The approach is well-understood (no major research / prototype needed)
|
|
41
|
+
- ✅ You want automated architecture review at the end
|
|
42
|
+
- ❌ Restructuring existing code → use **Mode REFACTOR**
|
|
43
|
+
- ❌ Adding only an endpoint → use **Mode API**
|
|
44
|
+
|
|
45
|
+
## Workflow
|
|
46
|
+
|
|
47
|
+
```
|
|
48
|
+
1 PLAN → 2 DOMAIN → 3 INFRA → 4 APP → 5 WIRE → 6 TESTS → REVIEW LOOP
|
|
49
|
+
```
|
|
50
|
+
|
|
51
|
+
## Phase 1: PLAN
|
|
52
|
+
|
|
53
|
+
### 1.1 Read a reference module
|
|
54
|
+
Pick the smallest existing module in the project as a template. Read ALL its files end-to-end:
|
|
55
|
+
- entities, value objects, events, ports, usecases
|
|
56
|
+
- service, handler, DTOs, listeners
|
|
57
|
+
- infrastructure store/API
|
|
58
|
+
- registration in router/provider/registry
|
|
59
|
+
|
|
60
|
+
### 1.2 Plan the feature
|
|
61
|
+
|
|
62
|
+
Present to the user:
|
|
63
|
+
|
|
64
|
+
```markdown
|
|
65
|
+
## Feature Plan: {domain}/{feature}
|
|
66
|
+
|
|
67
|
+
### Entities + fields
|
|
68
|
+
- `{Entity}` — {field: type, with constraint}
|
|
69
|
+
- ...
|
|
70
|
+
|
|
71
|
+
### Value Objects
|
|
72
|
+
- `{Status}` — states: {list}, transitions: {list}
|
|
73
|
+
- ...
|
|
74
|
+
|
|
75
|
+
### Endpoints / screens / commands
|
|
76
|
+
| Method | Path | Purpose |
|
|
77
|
+
|--------|------|---------|
|
|
78
|
+
| POST | /api/v1/wallets/:id/savings | Open savings account |
|
|
79
|
+
|
|
80
|
+
### Domain events
|
|
81
|
+
| Event | Triggered when | Listeners |
|
|
82
|
+
|-------|----------------|-----------|
|
|
83
|
+
| `SavingsAccountOpened` | After Account.open() succeeds | NotificationListener |
|
|
84
|
+
|
|
85
|
+
### Business rules
|
|
86
|
+
- Cannot open savings if main balance < min threshold
|
|
87
|
+
- Interest accrues nightly via scheduled job
|
|
88
|
+
- ...
|
|
89
|
+
|
|
90
|
+
### Files to create
|
|
91
|
+
- `domain/wallet/entities/savings_account.go`
|
|
92
|
+
- `domain/wallet/valueobjects/savings_status.go`
|
|
93
|
+
- `domain/wallet/ports/savings_store.go`
|
|
94
|
+
- `domain/wallet/usecases/open_savings.go`
|
|
95
|
+
- `application/ports/http/savings_handler.go`
|
|
96
|
+
- `infrastructure/database/savings_store.go`
|
|
97
|
+
- (+ tests for each domain file)
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
### Gate
|
|
101
|
+
- [ ] Architecture docs read
|
|
102
|
+
- [ ] Reference module read end-to-end
|
|
103
|
+
- [ ] Plan presented
|
|
104
|
+
- [ ] **User CONFIRMED** before any code is written
|
|
105
|
+
|
|
106
|
+
## Phase 2: DOMAIN LAYER
|
|
107
|
+
|
|
108
|
+
Build in order: **value objects → entities → events → ports → usecases**.
|
|
109
|
+
|
|
110
|
+
- **Value Objects** — typed values with behavior (`IsTerminal()`, `CanTransitionTo()`). Stdlib imports only.
|
|
111
|
+
- **Entities** — constructor + behavior methods + guard methods (`isActive()`, `canXxx()`) + business error types. Raise events on state change. Imports: stdlib + valueobjects + domain/shared.
|
|
112
|
+
- **Events** — one file per event, extend base event, carry data listeners need.
|
|
113
|
+
- **Ports** — one file per interface. Store ports use domain types. Platform-agnostic naming. No infra imports.
|
|
114
|
+
- **UseCases** — constructor with port deps + event dispatcher. Split by concern. Business logic lives here. Dispatch events after persistence. No infra imports.
