mustflow 2.103.21 → 2.103.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -4
- package/dist/cli/commands/flow.js +93 -0
- package/dist/cli/commands/run/execution.js +1 -1
- package/dist/cli/commands/run/executor.js +28 -3
- package/dist/cli/commands/run/windows-command-script.js +23 -0
- package/dist/cli/commands/verify.js +4 -1
- package/dist/cli/i18n/en.js +11 -0
- package/dist/cli/i18n/es.js +11 -0
- package/dist/cli/i18n/fr.js +11 -0
- package/dist/cli/i18n/hi.js +11 -0
- package/dist/cli/i18n/ko.js +11 -0
- package/dist/cli/i18n/zh.js +11 -0
- package/dist/cli/index.js +1 -0
- package/dist/cli/lib/active-command-lock.js +4 -0
- package/dist/cli/lib/command-registry.js +7 -0
- package/dist/cli/lib/repo-flow-frontmatter.js +35 -0
- package/dist/cli/lib/repo-flow.js +209 -0
- package/dist/cli/lib/repo-map.js +3 -0
- package/dist/cli/lib/run-plan.js +8 -4
- package/dist/cli/lib/validation/constants.js +10 -0
- package/dist/cli/lib/validation/index.js +54 -1
- package/dist/core/generated-boundary.js +1 -0
- package/dist/core/retention-policy.js +4 -2
- package/dist/core/run-receipt-state.js +247 -0
- package/dist/core/run-receipt.js +5 -1
- package/package.json +2 -1
- package/templates/default/common/.mustflow/config/mustflow.toml +2 -2
- package/templates/default/i18n.toml +31 -7
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +29 -6
- package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +95 -23
- package/templates/default/locales/en/.mustflow/skills/axum-code-change/SKILL.md +219 -0
- package/templates/default/locales/en/.mustflow/skills/babylon-code-change/SKILL.md +318 -0
- package/templates/default/locales/en/.mustflow/skills/bun-code-change/SKILL.md +27 -12
- package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +30 -5
- package/templates/default/locales/en/.mustflow/skills/elysia-code-change/SKILL.md +74 -20
- package/templates/default/locales/en/.mustflow/skills/godot-code-change/SKILL.md +272 -0
- package/templates/default/locales/en/.mustflow/skills/hono-code-change/SKILL.md +37 -23
- package/templates/default/locales/en/.mustflow/skills/routes.toml +28 -4
- package/templates/default/locales/en/.mustflow/skills/svelte-code-change/SKILL.md +65 -40
- package/templates/default/locales/en/.mustflow/skills/vue-code-change/SKILL.md +305 -0
- package/templates/default/manifest.toml +29 -1
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
mustflow_doc: skill.svelte-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 3
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: svelte-code-change
|
|
9
|
-
description: Apply this skill when Svelte or SvelteKit components, routes, load functions,
|
|
9
|
+
description: Apply this skill when Svelte or SvelteKit components, routes, universal or server load functions, form actions, endpoints, hooks, stores, context, runes, props, snippets, bindings, SSR, hydration, streaming, preload, invalidation, server-only imports, env boundaries, adapters, Vite, TypeScript, packaging, accessibility warnings, or tests are created or changed.
|
|
10
10
|
metadata:
|
|
11
11
|
mustflow_schema: "1"
|
|
12
12
|
mustflow_kind: procedure
|
|
@@ -28,64 +28,78 @@ metadata:
|
|
|
28
28
|
<!-- mustflow-section: purpose -->
|
|
29
29
|
## Purpose
|
|
30
30
|
|
|
31
|
-
Preserve Svelte component reactivity, SvelteKit SSR/server/client
|
|
31
|
+
Preserve Svelte component reactivity, SvelteKit SSR/server/client execution modes, data secrecy, load/action/endpoint contracts, request-scoped state ownership, hydration, streaming, invalidation, adapter output, accessibility, and generated route behavior. Choose files by data boundary and execution mode first, not by filename habit.
|
|
32
32
|
|
|
33
33
|
<!-- mustflow-section: use-when -->
|
|
34
34
|
## Use When
|
|
35
35
|
|
|
36
|
-
- `.svelte`, `+page`, `+layout`, `+page.server`, `+layout.server`, `+server`, load functions, form actions, endpoints, stores, context, runes, `$app` imports, `$lib/server`, hooks, route params, or Svelte tests change.
|
|
37
|
-
- The task touches state management, SSR errors, browser APIs, forms, routing, progressive enhancement, request-local data, server-only imports, private/public environment variables, or Svelte 5 runes.
|
|
36
|
+
- `.svelte`, `.svelte.ts`, `.svelte.js`, `+page`, `+layout`, `+page.server`, `+layout.server`, `+server`, load functions, form actions, endpoints, stores, context, snippets, bindings, runes, `$app` imports, `$lib/server`, hooks, route params, route matchers, or Svelte tests change.
|
|
37
|
+
- The task touches state management, SSR errors, hydration warnings, browser APIs, forms, routing, progressive enhancement, preload, invalidation, request-local data, server-only imports, private/public environment variables, adapters, Vite, TypeScript, package exports, or Svelte 5 runes.
|
|
38
|
+
- The task upgrades, reviews, or writes docs about Svelte, SvelteKit, Vite, `@sveltejs/vite-plugin-svelte`, `svelte-check`, an adapter, `@sveltejs/package`, or generated Svelte library output.
|
|
38
39
|
|
|
39
40
|
<!-- mustflow-section: do-not-use-when -->
|
|
40
41
|
## Do Not Use When
|
|
41
42
|
|
|
42
43
|
- The change is plain CSS or HTML with no Svelte or SvelteKit behavior; use the relevant UI foundation skill.
|
|
43
44
|
- The service code is framework-free and no Svelte boundary changes.
|
|
45
|
+
- The task only updates external framework version prose; use `source-freshness-check` unless the Svelte procedure itself changes.