|
|
115
|
+
|
|
116
|
+
### Gate
|
|
117
|
+
```bash
|
|
118
|
+
{build_domain} && echo PASS || echo FAIL
|
|
119
|
+
{grep_forbidden in domain/} && echo FAIL || echo PASS
|
|
120
|
+
{cross_domain_check} && echo FAIL || echo PASS
|
|
121
|
+
```
|
|
122
|
+
|
|
123
|
+
## Phase 3: INFRASTRUCTURE LAYER
|
|
124
|
+
|
|
125
|
+
### 3.1 Persistence models (if applicable)
|
|
126
|
+
- ORM models, Prisma schema, Freezed classes
|
|
127
|
+
- Table/collection config
|
|
128
|
+
- Helpers for atomic updates
|
|
129
|
+
|
|
130
|
+
### 3.2 Store / API implementations
|
|
131
|
+
- Implements port interfaces from domain
|
|
132
|
+
- Compile-time interface check (where supported)
|
|
133
|
+
- Mapper functions: domain entity ↔ persistence model
|
|
134
|
+
- NO business logic
|
|
135
|
+
- Use context consistently
|
|
136
|
+
|
|
137
|
+
### Gate
|
|
138
|
+
- [ ] Infra build passes
|
|
139
|
+
- [ ] All ports from Phase 2 have an implementation
|
|
140
|
+
|
|
141
|
+
## Phase 4: APPLICATION LAYER
|
|
142
|
+
|
|
143
|
+
### 4.1 Service
|
|
144
|
+
- Thin wrapper delegating to usecases
|
|
145
|
+
- Can orchestrate cross-domain calls
|
|
146
|
+
|
|
147
|
+
### 4.2 Handler / Controller / Screen
|
|
148
|
+
- Wiring function: store → usecase → service → handler → routes
|
|
149
|
+
- Thin: parse → service → respond
|
|
150
|
+
- DTOs in separate file
|
|
151
|
+
|
|
152
|
+
### 4.3 Listeners (if domain raises events)
|
|
153
|
+
- One file per event
|
|
154
|
+
- Side-effects only (notifications, SSE, analytics, jobs)
|
|
155
|
+
- Background context for async work
|
|
156
|
+
- Register in event bus
|
|
157
|
+
|
|
158
|
+
### Gate
|
|
159
|
+
- [ ] App build passes
|
|
160
|
+
- [ ] Every event has a registered listener (if needed)
|
|
161
|
+
|
|
162
|
+
## Phase 5: WIRING
|
|
163
|
+
|
|
164
|
+
### 5.1 Router / Provider
|
|
165
|
+
- Add routes / screens / providers for the new module
|
|
166
|
+
- Wire service dependencies if cross-module
|
|
167
|
+
|
|
168
|
+
### 5.2 Persistence setup
|
|
169
|
+
- Add migrations / schema files
|
|
170
|
+
- Run migrations on dev DB
|
|
171
|
+
|
|
172
|
+
### 5.3 Event registry
|
|
173
|
+
- Register all new listeners
|
|
174
|
+
- Verify event name strings match across event ↔ registry
|
|
175
|
+
|
|
176
|
+
### Gate
|
|
177
|
+
- [ ] Full build passes
|
|
178
|
+
- [ ] Routes / providers registered
|
|
179
|
+
- [ ] Migrations applied locally
|
|
180
|
+
|
|
181
|
+
## Phase 6: TESTS
|
|
182
|
+
|
|
183
|
+
### Value Object tests
|
|
184
|
+
- All status transitions, terminal states, behavior methods, edge cases
|
|
185
|
+
|
|
186
|
+
### Entity tests
|
|
187
|
+
- Constructor, state transitions, event collection after change, guard methods, boundary values
|
|
188
|
+
|
|
189
|
+
### UseCase tests
|
|
190
|
+
- Mock port interfaces, happy path per method, validation errors, business rules, event dispatching
|
|
191
|
+
|
|
192
|
+
### Gate
|
|
193
|
+
- [ ] All domain tests pass
|
|
194
|
+
- [ ] Coverage on new code ≥ 80%
|
|
195
|
+
|
|
196
|
+
## Review Loop (NEW)
|
|
197
|
+
|
|
198
|
+
```
|
|
199
|
+
LOOP:
|
|
200
|
+
1. /review-code architect {stack} {domain}
|
|
201
|
+
2. IF violations severity ≥ MEDIUM:
|
|
202
|
+
fix all → build → tests → GOTO 1
|
|
203
|
+
3. IF score ≥ B → BREAK
|
|
204
|
+
```
|
|
205
|
+
|
|
206
|
+
## Final Report (NEW)
|
|
207
|
+
|
|
208
|
+
```markdown
|
|
209
|
+
## Feature Complete: {domain}/{feature}
|
|
210
|
+
|
|
211
|
+
### Files
|
|
212
|
+
- Created: {N}, Modified: {N}
|
|
213
|
+
|
|
214
|
+
### Endpoints / Screens
|
|
215
|
+
| Method | Route | Description |
|
|
216
|
+
|--------|-------|-------------|
|
|
217
|
+
|
|
218
|
+
### Domain Events
|
|
219
|
+
| Event | Listeners |
|
|
220
|
+
|-------|-----------|
|
|
221
|
+
|
|
222
|
+
### Test coverage
|
|
223
|
+
- {N} test files, {M} cases — value objects + entities + usecases
|
|
224
|
+
|
|
225
|
+
### Review score: {A/B}
|
|
226
|
+
- Build / Lint / Domain purity / Tests: all PASS
|
|
227
|
+
```
|
|
228
|
+
|
|
229
|
+
---
|
|
230
|
+
---
|
|
231
|
+
|
|
232
|
+
# Mode REFACTOR
|
|
233
|
+
|
|
234
|
+
Restructure existing code into DDD layers, or fix drift in an existing DDD module. **Preserves behavior** — refactor structure, never change logic.
|
|
235
|
+
|
|
236
|
+
## When to use
|
|
237
|
+
|
|
238
|
+
- ✅ Migrating a legacy module into DDD layers
|
|
239
|
+
- ✅ Existing DDD module has drifted (fat controller, anemic entity, mixed concerns)
|
|
240
|
+
- ✅ Splitting one domain into multiple bounded contexts
|
|
241
|
+
- ❌ Building a brand-new feature → use **Mode NEW**
|
|
242
|
+
- ❌ Just renaming files / variables → just do it
|
|
243
|
+
- ❌ Fixing a bug → use `/fix-bug`
|
|
244
|
+
|
|
245
|
+
## Workflow
|
|
246
|
+
|
|
247
|
+
```
|
|
248
|
+
0 FOUNDATION → 1 ANALYZE → 2 DOMAIN → 3 INFRA → 4 APP → 5 TESTS → 6 CLEANUP → REVIEW LOOP
|
|
249
|
+
```
|
|
250
|
+
|
|
251
|
+
Each phase has a Rule Check. Do not skip any phase.
|
|
252
|
+
|
|
253
|
+
## Phase 0: FOUNDATION
|
|
254
|
+
|
|
255
|
+
**New project (no `domain/` yet):** create
|
|
256
|
+
- `domain/shared/` — base event types, event collector, dispatcher interface
|
|
257
|
+
- Event bus infrastructure
|
|
258
|
+
- App bootstrap/config struct
|
|
259
|
+
|
|
260
|
+
**Existing project:** verify
|
|
261
|
+
```bash
|
|
262
|
+
ls {domain_root}/shared/ 2>/dev/null && echo PASS || echo NEED SETUP
|
|
263
|
+
ls {eventbus_path}/ 2>/dev/null && echo PASS || echo NEED SETUP
|
|
264
|
+
```
|
|
265
|
+
|
|
266
|
+
If FAIL → set up foundation before continuing.
|
|
267
|
+
|
|
268
|
+
### Gate
|
|
269
|
+
- [ ] Shared domain types exist
|
|
270
|
+
- [ ] Event infrastructure exists (if domain raises events)
|
|
271
|
+
|
|
272
|
+
## Phase 1: ANALYZE
|
|
273
|
+
|
|
274
|
+
**Goal:** read ALL source files in the old module before touching anything.
|
|
275
|
+
|
|
276
|
+
### Read
|
|
277
|
+
- All files in the module dir
|
|
278
|
+
- Related models / types / enums
|
|
279
|
+
- Routes / providers / screens for this module
|
|
280
|
+
- Existing tests (CRITICAL — used in Phase 5)
|
|
281
|
+
|
|
282
|
+
### Output to user
|
|
283
|
+
```markdown
|
|
284
|
+
## Refactor Plan: {module} → {domain}
|
|
285
|
+
|
|
286
|
+
### Current state
|
|
287
|
+
- Entities/models: {list with fields}
|
|
288
|
+
- Usecases (functions): {list with 1-line logic summary}
|
|
289
|
+
- DTOs: {list}
|
|
290
|
+
- Cross-module calls: {list}
|
|
291
|
+
- Side-effects: {notifications / SSE / analytics / async jobs}
|
|
292
|
+
- External deps: {DB, cache, messaging}
|
|
293
|
+
- Endpoints/screens: {list with method + path}
|
|
294
|
+
- Test files: {list with case counts}
|
|
295
|
+
|
|
296
|
+
### Proposed DDD structure
|
|
297
|
+
- Value objects to extract: {list}
|
|
298
|
+
- Entities: {list}
|
|
299
|
+
- Events: {list}
|
|
300
|
+
- Ports: {list}
|
|
301
|
+
- Usecases: {list}
|
|
302
|
+
- Listeners: {list}
|
|
303
|
+
```
|
|
304
|
+
|
|
305
|
+
### Gate
|
|
306
|
+
- [ ] All module files read
|
|
307
|
+
- [ ] Plan presented to user
|
|
308
|
+
- [ ] **User CONFIRMED** before continuing
|
|
309
|
+
|
|
310
|
+
## Phase 2: DOMAIN LAYER
|
|
311
|
+
|
|
312
|
+
Create `domain/{domain}/` (or add to existing). **Order: VO → entities → events → ports → usecases**.
|
|
313
|
+
|
|
314
|
+
- **Value Objects** (`valueobjects/`) — extract typed values (status strings, rates, amounts). Immutable + behavior methods. Stdlib imports only.
|
|
315
|
+
- **Entities** (`entities/`) — convert old models. Constructor + behavior methods + event collection. Add mappers to/from persistence. No framework imports.
|
|
316
|
+
- **Events** (`events/`) — one file per event. Extract from existing direct side-effect calls.
|
|
317
|
+
- **Ports** (`ports/`) — one file per interface. Store ports (persistence), adapter ports (external services). Platform-agnostic naming (`URLParser` not `ShopeeURLParser`). No infra imports.
|
|
318
|
+
- **UseCases** (`usecases/`) — extract business logic from old controllers/handlers/services. Import from `ports/`. Split by concern, ≤200 lines/file. No infra imports.
|
|
319
|
+
|
|
320
|
+
### Gate
|
|
321
|
+
```bash
|
|
322
|
+
{build_domain} && echo PASS || echo FAIL
|
|
323
|
+
{grep_forbidden in domain/} && echo FAIL || echo PASS
|
|
324
|
+
{cross_domain_check} && echo FAIL || echo PASS
|
|
325
|
+
```
|
|
326
|
+
|
|
327
|
+
## Phase 3: INFRASTRUCTURE LAYER
|
|
328
|
+
|
|
329
|
+
- Implement port interfaces from `domain/{domain}/ports/`
|
|
330
|
+
- Mapper functions: domain entity ↔ persistence model
|
|
331
|
+
- Compile-time interface check (where supported)
|
|
332
|
+
- NO business logic
|
|
333
|
+
- Keep existing persistence models in place
|
|
334
|
+
|
|
335
|
+
### Gate
|
|
336
|
+
- [ ] Infra build passes
|
|
337
|
+
- [ ] All port interfaces implemented
|
|
338
|
+
|
|
339
|
+
## Phase 4: APPLICATION LAYER
|
|
340
|
+
|
|
341
|
+
### 4.1 Listeners (extract side-effects)
|
|
342
|
+
**CRITICAL:** Side-effects (notifications, SSE, analytics, jobs) **MUST NOT** be called directly in usecases or infra. Flow must be: entity collects event → usecase dispatches → listener handles.
|
|
343
|
+
|
|
344
|
+
- One file per event listener
|
|
345
|
+
- Register in event bus
|
|
346
|
+
|
|
347
|
+
### 4.2 Service
|
|
348
|
+
- Thin wrapper, delegates to usecases. No business logic.