|
|
44
46
|
|
|
45
47
|
<!-- mustflow-section: required-inputs -->
|
|
46
48
|
## Required Inputs
|
|
47
49
|
|
|
48
|
-
- Package metadata, Svelte config, Vite config, TypeScript config, route segment files, hooks, app types, stores/runes/context, form schema, and tests.
|
|
49
|
-
- Svelte version, route data source, secrecy, request scope, mutation type, serialization requirement, SSR/client boundary, browser dependency, and
|
|
50
|
-
- Imports from `$lib/server`, `*.server.*`, `$env/static/private`, `$env/dynamic/private`, DB/filesystem/server SDK modules, cookies, auth headers,
|
|
50
|
+
- Package metadata, Svelte config, Vite config, TypeScript config, route segment files, hooks, app types, stores/runes/context, form schema, adapter config, package export metadata, and tests.
|
|
51
|
+
- Svelte and SvelteKit version tracks, route data source, secrecy, request scope, mutation type, serialization requirement, SSR/client boundary, browser dependency, state owner, and adapter target.
|
|
52
|
+
- Imports from `$lib/server`, `*.server.*`, `$env/static/private`, `$env/dynamic/private`, DB/filesystem/server SDK modules, cookies, auth headers, `event.locals`, `$app/state`, `$app/navigation`, `$app/forms`, and browser-only libraries.
|
|
53
|
+
- Official or repository-local source evidence before preserving exact latest-version, release-date, Node/Vite requirement, adapter behavior, or compiler behavior claims.
|
|
51
54
|
- Configured verification intents.
|
|
52
55
|
|
|
53
56
|
<!-- mustflow-section: preconditions -->
|
|
54
57
|
## Preconditions
|
|
55
58
|
|
|
56
|
-
- For route work, read
|
|
57
|
-
- Classify every data access by origin, secrecy, request scope, mutation, browser dependency, and
|
|
58
|
-
- Treat
|
|
59
|
+
- For route work, read sibling and parent `+layout`, `+layout.server`, `+page`, `+page.server`, `+server`, hooks, app types, and route matcher files as one boundary.
|
|
60
|
+
- Classify every data access by origin, secrecy, request scope, mutation, browser dependency, serialization, invalidation dependency, and adapter support before choosing a SvelteKit file.
|
|
61
|
+
- Treat universal route files as server-executed and browser-executed until proven otherwise.
|
|
62
|
+
- Refresh official package or vendor sources before preserving exact "latest", Node/Vite minimum, adapter, or release-note claims; otherwise keep those facts out of durable skill text or mark them as snapshot-only in the report.
|
|
59
63
|
|
|
60
64
|
<!-- mustflow-section: allowed-edits -->
|
|
61
65
|
## Allowed Edits
|
|
62
66
|
|
|
63
|
-
- Keep secrets, private environment, database clients,
|
|
64
|
-
- Use browser APIs only behind client-safe lifecycle or environment
|
|
67
|
+
- Keep secrets, private environment, database clients, server SDKs, cookie-authenticated data, and request identity in server-only files.
|
|
68
|
+
- Use browser APIs only behind client-safe lifecycle, dynamic import, event, action, or environment boundaries.
|
|
65
69
|
- Keep state local unless shared ownership is justified.
|
|
66
|
-
- Preserve form actions and progressive enhancement instead of replacing
|
|
70
|
+
- Preserve form actions and progressive enhancement instead of replacing page forms with client-only fetch.
|
|
67
71
|
- Use context for request-scoped component-tree sharing instead of module singletons.
|
|
68
|
-
- Use `$derived` for computed display values and `$effect` only for browser-side effects and cleanup.
|
|
72
|
+
- Use `$derived` for computed display values and `$effect` only for browser-side effects, subscriptions, DOM, timers, observers, third-party browser libraries, and cleanup.
|
|
73
|
+
- Keep SvelteKit, Vite, TypeScript, adapter, `svelte-check`, and package export surfaces synchronized when toolchain behavior changes.
|
|
69
74
|
|
|
70
75
|
<!-- mustflow-section: procedure -->
|
|
71
76
|
## Procedure
|
|
72
77
|
|
|
73
|
-
1. Read route segment files, parent layouts, stores/runes/context, hooks, app types, and tests.
|
|
74
|
-
2. Identify Svelte version and whether the code uses runes or
|
|
75
|
-
3. Before choosing a file, classify every data access with: origin, secrecy, request scope, mutation, browser dependency, and
|
|
76
|
-
4.
|
|
77
|
-
5.
|
|
78
|
-
6. If
|
|
79
|
-
7.
|
|
80
|
-
8.
|
|
81
|
-
9.
|
|
82
|
-
10. Use
|
|
83
|
-
11.
|
|
84
|
-
12.
|
|
85
|
-
13.
|
|
86
|
-
14.
|
|
87
|
-
15.
|
|
88
|
-
16.
|
|
78
|
+
1. Read route segment files, parent layouts, route matchers, stores/runes/context, hooks, app types, Svelte/Vite/TypeScript config, adapter config, package metadata, and tests.
|
|
79
|
+
2. Identify Svelte and SvelteKit version tracks and whether the code uses runes, legacy reactivity, or mixed migration mode.
|
|
80
|
+
3. Before choosing a file, classify every data access with: origin, secrecy, request scope, mutation, browser dependency, serialization, dependency tracking, invalidation trigger, and adapter support.
|
|
81
|
+
4. Keep DB, filesystem, private env, cookies, auth headers, `event.locals`, server SDKs, and request-local identity in server-only code: `+page.server`, `+layout.server`, `+server`, `hooks.server`, `$lib/server`, or `*.server.*`.
|
|
82
|
+
5. Treat `+page.ts` and `+layout.ts` as universal. They may run during SSR and later in the browser; do not import browser-only packages, private env, DB clients, or server modules there.