|
|
349
|
+
|
|
350
|
+
### 4.3 Handler / Controller / Screen
|
|
351
|
+
- Registration / wiring function
|
|
352
|
+
- Thin: parse → service → return
|
|
353
|
+
- DTOs in separate file
|
|
354
|
+
- **All endpoints must match the old paths + methods**
|
|
355
|
+
|
|
356
|
+
### Gate
|
|
357
|
+
- [ ] App build passes
|
|
358
|
+
- [ ] Every old endpoint has a new handler at the same path
|
|
359
|
+
|
|
360
|
+
## Phase 5: TESTS
|
|
361
|
+
|
|
362
|
+
**CRITICAL:** read old tests first, copy every scenario. Do not lose coverage.
|
|
363
|
+
|
|
364
|
+
1. Read all old test files
|
|
365
|
+
2. List all test cases + business scenarios
|
|
366
|
+
3. Write domain tests covering all of them
|
|
367
|
+
|
|
368
|
+
### What to test
|
|
369
|
+
- **Entities** — behavior methods, edge cases, business rules (pure, no mocks)
|
|
370
|
+
- **UseCases** — happy + error paths, validation, event collection (mock ports)
|
|
371
|
+
- **Value Objects** — transitions, calculations, edge cases (pure)
|
|
372
|
+
|
|
373
|
+
### Gate
|
|
374
|
+
- [ ] Old test count ≤ new test count
|
|
375
|
+
- [ ] Every old scenario covered
|
|
376
|
+
- [ ] `{test_command}` passes
|
|
377
|
+
|
|
378
|
+
## Phase 6: INTEGRATION & CLEANUP
|
|
379
|
+
|
|
380
|
+
### 6.1 Wire up the new module
|
|
381
|
+
- Add registration calls in router / provider / registry
|
|
382
|
+
- Remove old module registrations
|
|
383
|
+
- Endpoints/screens match old paths
|
|
384
|
+
|
|
385
|
+
### 6.2 Remove old module
|
|
386
|
+
- Delete old directory **only after** build + tests pass
|
|
387
|
+
- Do NOT delete shared models/types other modules still use
|
|
388
|
+
|
|
389
|
+
### Gate
|
|
390
|
+
```bash
|
|
391
|
+
{full_build} && echo PASS || echo FAIL
|
|
392
|
+
test -d {old_module_path} && echo "FAIL: still there" || echo PASS
|
|
393
|
+
grep -r "{old_import_path}" --include="*.{ext}" . && echo "FAIL: stale imports" || echo PASS
|
|
394
|
+
```
|
|
395
|
+
|
|
396
|
+
## Review Loop (REFACTOR)
|
|
397
|
+
|
|
398
|
+
After Phase 6, call `/review-code architect {stack} {domain}`. Loop until score ≥ B.
|
|
399
|
+
|
|
400
|
+
```
|
|
401
|
+
LOOP:
|
|
402
|
+
1. /review-code architect {stack} {domain}
|
|
403
|
+
2. IF violations severity ≥ MEDIUM:
|
|
404
|
+
fix all → full build → all tests → GOTO 1
|
|
405
|
+
3. IF score ≥ B → BREAK
|
|
406
|
+
```
|
|
407
|
+
|
|
408
|
+
## Final Report (REFACTOR)
|
|
409
|
+
|
|
410
|
+
```markdown
|
|
411
|
+
## Refactor Complete: {module} → {domain}
|
|
412
|
+
|
|
413
|
+
### Changes
|
|
414
|
+
- Files created: {N}, modified: {N}, deleted: {N}
|
|
415
|
+
|
|
416
|
+
### Endpoints preserved
|
|
417
|
+
| Old path | New handler | Status |
|
|
418
|
+
|----------|-------------|--------|
|
|
419
|
+
|
|
420
|
+
### Domain events introduced
|
|
421
|
+
| Event | Listener(s) |
|
|
422
|
+
|-------|-------------|
|
|
423
|
+
|
|
424
|
+
### Tests
|
|
425
|
+
- Files: {N}, cases: {M} — all old scenarios migrated: YES
|
|
426
|
+
|
|
427
|
+
### Review score: {A/B}
|
|
428
|
+
- Build / Lint / Domain purity / Old module removed / No stale imports / Tests: all PASS
|
|
429
|
+
```
|
|
430
|
+
|
|
431
|
+
---
|
|
432
|
+
---
|
|
433
|
+
|
|
434
|
+
# Mode API
|
|
435
|
+
|
|
436
|
+
End-to-end workflow for designing, implementing, testing, and documenting APIs — both internal endpoints and third-party integrations.
|
|
437
|
+
|
|
438
|
+
## When to use
|
|
439
|
+
|
|
440
|
+
- ✅ Adding a new REST / GraphQL endpoint to your service
|
|
441
|
+
- ✅ Integrating a third-party API (Stripe, OpenAI, etc.) into the system
|
|
442
|
+
- ✅ Replacing or upgrading an existing API integration
|
|
443
|
+
- ❌ Just need a one-off HTTP call in a script → use Bash directly
|
|
444
|
+
- ❌ Need to research which API to use → use `/research-explore` (WEB) first
|
|
445
|
+
- ❌ Building a whole new domain → use **Mode NEW** (which covers the API surface as Phase 4)
|
|
446
|
+
|
|
447
|
+
## Workflow
|
|
448
|
+
|
|
449
|
+
```
|
|
450
|
+
DESIGN → IMPLEMENT → TEST → DOCUMENT → REVIEW LOOP
|
|
451
|
+
```
|
|
452
|
+
|
|
453
|
+
Before any phase, also read existing API conventions in the project (look at 1–2 existing endpoints as reference).
|
|
454
|
+
|
|
455
|
+
## Phase 1: DESIGN
|
|
456
|
+
|
|
457
|
+
**Goal:** lock the API contract before writing any code.
|
|
458
|
+
|
|
459
|
+
### Actions
|
|
460
|
+
1. Identify API type: REST / GraphQL / gRPC / third-party client
|
|
461
|
+
2. Define contract:
|
|
462
|
+
- Endpoints / operations (method + path)
|
|
463
|
+
- Request / response schema (use real types from domain entities)
|
|
464
|
+
- Auth method
|
|
465
|
+
- Error codes per endpoint
|
|
466
|
+
- Pagination (cursor or offset) — pick ONE, apply to all list endpoints
|
|
467
|
+
- Idempotency keys for POST/PUT (if applicable)
|
|
468
|
+
3. Write the contract as **OpenAPI 3.0** (REST) or **GraphQL SDL**
|
|
469
|
+
|
|
470
|
+
### Minimal OpenAPI skeleton
|
|
471
|
+
|
|
472
|
+
```yaml
|
|
473
|
+
openapi: 3.0.0
|
|
474
|
+
info: { title: <name>, version: 1.0.0 }
|
|
475
|
+
servers: [{ url: https://api.example.com/v1 }]
|
|
476
|
+
components:
|
|
477
|
+
securitySchemes:
|
|
478
|
+
BearerAuth: { type: http, scheme: bearer }
|
|
479
|
+
schemas:
|
|
480
|
+
Error: { type: object, properties: { code: { type: string }, message: { type: string } } }
|
|
481
|
+
paths:
|
|
482
|
+
/resource:
|
|
483
|
+
post:
|
|
484
|
+
summary: Create resource
|
|
485
|
+
security: [{ BearerAuth: [] }]
|
|
486
|
+
requestBody: { content: { application/json: { schema: { $ref: '#/components/schemas/CreateInput' } } } }
|
|
487
|
+
responses:
|
|
488
|
+
'201': { description: Created, content: { application/json: { schema: { $ref: '#/components/schemas/Resource' } } } }
|
|
489
|
+
'400': { description: Validation error, content: { application/json: { schema: { $ref: '#/components/schemas/Error' } } } }
|
|
490
|
+
```
|
|
491
|
+
|
|
492
|
+
### Gate
|
|
493
|
+
- [ ] Endpoints listed in a table (method, path, auth, purpose)
|
|
494
|
+
- [ ] Request / response schemas defined
|
|
495
|
+
- [ ] Error codes listed (with stable string codes, not just HTTP status)
|
|
496
|
+
- [ ] Pagination strategy chosen (cursor preferred)
|
|
497
|
+
- [ ] **User CONFIRMED contract** before continuing
|
|
498
|
+
|
|
499
|
+
## Phase 2: IMPLEMENT
|
|
500
|
+
|
|
501
|
+
**Goal:** implement the contract per stack conventions, respecting DDD layers.
|
|
502
|
+
|
|
503
|
+
### Layered placement (DDD)
|
|
504
|
+
|
|
505
|
+
| Concern | Layer | Notes |
|
|
506
|
+
|---------|-------|-------|
|
|
507
|
+
| Route definition | `application/ports/http/` | Thin handler: parse → service → respond |
|
|
508
|
+
| Request / Response DTOs | `application/ports/http/dto/` | NOT domain types |
|
|
509
|
+
| Validation | Handler or domain (depending on stack) | Reject bad input before reaching usecase |
|
|
510
|
+
| Business logic | `domain/{domain}/usecases/` | NEVER in the handler |
|
|
511
|
+
| External API client | `infrastructure/adapters/` | Implements a port in `domain/{domain}/ports/` |
|
|
512
|
+
| Auth check | Middleware / decorator | NOT inline in handler |
|
|
513
|
+
|
|
514
|
+
### Standard error response
|
|
515
|
+
|
|
516
|
+
All endpoints return errors in the same shape:
|
|
517
|
+
|
|
518
|
+
```json
|
|
519
|
+
{ "error": { "code": "STRING", "message": "human-readable", "details": {} } }
|
|
520
|
+
```
|
|
521
|
+
|
|
522
|
+
`code` is stable across versions; `message` may change. Map domain errors → HTTP codes in ONE place (middleware / interceptor).
|
|
523
|
+
|
|
524
|
+
### Standard pagination (cursor)
|
|
525
|
+
|
|
526
|
+
```
|
|
527
|
+
GET /resource?cursor=<opaque>&limit=<int 1..100, default 20>
|
|
528
|
+
→
|
|
529
|
+
{
|
|
530
|
+
"data": [...],
|
|
531
|
+
"pagination": { "next_cursor": "..." | null }
|
|
532
|
+
}
|
|
533
|
+
```
|
|
534
|
+
|
|
535
|
+
### Gate
|
|
536
|
+
- [ ] Routes registered in router / app module
|
|
537
|
+
- [ ] Handler is thin (parse → service → respond)
|
|
538
|
+
- [ ] Business logic in usecase, not handler
|
|
539
|
+
- [ ] External calls go through infrastructure adapter
|
|
540
|
+
- [ ] Auth + validation in middleware, not handler
|
|
541
|
+
- [ ] Build passes: `{stack_build_command}`
|
|
542
|
+
|
|
543
|
+
## Phase 3: TEST
|
|
544
|
+
|
|
545
|
+
**Goal:** verify the contract holds and breaks safely.
|
|
546
|
+
|
|
547
|
+
### Test layers
|
|
548
|
+
|
|
549
|
+
| Layer | Type | What |
|
|
550
|
+
|-------|------|------|
|
|
551
|
+
| Handler | Unit | Validation, error mapping (mock service) |
|
|
552
|
+
| UseCase | Unit | Business logic (mock port) |
|
|
553
|
+
| Adapter (external API) | Integration | Real HTTP call to sandbox OR contract test with `nock` / `WireMock` |
|
|
554
|
+
| End-to-end | Integration | Full request → response, real DB |
|
|
555
|
+
|
|
556
|
+
### Mandatory test cases per endpoint
|
|
557
|
+
- [ ] Happy path
|
|
558
|
+
- [ ] Auth failure (missing / invalid token)
|
|
559
|
+
- [ ] Validation failure (each required field missing)
|
|
560
|
+
- [ ] Permission failure (valid token, wrong scope)
|
|
561
|
+
- [ ] Not found (where applicable)
|
|
562
|
+
- [ ] Rate limit / quota (where applicable)
|
|
563
|
+
- [ ] Idempotency (POST with same key returns same response)
|
|
564
|
+
|
|
565
|
+
### Gate
|
|
566
|
+
- [ ] All mandatory cases covered
|
|
567
|
+
- [ ] Tests pass: `{stack_test_command}`
|
|
568
|
+
- [ ] Error response shape verified in tests
|
|
569
|
+
|
|
570
|
+
## Phase 4: DOCUMENT
|
|
571
|
+
|
|
572
|
+
**Goal:** update API docs so consumers can use it without reading code.
|
|
573
|
+
|
|
574
|
+
### What to update
|
|
575
|
+
1. **OpenAPI spec** committed to repo (`openapi.yaml` or per-resource files)
|
|
576
|
+
2. **API.md** — append the new endpoint(s) (or use `/docs-sync` for full re-author)
|
|
577
|
+
3. **CHANGELOG.md** — note breaking / additive changes
|
|
578
|
+
4. **README.md** — if this changes quick-start
|
|
579
|
+
|
|
580
|
+
### Endpoint doc entry (minimal)
|
|
581
|
+
|
|
582
|
+
```markdown
|
|
583
|
+
### POST /resource
|
|
584
|
+
|
|
585
|
+
Create a resource. Idempotent via `Idempotency-Key` header.