|
|
83
|
+
6. If `+page.server` and universal `+page` or `+layout` coexist, check that server-load data is intentionally passed through the universal `load` return value when the page component needs it.
|
|
84
|
+
7. Keep `load` side-effect-free. Do not increment counters, mark reads, mutate stores, write analytics, or change module state from `load`; preload and navigation can run it before the user commits.
|
|
85
|
+
8. Avoid `await parent()` waterfalls. Start independent fetches before awaiting parent data, and keep auth checks in `hooks.server` or route-specific server load when child data must not execute first.
|
|
86
|
+
9. Use SvelteKit-provided `fetch` inside load when dependency tracking, SSR response inlining, and hydration reuse matter. For custom clients, register `depends(...)` keys and invalidate the exact URL or dependency key.
|
|
87
|
+
10. Use page form actions for page-owned mutations. Preserve `fail(...)`, `redirect(303, ...)`, `use:enhance`, `update()`, `applyAction()`, focus reset, and invalidation behavior when enhancing forms.
|
|
88
|
+
11. Use `+server` for public HTTP APIs, webhooks, mobile APIs, streams, file responses, and custom response contracts. Do not create a JSON endpoint for a normal page form unless there is a non-page consumer.
|
|
89
|
+
12. For streaming load data, finish auth, redirects, and headers before streaming starts. Handle promise rejections, check adapter and proxy buffering, and stream only data whose late failure does not change page policy.
|
|
90
|
+
13. Preserve hydration markers and valid HTML structure. Do not use HTML minifiers, CDN rewrites, or edge transforms that remove Svelte hydration comments without verifying hydration.
|
|
91
|
+
14. If navigation reuses page or layout components, make route-dependent values `$derived` from `data`, `$app/state`, or URL state; use `{#key ...}` only when a real remount boundary is intended.
|
|
92
|
+
15. Put SSR-affecting filters, search, pagination, sorting, and shareable state in URL search params. Keep temporary UI state local or snapshot-like.
|
|
93
|
+
16. Use `$state` only for state that should update UI, `$derived`, or `$effect`. Keep large immutable payloads, table rows, CMS payloads, parser outputs, and third-party data as plain values or `$state.raw` with reassignment.
|
|
94
|
+
17. Do not destructure `$state` or proxy objects when live reactivity is required. Read fields at the use site or derive a narrow value.
|
|
95
|
+
18. Use `SvelteMap`, `SvelteSet`, `SvelteDate`, `SvelteURL`, or reassignment patterns when reactive special objects are required; do not expect ordinary `Map`, `Set`, `Date`, `URL`, or class internals to be deeply tracked.
|
|
96
|
+
19. Use `$derived` or `$derived.by` for filtering, sorting, totals, validation results, labels, and view models. Do not use `$effect` to copy or synchronize derived state.
|
|
97
|
+
20. Keep `$effect` dependencies narrow and synchronous. Read dependencies before `await`, `setTimeout`, or callbacks; use `untrack` for incidental logging, snapshots, or non-dependency reads.
|
|
98
|
+
21. Return cleanup from effects that create subscriptions, intervals, observers, sockets, editors, charts, canvas loops, or external library instances.
|
|
99
|
+
22. Treat props as parent-owned. Use callback props for changes and `$bindable` only for narrow form-control-like two-way APIs. Preserve wrapper binding chains or convert them to explicit callbacks.
|
|
100
|
+
23. In Svelte 5, treat DOM event handlers as props. When spreading rest props through wrappers, intentionally compose external handlers with internal policy instead of relying on spread order.
|
|
101
|
+
24. Treat snippets as typed render callbacks. Require optional snippet guards, pass row or slot-like data as parameters, and avoid hidden parent-state capture in reusable library components.
|
|
102
|
+
25. Check SvelteKit, Vite, TypeScript, adapter, and package output as one toolchain boundary. Do not edit generated `.svelte-kit/tsconfig.json`; fix `svelte.config`, `kit.alias`, package exports, `types`, `svelte` conditions, `files`, and CSS side effects at their source.
|
|
89
103
|
|
|
90
104
|
<!-- mustflow-section: data-boundary-policy -->
|
|
91
105
|
## Data Boundary Policy
|
|
@@ -94,6 +108,7 @@ Preserve Svelte component reactivity, SvelteKit SSR/server/client boundaries, da
|
|
|
94
108
|
- Public external APIs and public CMS data may live in universal load only when the browser may call them directly without secrets.
|
|
95
109
|
- DB, filesystem, private env, server SDKs, cookies, auth headers, sessions, and `event.locals` belong in server-only files.
|
|
96
110
|
- User-specific data must be read server-side and narrowed before being serialized into `data`.
|
|
111
|
+
- Server load return values must be intentionally serializable and minimal.
|
|
97
112
|
- Page forms should use form actions by default.
|
|
98
113
|
- External clients, webhooks, mobile apps, streaming responses, and custom HTTP responses belong in `+server`.
|
|
99
114
|
- Browser-only values belong in component effects, event handlers, dynamic imports, or browser actions.
|
|
@@ -105,18 +120,22 @@ Preserve Svelte component reactivity, SvelteKit SSR/server/client boundaries, da
|
|
|
105
120
|
- `+page.server.ts` and `+layout.server.ts` are for server-only page data.
|
|
106
121
|
- `+page.server.ts` actions are for page-owned form mutations.
|
|
107
122
|
- `+server.ts` is for HTTP endpoints, webhooks, non-page APIs, streams, files, and custom responses.
|
|
123
|
+
- Route matchers, optional params, rest params, and route groups are public URL and layout/auth behavior, not only folder naming.
|
|
108
124
|
- Do not create a JSON endpoint for a normal page form unless there is a non-page consumer.
|
|
109
125
|
- Do not wrap server-only imports in browser guards. Fix the import graph.