|
|
586
|
+
|
|
587
|
+
**Auth:** Bearer
|
|
588
|
+
|
|
589
|
+
**Request** `{ "field": "value" }`
|
|
590
|
+
|
|
591
|
+
**Response 201** `{ "id": "...", "field": "value" }`
|
|
592
|
+
|
|
593
|
+
**Errors**
|
|
594
|
+
| Code | HTTP | Meaning |
|
|
595
|
+
|------|------|---------|
|
|
596
|
+
| `invalid_field` | 400 | `field` failed validation |
|
|
597
|
+
| `unauthorized` | 401 | Token missing or invalid |
|
|
598
|
+
| `already_exists` | 409 | Same idempotency key with different body |
|
|
599
|
+
```
|
|
600
|
+
|
|
601
|
+
### Gate
|
|
602
|
+
- [ ] OpenAPI spec updated and lints
|
|
603
|
+
- [ ] API.md entry added
|
|
604
|
+
- [ ] CHANGELOG entry
|
|
605
|
+
- [ ] At least 1 example request runs successfully (curl / Postman)
|
|
606
|
+
|
|
607
|
+
## Review Loop (API)
|
|
608
|
+
|
|
609
|
+
Run `/review-code architect` for the touched domain. Loop until score ≥ B.
|
|
610
|
+
|
|
611
|
+
```
|
|
612
|
+
LOOP:
|
|
613
|
+
1. /review-code architect {stack} {domain}
|
|
614
|
+
2. Fix violations → re-run tests + build → GOTO 1 (until score ≥ B)
|
|
615
|
+
```
|
|
616
|
+
|
|
617
|
+
## Final Report (API)
|
|
618
|
+
|
|
619
|
+
```markdown
|
|
620
|
+
## API Integration Complete
|
|
621
|
+
|
|
622
|
+
### Endpoints Added / Changed
|
|
623
|
+
| Method | Path | Purpose |
|
|
624
|
+
|--------|------|---------|
|
|
625
|
+
|
|
626
|
+
### Files Created
|
|
627
|
+
- `application/ports/http/resource_handler.{ext}`
|
|
628
|
+
- `domain/{domain}/usecases/create_resource.{ext}`
|
|
629
|
+
- `infrastructure/adapters/{external_service}.{ext}` (if applicable)
|
|
630
|
+
|
|
631
|
+
### Tests
|
|
632
|
+
- {N} test files, {M} test cases — handler, usecase, adapter, e2e
|
|
633
|
+
|
|
634
|
+
### Documentation
|
|
635
|
+
- [x] OpenAPI spec updated [x] API.md entry added [x] CHANGELOG entry
|
|
636
|
+
|
|
637
|
+
### Review Score: {A/B}
|
|
638
|
+
```
|
|
639
|
+
|
|
640
|
+
---
|
|
641
|
+
---
|
|
642
|
+
|
|
643
|
+
# Mode DEPRECATE
|
|
644
|
+
|
|
645
|
+
Safely sunset a feature, API, or module without breaking users. Built around a **timeline** (T-90 → T+30) and the principle that **announce → warn → migrate → remove → monitor**.
|
|
646
|
+
|
|
647
|
+
## When to use
|
|
648
|
+
|
|
649
|
+
- ✅ Sunsetting a public API endpoint, SDK method, or user-facing feature
|
|
650
|
+
- ✅ Removing an internal module that other domains depend on
|
|
651
|
+
- ✅ Migrating consumers from v1 → v2 of anything
|
|
652
|
+
- ❌ Just deleting unused dead code (no consumers) → just delete in PR with explanation
|
|
653
|
+
- ❌ Renaming an internal helper → just rename, no deprecation needed
|
|
654
|
+
- ❌ Removing a feature behind a flag with 0 users → just remove the flag
|
|
655
|
+
|
|
656
|
+
## Workflow
|
|
657
|
+
|
|
658
|
+
```
|
|
659
|
+
IDENTIFY → PLAN → MIGRATE → REMOVE → VERIFY
|
|
660
|
+
↓ ↓ ↓ ↓ ↓
|
|
661
|
+
announce warn migrate remove monitor
|
|
662
|
+
(T-90) (T-60) (T-30) (T-0) (T+30)
|
|
663
|
+
```
|
|
664
|
+
|
|
665
|
+
## Deprecation Strategy
|
|
666
|
+
|
|
667
|
+
| Strategy | When | Timeline |
|
|
668
|
+
|----------|------|----------|
|
|
669
|
+
| **Soft** | Internal API, replacement available, low usage | Announce → warn → migrate → remove (1–3 months) |
|
|
670
|
+
| **Hard** | Security issue, breaking infra change | Announce + remove fast (days to weeks, with mitigation) |
|
|
671
|
+
| **Versioned** | Public API, breaking change | Run v1 + v2 side-by-side, sunset v1 over months/years |
|
|
672
|
+
|
|
673
|
+
## Phase 1: IDENTIFY
|
|
674
|
+
|
|
675
|
+
**Goal:** know what you're removing and who depends on it.
|
|
676
|
+
|
|
677
|
+
### Actions
|
|
678
|
+
1. Define the target: feature / endpoint / module / class / method
|
|
679
|
+
2. Find ALL usages:
|
|
680
|
+
```bash
|
|
681
|
+
grep -rn "{symbol}" --include="*.{ext}" .