|
|
110
126
|
|
|
111
127
|
<!-- mustflow-section: runes-state-policy -->
|
|
112
128
|
## Runes And State Policy
|
|
113
129
|
|
|
114
|
-
- Use `$state` for
|
|
115
|
-
- Use `$
|
|
116
|
-
- Use `$
|
|
130
|
+
- Use `$state` for owned interactive UI state.
|
|
131
|
+
- Use `$state.raw` only when reassignment, not internal mutation, is the update model.
|
|
132
|
+
- Use `$state.snapshot` before sending proxy state to serializers, workers, chart libraries, equality tools, or external APIs that should see plain data.
|
|
133
|
+
- Use `$derived` for calculations from props, route data, page state, URL state, or local state.
|
|
134
|
+
- Use `$effect` only for browser-side effects, subscriptions, DOM, canvas, analytics, timers, third-party browser libraries, and cleanup.
|
|
117
135
|
- Use stores for external streams or manual subscribe/unsubscribe interop, not ordinary component state.
|
|
118
136
|
- Use context for parent-owned values shared down the component tree, especially request-scoped layout data.
|
|
119
137
|
- Do not reassign reactive context objects after placing them in context; update their properties or pass getter functions when needed.
|
|
138
|
+
- Use stable keys for changing lists. Do not use array indexes as keys when rows can reorder, insert, delete, transition, or own child state.
|
|
120
139
|
|
|
121
140
|
<!-- mustflow-section: ssr-debug-policy -->
|
|
122
141
|
## SSR Debug Policy
|
|
@@ -127,7 +146,7 @@ When SSR breaks, inspect in this order:
|
|
|
127
146
|
2. `$lib/server`, `*.server.*`, DB, filesystem, admin SDK, or server-only import chains.
|
|
128
147
|
3. Request-local state stored in module singletons, stores, or exported `$state`.
|
|
129
148
|
4. Browser API access at module top-level or during SSR render.
|
|
130
|
-
5. Hydration mismatch from time, randomness, locale, timezone, localStorage, or browser-only initial state.
|
|
149
|
+
5. Hydration mismatch from invalid HTML, removed comments, time, randomness, locale, timezone, localStorage, or browser-only initial state.
|
|
131
150
|
6. Route-level SSR disabling only after the product accepts an SPA-like shell.
|
|
132
151
|
|
|
133
152
|
<!-- mustflow-section: hard-bans -->
|
|
@@ -137,18 +156,21 @@ When SSR breaks, inspect in this order:
|
|
|
137
156
|
- Do not move required first-render page data into lifecycle hooks or `$effect`.
|
|
138
157
|
- Do not import `$lib/server`, `*.server.*`, private env modules, DB clients, filesystem, or admin SDKs from universal/client route files or shared client utilities.
|
|
139
158
|
- Do not mutate module-scope variables, global stores, or exported `$state` with user/session/request data during SSR, load, or actions.
|
|
140
|
-
- Do not use `$effect` to compute derived values.
|
|
159
|
+
- Do not use `$effect` to compute derived values or synchronize state mirrors.
|
|
141
160
|
- Do not put browser-only library imports at top level when the package touches browser globals during import.
|
|
142
161
|
- Do not serialize secrets, raw sessions, access tokens, hidden DB fields, or whole service responses through load data.
|
|
162
|
+
- Do not edit generated `.svelte-kit` files as source.
|
|
143
163
|
|
|
144
164
|
<!-- mustflow-section: postconditions -->
|
|
145
165
|
## Postconditions
|
|
146
166
|
|
|
147
167
|
- Server/client and SSR boundaries are explicit.
|
|
148
|
-
-
|
|
168
|
+
- Route, load, action, endpoint, invalidation, and streaming behavior are clear.
|
|
169
|
+
- State owner, derived/effect behavior, props ownership, snippets, and binding behavior are clear.
|
|
149
170
|
- Forms remain progressive unless intentionally changed.
|
|
150
171
|
- Private data stays server-only and serialized data is intentionally minimal.
|
|
151
172
|
- Request-scoped sharing uses load data, props, or context instead of module singletons.
|
|
173
|
+
- Adapter, Vite, TypeScript, and package output impacts are reported when touched.
|
|
152
174
|
- Accessibility warnings are resolved or justified.
|
|
153
175
|
|
|
154
176
|
<!-- mustflow-section: verification -->
|
|
@@ -163,7 +185,7 @@ Use configured oneshot command intents when available:
|
|
|
163
185
|
- `docs_validate_fast`
|
|
164
186
|
- `mustflow_check`
|
|
165
187
|
|
|
166
|
-
Report missing Svelte check, SSR render, form action, or
|
|
188
|
+
Report missing Svelte check, SSR render, hydration, form action, browser, adapter, package, or preview-mode verification intents when relevant.
|
|
167
189
|
|
|
168
190
|
<!-- mustflow-section: failure-handling -->
|
|
169
191
|
## Failure Handling
|
|
@@ -173,13 +195,16 @@ Report missing Svelte check, SSR render, form action, or browser verification in
|
|
|
173
195
|
- If accessibility warnings require an ignore, include the specific reason in the code or report.
|
|
174
196
|
- If server-only imports leak into universal/client files, move the boundary instead of adding runtime guards.
|
|
175
197
|
- If request-local data is stored globally, move it to server load, actions, context, or persistent storage with user scoping.
|
|
198
|
+
- If exact framework, adapter, Vite, Node, or release claims cannot be refreshed from official sources, omit them from durable skill text and report them as unverified snapshot context.
|
|
199
|
+
- If streaming, hydration, adapter output, package exports, or preview-mode behavior cannot be verified by configured intents, report the missing runtime smoke coverage.
|
|
176
200
|
|
|
177
201
|
<!-- mustflow-section: output-format -->
|
|
178
202
|
## Output Format
|
|
179
203
|
|
|
180
204
|
- Boundary checked
|
|
181
|
-
- SSR/server/client and
|
|
182
|
-
-
|
|
205
|
+
- SSR/server/client, route, load, action, invalidation, and streaming notes
|
|
206
|
+
- Runes, state, props, snippet, binding, and accessibility notes
|
|
207
|
+
- Adapter, Vite, TypeScript, and package-output notes when touched
|
|
183
208
|
- Files changed
|
|
184
209
|
- Command intents run
|
|
185
210
|
- Skipped checks and reasons
|
|
@@ -0,0 +1,305 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.vue-code-change
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 1
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: vue-code-change
|
|
9
|
+
description: Apply this skill when Vue, Nuxt, Pinia, Vue Router, Vue SFCs, Composition API, reactivity, props, emits, slots, v-model, SSR, hydration, lazy hydration, Vite/Vue toolchain, or Vue-related tests are created, changed, reviewed, or upgraded.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.vue-code-change
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- test_release
|
|
24
|
+
- mustflow_check
|
|
25
|
+
---
|
|
26
|
+
|
|
27
|
+
# Vue Code Change
|
|
28
|
+
|
|
29
|
+
<!-- mustflow-section: purpose -->
|
|
30
|
+
## Purpose
|
|
31
|
+
|
|
32
|
+
Preserve Vue and Nuxt component, reactivity, state, routing, SSR, hydration, lazy-hydration,
|
|
33
|
+
toolchain, and package-version contracts when changing Vue projects. Review Vue code by asking
|
|
34
|
+
which value is being tracked, which component owns it, which runtime renders it first, and whether
|
|
35
|
+
the server and client will agree.
|
|
36
|
+
|
|
37
|
+
<!-- mustflow-section: use-when -->
|
|
38
|
+
## Use When
|
|
39
|
+
|
|
40
|
+
- `.vue` files, Vue SFC macros, Composition API, Options API, composables, custom directives,
|
|
41
|
+
Pinia stores, Vue Router routes or guards, Nuxt pages/layouts/components/plugins/middleware,
|
|
42
|
+
Vite Vue config, `vue-tsc`, or Vue-related tests change.
|
|
43
|
+
- The task touches reactive state, `ref`, `reactive`, `shallowRef`, `computed`, `watch`,
|
|
44
|
+
`watchEffect`, `defineProps`, reactive props destructure, `defineModel`, `defineEmits`,
|
|
45
|
+
fallthrough attributes, slots, template refs, provide/inject, Teleport, Suspense, SSR,
|
|
46
|
+
hydration, lazy hydration, ClientOnly behavior, or route lazy loading.
|
|
47
|
+
- A contribution proposes Vue performance, hydration, state ownership, component API, Pinia,
|
|
48
|
+
router, Nuxt, Vite, TypeScript, or Vue version support changes.
|
|
49
|
+
|
|
50
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
51
|
+
## Do Not Use When
|
|
52
|
+
|
|
53
|
+
- The change is framework-free JavaScript or TypeScript with no Vue, Nuxt, Pinia, or router
|
|
54
|
+
boundary; use the language-specific skill.
|
|
55
|
+
- The task is only plain HTML/CSS layout, accessibility, localization, or image delivery with no
|
|
56
|
+
Vue behavior; use the narrower frontend or UI skill.
|
|
57
|
+
- React, Svelte, Astro, Tauri, Flutter, or another framework owns the changed component boundary.
|
|
58
|
+
- The task is only a dependency upgrade across many packages; use dependency and freshness skills
|
|
59
|
+
first, then this skill for Vue-specific code and compatibility surfaces.
|
|
60
|
+
|
|
61
|
+
<!-- mustflow-section: required-inputs -->
|
|
62
|
+
## Required Inputs
|
|
63
|
+
|
|
64
|
+
- Package and toolchain evidence: nearest `package.json`, lockfile, package manager, `engines`,
|
|
65
|
+
Vite config, Nuxt config, Vue plugin config, TypeScript config, `vue-tsc` setup, test config,
|
|
66
|
+
and CI signals.
|
|
67
|
+
- Effective support range: installed `vue`, `@vue/compiler-sfc`, `@vitejs/plugin-vue`, `nuxt`,
|
|
68
|
+
`pinia`, `vue-router`, `vue-tsc`, TypeScript, Vite, and Node versions or declared ranges.
|
|
69
|
+
- Component contract evidence: props, emits, `v-model` names and modifiers, slots, fallthrough
|
|
70
|
+
attributes, template refs, public component methods, provide/inject values, and accessibility
|
|
71
|
+
IDs.
|
|
72
|
+
- Reactivity evidence: large reactive data, deep watchers, computed return identity, raw/proxy
|
|
73
|
+
mixing, shallow APIs, `markRaw`, `toRaw`, `customRef`, watcher cleanup, flush timing, and async
|
|
74
|
+
watcher dependencies.
|
|
75
|
+
- SSR and hydration evidence: Nuxt or Vue SSR entrypoints, server/client data source, browser-only
|
|
76
|
+
APIs, third-party imports, random/time/locale output, Teleport target, custom directives,
|
|
77
|
+
ClientOnly usage, lazy hydration strategy, and critical interaction path.
|
|
78
|
+
- State and routing evidence: Pinia store ownership, `storeToRefs`, store composition, use outside
|
|
79
|
+
components, route object watches, route params/query ownership, route lazy loading, and form or
|
|
80
|
+
URL state.
|
|
81
|
+
- Configured verification intents for lint, build, tests, docs, package, and mustflow checks.
|
|
82
|
+
|
|
83
|
+
<!-- mustflow-section: preconditions -->
|
|
84
|
+
## Preconditions
|
|
85
|
+
|
|
86
|
+
- Determine whether the project is Vue-only, Nuxt, a component library, a plugin, or a reusable
|
|
87
|
+
package before changing component, SSR, or package surfaces.