|
|
682
|
+
# for APIs, check access logs:
|
|
683
|
+
{log_query for endpoint hits over last 30/90 days}
|
|
684
|
+
```
|
|
685
|
+
3. Identify consumers: internal teams / services, external users / SDK consumers, third-party integrations, docs and tutorials that reference it
|
|
686
|
+
4. Assess impact (per architecture layer): which layers reference it, cross-domain consumers, breaking change severity
|
|
687
|
+
5. Find replacement (or document "no replacement, here's the workaround")
|
|
688
|
+
|
|
689
|
+
### Output
|
|
690
|
+
|
|
691
|
+
```markdown
|
|
692
|
+
## Deprecation Analysis: {target}
|
|
693
|
+
|
|
694
|
+
### What
|
|
695
|
+
- Type: {feature / API / class / method / module}
|
|
696
|
+
- Location: {file:line(s)}
|
|
697
|
+
- Reason: {security / consolidation / better alternative / cost / etc.}
|
|
698
|
+
|
|
699
|
+
### Replacement
|
|
700
|
+
- {New API / pattern, with migration mapping} OR {no replacement — rationale}
|
|
701
|
+
|
|
702
|
+
### Usage
|
|
703
|
+
- Internal callers: {list with team contacts}
|
|
704
|
+
- External callers (last 30d): {N requests / N unique tokens}
|
|
705
|
+
- Docs referencing it: {list}
|
|
706
|
+
|
|
707
|
+
### Impact
|
|
708
|
+
- Layers affected: {domain / application / infra}
|
|
709
|
+
- Severity: {breaking / non-breaking}
|
|
710
|
+
- Estimated migration effort per consumer: {hours}
|
|
711
|
+
```
|
|
712
|
+
|
|
713
|
+
### Gate
|
|
714
|
+
- [ ] All usages found (internal + external)
|
|
715
|
+
- [ ] Stakeholders listed with contacts
|
|
716
|
+
- [ ] Replacement defined (or explicit "no replacement")
|
|
717
|
+
- [ ] Impact severity assessed
|
|
718
|
+
|
|
719
|
+
## Phase 2: PLAN
|
|
720
|
+
|
|
721
|
+
**Goal:** lock the timeline and the communication plan.
|
|
722
|
+
|
|
723
|
+
### Timeline template
|
|
724
|
+
|
|
725
|
+
| Phase | Date | Action |
|
|
726
|
+
|-------|------|--------|
|
|
727
|
+
| T-90 | {date} | Announce deprecation (changelog + email + docs banner) |
|
|
728
|
+
| T-60 | {date} | Add runtime warning (log / response header) |
|
|
729
|
+
| T-30 | {date} | Hard warning (UI banner / error in non-prod) |
|
|
730
|
+
| T-0 | {date} | Remove. Return 410 Gone for APIs |
|
|
731
|
+
| T+30 | {date} | Remove deprecation code itself, archive docs |
|
|
732
|
+
|
|
733
|
+
**Adjust** based on strategy: hard = days, public API = months/quarters.
|
|
734
|
+
|
|
735
|
+
### Comms checklist
|
|
736
|
+
- [ ] CHANGELOG entry
|
|
737
|
+
- [ ] Release notes
|
|
738
|
+
- [ ] Email to known consumers
|
|
739
|
+
- [ ] Docs banner on the deprecated feature page
|
|
740
|
+
- [ ] Migration guide written (with code diff before/after)
|
|
741
|
+
- [ ] Slack / forum announcement
|
|
742
|
+
- [ ] Updated SDK (if applicable) with deprecation in code
|
|
743
|
+
|
|
744
|
+
### Gate
|
|
745
|
+
- [ ] Timeline locked with dates
|
|
746
|
+
- [ ] Migration guide drafted
|
|
747
|
+
- [ ] Comms plan signed off by stakeholders
|
|
748
|
+
- [ ] Replacement available and documented
|
|
749
|
+
|
|
750
|
+
## Phase 3: MIGRATE
|
|
751
|
+
|
|
752
|
+
**Goal:** make consumers stop using the deprecated thing.
|
|
753
|
+
|
|
754
|
+
### Add deprecation markers (in code)
|
|
755
|
+
|
|
756
|
+
Pick the language idiom — show **what** is deprecated, **when** it goes away, and **what to use instead**.
|
|
757
|
+
|
|
758
|
+
```ts
|
|
759
|
+
/** @deprecated Removed on {date}. Use `newFunction()`. See {link}. */
|
|
760
|
+
export function oldFunction() { ... }
|
|
761
|
+
```
|
|
762
|
+
|
|
763
|
+
```go
|
|
764
|
+
// Deprecated: removed on {date}. Use NewFunction instead. See {link}.
|
|
765
|
+
func OldFunction() { ... }
|
|
766
|
+
```
|
|
767
|
+
|
|
768
|
+
```php
|
|
769
|
+
/** @deprecated since 2.0.0, removed in 3.0.0. Use newMethod(). See {link}. */
|
|
770
|
+
public function oldMethod() { ... }
|
|
771
|
+
```
|
|
772
|
+
|
|
773
|
+
```dart
|
|
774
|
+
@Deprecated('Removed on {date}. Use newWidget(). See {link}.')
|
|
775
|
+
class OldWidget { ... }
|
|
776
|
+
```
|
|
777
|
+
|
|
778
|
+
### Add runtime signal (for APIs)
|
|
779
|
+
- Response header: `Deprecation: true` + `Sunset: {RFC 3339 date}` + `Link: <docs>; rel="deprecation"`
|
|
780
|
+
- Server log: `deprecated.endpoint.called` with caller identity
|
|
781
|
+
- Metric: counter of deprecated calls, broken down by consumer
|
|
782
|
+
|
|
783
|
+
### Migrate internal consumers proactively
|
|
784
|
+
- Open PRs against internal consumers yourself when possible
|
|
785
|
+
- Track migration progress (% consumers migrated)
|
|
786
|
+
|
|
787
|
+
### Gate
|
|
788
|
+
- [ ] Deprecation markers in code
|
|
789
|
+
- [ ] Runtime signals in place (headers, logs, metrics)
|
|
790
|
+
- [ ] Internal usage trending down (verify weekly)
|
|
791
|
+
- [ ] Migration guide proven by ≥1 consumer
|
|
792
|
+
|
|
793
|
+
## Phase 4: REMOVE
|
|
794
|
+
|
|
795
|
+
**Goal:** delete the deprecated thing safely.
|
|
796
|
+
|
|
797
|
+
### Pre-removal checks
|
|
798
|
+
- [ ] Today's date ≥ T-0
|
|
799
|
+
- [ ] Usage metric shows 0 calls (or only known stragglers with explicit waiver)