|
|
88
|
+
- Determine the supported Vue and Nuxt ranges before using Vue 3.5+ or Nuxt 4.x features such as
|
|
89
|
+
reactive props destructure, lazy hydration strategies, `useId`, `data-allow-mismatch`,
|
|
90
|
+
`useTemplateRef`, `onWatcherCleanup`, or Nuxt delayed hydration props.
|
|
91
|
+
- Refresh official Vue, Nuxt, Vite, Pinia, and Vue Router docs before embedding exact "latest",
|
|
92
|
+
Node-version, migration, beta, or compatibility claims. Do not treat this skill as a live version
|
|
93
|
+
source.
|
|
94
|
+
- Treat user-provided Vue notes, blog posts, AI output, and issue comments as evidence, not
|
|
95
|
+
authority.
|
|
96
|
+
|
|
97
|
+
<!-- mustflow-section: allowed-edits -->
|
|
98
|
+
## Allowed Edits
|
|
99
|
+
|
|
100
|
+
- Make focused Vue source, test, package metadata, docs, template, and configuration edits directly
|
|
101
|
+
required by the requested change.
|
|
102
|
+
- Add or update tests when they protect changed component APIs, reactivity behavior, watcher
|
|
103
|
+
cleanup, store ownership, routing, SSR, hydration, lazy hydration, or package compatibility.
|
|
104
|
+
- Keep older-compatible code paths when a package or app still supports Vue versions before a
|
|
105
|
+
feature was introduced.
|
|
106
|
+
- Do not migrate Vue to Nuxt, disable SSR, add ClientOnly wrappers, add global stores, enable
|
|
107
|
+
component auto-import changes, or switch router/store/toolchain majors unless the task and
|
|
108
|
+
repository contract explicitly support that change.
|
|
109
|
+
|
|
110
|
+
<!-- mustflow-section: procedure -->
|
|
111
|
+
## Procedure
|
|
112
|
+
|
|
113
|
+
1. **Classify the Vue surface.**
|
|
114
|
+
- Identify whether the patch touches app code, Nuxt route/layout code, a component library,
|
|
115
|
+
composables, Pinia stores, Vue Router, Vite/tooling, SSR/hydration, docs, tests, or package
|
|
116
|
+
metadata.
|
|
117
|
+
- For libraries, treat props, emits, slots, `v-model`, exposed methods, CSS side effects, and
|
|
118
|
+
peer ranges as public contracts.
|
|
119
|
+
2. **Check version and toolchain boundaries.**
|
|
120
|
+
- Read `vue`, `@vue/compiler-sfc`, `nuxt`, `pinia`, `vue-router`, `vite`, `vue-tsc`,
|
|
121
|
+
TypeScript, and Node constraints before using current APIs or writing compatibility text.
|
|
122
|
+
- Do not assume Vite type-checks Vue SFCs. Look for a configured `vue-tsc --noEmit` or
|
|
123
|
+
equivalent typecheck surface, and report the missing intent when absent.
|
|
124
|
+
- Keep Vue ecosystem upgrades grouped when compatibility is involved: Vue, compiler-sfc,
|
|
125
|
+
Vite plugin, Nuxt, Pinia, Router, vue-tsc, TypeScript, and Node engines can constrain each
|
|
126
|
+
other.
|
|
127
|
+
3. **Review reactivity by subscription width.**
|
|
128
|
+
- Avoid wrapping large API responses, large tables, log arrays, permission trees, or deeply
|
|
129
|
+
nested JSON in deep `reactive()` unless the UI needs deep mutation tracking.
|
|
130
|
+
- Use `shallowRef` or `shallowReactive` only as a root-state boundary, and update by root
|
|
131
|
+
replacement. Do not bury shallow state inside deep reactive trees.
|
|
132
|
+
- Do not stringify, spread, or debug-print huge reactive objects in render or computed paths;
|
|
133
|
+
that makes the effect subscribe to too much.
|
|
134
|
+
- Keep raw and proxy identities from mixing in `Set`, `Map`, selected rows, memo caches, and
|
|
135
|
+
equality checks. Prefer stable ids over object references.
|
|
136
|
+
4. **Review computed, watch, and watchEffect contracts.**
|
|
137
|
+
- Keep computed getters pure. Do not perform API calls, DOM writes, analytics, or state
|
|
138
|
+
mutations inside computed getters.
|
|
139
|
+
- Treat computed output as derived read-only state. Mutate the source state, not the computed
|
|
140
|
+
result.
|
|
141
|
+
- Avoid returning fresh objects or arrays from computed values when downstream stability matters;
|
|
142
|
+
compare with the previous value when Vue version support allows old-value reuse.
|
|
143
|
+
- Do not watch large reactive objects directly unless deep behavior is intentional and bounded.
|
|
144
|
+
Prefer getter sources for the exact primitive, id, length, param, or selector that matters.
|
|
145
|
+
- Avoid `deep: true` as a default. Vue 3.5+ supports numeric deep traversal, but the better
|
|
146
|
+
fix is often a narrower getter or `watchEffect` that reads only used fields.
|
|
147
|
+
- In async `watchEffect`, read dependencies before the first `await`. Later reads are not
|
|
148
|
+
dependency-tracked.
|
|
149
|
+
- Add cleanup for watcher fetches, timers, subscriptions, and observers. Use `onWatcherCleanup`
|
|
150
|
+
only in the synchronous part of Vue 3.5+ watchers, or use the callback `onCleanup` argument.
|
|
151
|
+
- Use `flush: 'post'` only when the watcher must read owner DOM after Vue updates it; avoid
|
|
152
|
+
`flush: 'sync'` for high-churn sources such as arrays.
|
|
153
|
+
5. **Review component API contracts.**
|
|
154
|
+
- Keep props as one-way inputs. Do not mutate nested object or array props from children unless
|
|
155
|
+
the component is explicitly a tightly coupled compound component.
|
|
156
|
+
- Separate controlled and uncontrolled behavior. Use `modelValue` or named `v-model` for
|
|
157
|
+
live parent ownership, `defaultValue` or `initialValue` for one-time initialization, and a
|
|
158
|
+
`resetKey` or explicit action for reset semantics.
|
|
159
|
+
- For Vue 3.5+ reactive props destructure, same-block reads are reactive, but passing a
|
|
160
|
+
destructured prop to `watch` or a composable needs a getter such as `() => foo` or input
|
|
161
|
+
normalization with `toValue`.
|
|
162
|
+
- Avoid mixing boolean props with string modes. Keep booleans for true/false state and string
|
|
163
|
+
unions for variants or modes.
|
|
164
|
+
- Treat `defineModel({ default })` as a possible parent-child desynchronization risk. Prefer
|
|
165
|
+
required models or parent-owned initialization for form components.
|
|
166
|
+
- Declare public emits. Undeclared listeners can fall through to DOM roots and cause duplicate
|
|
167
|
+
or misplaced native event handling.
|
|
168
|
+
- Prefer object event payloads for public component events so future fields can be added without
|
|
169
|
+
positional argument churn.
|
|
170
|
+
- Treat `$attrs` as public API routing, not a dumping ground. With wrappers, bind attrs and
|
|
171
|
+
listeners to the actual interactive element.
|
|
172
|
+
- Treat slot names and slot props as public APIs. Keep `#default`, named slots, and scoped slot
|
|
173
|
+
data explicit.
|
|
174
|
+
6. **Review render and list performance.**
|
|
175
|
+
- Keep child props stable. Do not pass a changing global value such as `activeId` to every row
|
|
176
|
+
when each child only needs a boolean such as `active`.
|
|
177
|
+
- Use stable primitive keys, not indexes or objects, for reorderable lists.
|
|
178
|
+
- Do not combine `v-if` and `v-for` on the same element. Move filtering to computed output or
|
|
179
|
+
gate the parent container.
|
|
180
|
+
- Copy before sorting or reversing arrays in computed values. Do not mutate source arrays while
|
|
181
|
+
deriving render output.
|
|
182
|
+
- Large lists need pagination, virtualization, route-level splitting, or a documented hard cap.
|
|
183
|
+
- Avoid renderless or provider component stacks inside thousands of list rows when a composable
|
|
184
|
+
or plain helper can own the reusable logic.
|
|
185
|
+
7. **Review composables and provide/inject.**
|
|
186
|
+
- Design composable inputs to accept plain values, refs, and getters when the use case calls
|
|
187
|
+
for all three. Normalize with `toValue` inside a tracked effect when dependency tracking is
|
|
188
|
+
required.
|
|
189
|
+
- Return refs or `toRefs`-compatible shapes when callers are expected to destructure the result.
|
|
190
|
+
- For provide/inject, prefer readonly state plus explicit mutation functions when descendants
|
|
191
|
+
should not mutate shared state directly.
|
|
192
|
+
- Use template refs and component refs as escape hatches. Prefer props/emits first, and expose
|
|
193
|
+
only intentional public methods with `defineExpose`.
|
|
194
|
+
8. **Review Pinia and router ownership.**
|
|
195
|
+
- Use `storeToRefs()` for reactive state/getter destructuring; actions may be destructured.
|
|
196
|
+
- Keep page-local UI state out of Pinia unless it must survive navigation or be shared across
|
|
197
|
+
independent surfaces.
|
|
198
|
+
- Do not create mutually recursive setup stores that read each other's state during setup.
|
|
199
|
+
Move cross-store reads into computed values or actions.
|
|
200
|
+
- When using stores outside components, verify Pinia is installed before `useStore()` runs.
|
|
201
|
+
In SSR, pass or use the request's active Pinia instance instead of a shared singleton.
|
|
202
|
+
- Watch specific route params, query fields, or names rather than the entire route object.
|
|
203
|
+
- Use route lazy loading for route components when initial bundle size matters, and verify the
|
|
204
|
+
router major and typed-route integration before changing route tooling.
|
|
205
|
+
9. **Review SSR and hydration determinism.**
|
|
206
|
+
- Treat SSR as the same app running on server and client. First-render output must be
|
|
207
|
+
deterministic across both sides.
|
|
208
|
+
- Do not store request-specific state in module-scope singletons, exported reactive objects, or
|
|
209
|
+
global stores during SSR. Create app, router, store, and request context per request.
|
|
210
|
+
- Move browser-only APIs, DOM libraries, timers, observers, sockets, analytics, maps, editors,
|
|
211
|
+
and chart initialization behind client-safe lifecycle or dynamic import boundaries.
|
|
212
|
+
- Do not let `Math.random()`, `Date.now()`, timezone, locale, viewport, localStorage, auth
|
|
213
|
+
fallback, or A/B bucket values alter SSR-visible first markup unless the value is serialized
|
|
214
|
+
or intentionally client-only.
|
|
215
|
+
- Check invalid HTML nesting before blaming hydration. Browser parsers can rewrite SSR HTML
|
|
216
|
+
before Vue hydrates it.
|
|
217
|
+
- Use `useId` for SSR-stable form and accessibility IDs when the supported Vue version allows it.
|
|
218
|
+
- Use `data-allow-mismatch` only for narrowly intentional mismatches such as unavoidable dates,
|
|
219
|
+
not as a blanket hydration-warning silencer.
|
|
220
|
+
- For SSR Teleport, use a dedicated target and ensure teleported markup is injected or delayed
|
|
221
|
+
intentionally. Avoid targeting `body` casually.
|
|
222
|
+
- For custom directives that affect SSR-visible attributes, provide an SSR path instead of
|
|
223
|
+
relying only on client DOM hooks.
|
|
224
|
+
10. **Review Nuxt client-only and lazy hydration boundaries.**
|
|
225
|
+
- Do not use `<ClientOnly>` as a default mismatch fix. It removes default slot content from
|
|
226
|
+
server rendering and can affect first HTML, CSS, SEO, LCP, and layout.