|
|
800
|
+
- [ ] Final removal warning sent to remaining consumers
|
|
801
|
+
- [ ] Replacement still works and is documented
|
|
802
|
+
|
|
803
|
+
### Removal steps
|
|
804
|
+
1. Delete the code + tests + docs
|
|
805
|
+
2. For APIs: return `410 Gone` (NOT 404 — different meaning) with migration link in body
|
|
806
|
+
3. Remove DB columns / tables in a follow-up migration (NOT same PR — keep removal reversible)
|
|
807
|
+
4. Update CHANGELOG: "Removed: {thing}. See migration guide {link}."
|
|
808
|
+
5. Deploy through normal pipeline
|
|
809
|
+
|
|
810
|
+
### Gate
|
|
811
|
+
- [ ] Code, tests, docs removed
|
|
812
|
+
- [ ] API returns 410 (if applicable)
|
|
813
|
+
- [ ] CHANGELOG entry
|
|
814
|
+
- [ ] Deployed to all environments
|
|
815
|
+
|
|
816
|
+
## Phase 5: VERIFY (T+30)
|
|
817
|
+
|
|
818
|
+
**Goal:** confirm clean removal.
|
|
819
|
+
|
|
820
|
+
### Checks
|
|
821
|
+
- [ ] No errors related to the removed code in monitoring
|
|
822
|
+
- [ ] No customer support tickets about the missing feature
|
|
823
|
+
- [ ] No leftover references in code (grep for the symbol)
|
|
824
|
+
- [ ] Deprecation infra (warning headers, log alerts) cleaned up
|
|
825
|
+
- [ ] DB cleanup migration applied (if any)
|
|
826
|
+
|
|
827
|
+
### Final report
|
|
828
|
+
|
|
829
|
+
```markdown
|
|
830
|
+
## Deprecation Complete: {target}
|
|
831
|
+
|
|
832
|
+
### Timeline
|
|
833
|
+
- Announced: {date} Removed: {date} Verified: {date}
|
|
834
|
+
|
|
835
|
+
### Outcome
|
|
836
|
+
- Consumers migrated: {N/N}
|
|
837
|
+
- Errors post-removal: {0 / N — explanation}
|
|
838
|
+
- Replacement adoption: {%}
|
|
839
|
+
|
|
840
|
+
### Cleanup
|
|
841
|
+
- [x] Code removed [x] Tests removed [x] Docs removed
|
|
842
|
+
- [x] DB columns dropped (in {migration}) [x] Deprecation infra cleaned
|
|
843
|
+
```
|
|
844
|
+
|
|
845
|
+
## Anti-Patterns (DEPRECATE)
|
|
846
|
+
|
|
847
|
+
- **Silent removal** — removing without warning. Always announce first.
|
|
848
|
+
- **Vague deprecation** — `@deprecated` with no date and no replacement. Always include both.
|
|
849
|
+
- **Forever-deprecation** — marking deprecated and never removing. Set the date.
|
|
850
|
+
- **Returning 404 instead of 410** — 404 = "doesn't exist", 410 = "intentionally gone". Use 410.
|
|
851
|
+
- **Same-PR removal of API + DB columns** — keep removal reversible; drop columns in a follow-up.
|
|
852
|
+
|
|
853
|
+
---
|
|
854
|
+
---
|
|
855
|
+
|
|
856
|
+
## Hard Rules (all modes)
|
|
857
|
+
|
|
858
|
+
- **Read reference / old code first** — your code should look like the rest of the codebase; don't invent logic from variable names.
|
|
859
|
+
- **User confirms the plan / contract** before any code is written.
|
|
860
|
+
- **Phase order is sequential** — Rule Checks gate the next phase; don't skip ahead.
|
|
861
|
+
- **Domain has zero framework imports** — enforce via grep in the domain gate.
|
|
862
|
+
- **Listeners handle side-effects** — never call notifications/SSE/analytics from a usecase.
|
|
863
|
+
- **REFACTOR preserves behavior** — never change business logic; all endpoints keep their paths; read old tests so no scenario is lost.
|
|
864
|
+
- **API:** never put business logic in the handler; never call an external API directly from a usecase (go through an adapter implementing a domain port); error codes are stable strings; one pagination style; idempotency key for any state-creating POST.
|
|
865
|
+
- **DEPRECATE:** announce before removing; every `@deprecated` has a date + replacement; return 410 not 404; keep removal reversible.
|
|
866
|
+
- **Don't merge with score < B** — fix violations or document the waiver.
|
|
867
|
+
|
|
868
|
+
## Related Skills
|
|
869
|
+
|
|
870
|
+
| When | Use |
|
|
871
|
+
|------|-----|
|
|
872
|
+
| Don't know approach yet | `/research-explore` (WEB) → then NEW mode |
|
|
873
|
+
| Want to validate by prototyping | `/research-explore` (SPIKE) → then NEW mode |
|
|
874
|
+
| Run the work as a tracked checklist loop | `/feature-track` |
|
|
875
|
+
| Architecture / TDD / PR review | `/review-code` (ARCHITECT / TDD / PR modes) |
|
|
876
|
+
| Documenting the full API surface | `/docs-sync` |
|
|
877
|
+
| Quick bug fix instead | `/fix-bug` |
|
|
878
|
+
|
|
879
|
+
## Recommended Agents
|
|
880
|
+
|
|
881
|
+
| Phase / Mode | Agent | Purpose |
|
|
882
|
+
|--------------|-------|---------|
|
|
883
|
+
| PLAN / ANALYZE | `@clean-architect` | Architecture design / alignment |
|
|
884
|
+
| ANALYZE (REFACTOR) | `@refactor`, `@code-reviewer` | Refactor scope + smell detection |
|
|
885
|
+
| DESIGN (API) | `@api-designer` | API contract design (OpenAPI / GraphQL) |
|
|
886
|
+
| IDENTIFY (DEPRECATE) | `@refactor`, `@code-reviewer` | Dependency analysis + find usages |
|
|
887
|
+
| BUILD / IMPLEMENT | Stack-specific dev agent | Implementation |
|
|
888
|
+
| BUILD | `@db-designer` | Schema if new tables needed |
|
|
889
|
+
| TESTS | `@test-writer` | Domain / integration tests |
|
|
890
|
+
| REVIEW | `@code-reviewer`, `@security-audit` | Code quality + security |
|
|
891
|
+
| DOCUMENT / DEPRECATE | `@docs-writer` | OpenAPI + API.md + migration guide |
|