|
|
227
|
+
- Distinguish lazy code loading from lazy hydration. Nuxt `Lazy` component prefixes delay code
|
|
228
|
+
loading; hydration strategies decide when existing SSR HTML becomes interactive.
|
|
229
|
+
- Avoid delayed hydration for above-the-fold controls, forms, navigation, search, login,
|
|
230
|
+
checkout, add-to-cart, or any component users may interact with immediately.
|
|
231
|
+
- For delayed hydration, pick one strategy per component and check Nuxt constraints: SFC usage,
|
|
232
|
+
explicit template props, no broad prop spread, and no direct `#components` import path when
|
|
233
|
+
the strategy depends on auto-imported lazy components.
|
|
234
|
+
- Treat prop changes and shared `v-model` as hydration triggers. Do not put shared model state
|
|
235
|
+
on many lazy-hydrated components without measuring the cascade.
|
|
236
|
+
- Do not use `hydrate-never` on interactive components.
|
|
237
|
+
11. **Keep public and package surfaces synchronized.**
|
|
238
|
+
- If component APIs, router behavior, store contracts, SSR behavior, hydration behavior,
|
|
239
|
+
package metadata, or toolchain ranges change, synchronize docs, tests, examples, and template
|
|
240
|
+
metadata.
|
|
241
|
+
- Avoid exact latest-version wording unless official sources were refreshed in the current
|
|
242
|
+
task. Prefer support-range wording such as "Vue 3.5+" or "Nuxt 4.x" only when the project
|
|
243
|
+
actually supports that range.
|
|
244
|
+
12. **Verify through the repository contract.**
|
|
245
|
+
- Run the smallest configured checks that cover Vue code, TypeScript/SFC type checks, build
|
|
246
|
+
output, tests, docs, and release-sensitive template output.
|
|
247
|
+
- Report missing browser, hydration, SSR, Nuxt, Pinia, Router, vue-tsc, performance profiling,
|
|
248
|
+
or package-consumer verification when those surfaces changed.
|
|
249
|
+
|
|
250
|
+
<!-- mustflow-section: postconditions -->
|
|
251
|
+
## Postconditions
|
|
252
|
+
|
|
253
|
+
- Effective Vue, Nuxt, Pinia, Router, Vite, TypeScript, vue-tsc, and Node compatibility are known
|
|
254
|
+
or explicitly reported as unknown.
|
|
255
|
+
- Reactivity, computed, watcher, component API, composable, store, router, SSR, hydration, and lazy
|
|
256
|
+
hydration boundaries follow the supported version's model.
|
|
257
|
+
- Large data, wide subscriptions, unstable computed identity, raw/proxy mixing, prop mutation,
|
|
258
|
+
broad route watches, stale watcher responses, and ClientOnly misuse are fixed or reported.
|
|
259
|
+
- SSR-visible output is deterministic, intentionally client-only, or narrowly marked as an
|
|
260
|
+
intentional mismatch.
|
|
261
|
+
- Performance claims have profiler, benchmark, render-count, bundle, or configured evidence, or
|
|
262
|
+
are reported as static risk.
|
|
263
|
+
|
|
264
|
+
<!-- mustflow-section: verification -->
|
|
265
|
+
## Verification
|
|
266
|
+
|
|
267
|
+
Use configured oneshot command intents when available:
|
|
268
|
+
|
|
269
|
+
- `lint`
|
|
270
|
+
- `build`
|
|
271
|
+
- `test_related`
|
|
272
|
+
- `test`
|
|
273
|
+
- `docs_validate_fast`
|
|
274
|
+
- `test_release`
|
|
275
|
+
- `mustflow_check`
|
|
276
|
+
|
|
277
|
+
Report missing Vue SFC typecheck, browser, hydration, SSR, Nuxt route, Pinia store, Router,
|
|
278
|
+
performance, or package-consumer verification when those surfaces changed.
|
|
279
|
+
|
|
280
|
+
<!-- mustflow-section: failure-handling -->
|
|
281
|
+
## Failure Handling
|
|
282
|
+
|
|
283
|
+
- If version evidence conflicts, do not assume the newest Vue or Nuxt API is available. Preserve
|
|
284
|
+
the older-compatible path or report the compatibility decision.
|
|
285
|
+
- If a reactivity fix makes code faster by dropping required updates, restore the correct owner
|
|
286
|
+
boundary and report the performance tradeoff.
|
|
287
|
+
- If a watcher or route fetch can race, keep the stale-response scenario visible and add cleanup,
|
|
288
|
+
cancellation, request identity, or query-key ownership.
|
|
289
|
+
- If hydration fails, fix deterministic markup, SSR data, browser-only imports, invalid HTML, or
|
|
290
|
+
request-local state before adding ClientOnly or `data-allow-mismatch`.
|
|
291
|
+
- If a Nuxt lazy-hydration change breaks first interaction, remove the delay for that component or
|
|
292
|
+
report the product tradeoff.
|
|
293
|
+
- If configured verification is missing, report the missing intent instead of inventing raw
|
|
294
|
+
package-manager, dev-server, browser, or watcher commands.
|
|
295
|
+
|
|
296
|
+
<!-- mustflow-section: output-format -->
|
|
297
|
+
## Output Format
|
|
298
|
+
|
|
299
|
+
- Vue surface and supported version checked
|
|
300
|
+
- Toolchain, SFC typecheck, reactivity, computed, watcher, component API, composable, Pinia,
|
|
301
|
+
Router, SSR, hydration, lazy-hydration, and performance notes
|
|
302
|
+
- Files changed
|
|
303
|
+
- Command intents run
|
|
304
|
+
- Skipped checks and reasons
|
|
305
|
+
- Remaining Vue, Nuxt, hydration, toolchain, or verification risk
|