mustflow 2.103.22 → 2.103.32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -2
- package/dist/cli/commands/check.js +3 -3
- package/dist/cli/commands/flow.js +93 -0
- package/dist/cli/commands/run/executor.js +28 -3
- package/dist/cli/commands/run/windows-command-script.js +23 -0
- package/dist/cli/i18n/en.js +11 -0
- package/dist/cli/i18n/es.js +11 -0
- package/dist/cli/i18n/fr.js +11 -0
- package/dist/cli/i18n/hi.js +11 -0
- package/dist/cli/i18n/ko.js +11 -0
- package/dist/cli/i18n/zh.js +11 -0
- package/dist/cli/index.js +1 -0
- package/dist/cli/lib/active-command-lock.js +4 -0
- package/dist/cli/lib/command-registry.js +7 -0
- package/dist/cli/lib/local-index/index.js +70 -0
- package/dist/cli/lib/repo-flow-frontmatter.js +35 -0
- package/dist/cli/lib/repo-flow.js +209 -0
- package/dist/cli/lib/repo-map.js +3 -0
- package/dist/cli/lib/run-plan.js +8 -4
- package/dist/cli/lib/validation/constants.js +10 -0
- package/dist/cli/lib/validation/index.js +73 -1
- package/dist/core/check-issues.js +2 -0
- package/dist/core/generated-boundary.js +1 -0
- package/package.json +2 -1
- package/templates/default/i18n.toml +30 -6
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +29 -6
- package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +95 -23
- package/templates/default/locales/en/.mustflow/skills/axum-code-change/SKILL.md +219 -0
- package/templates/default/locales/en/.mustflow/skills/babylon-code-change/SKILL.md +318 -0
- package/templates/default/locales/en/.mustflow/skills/bun-code-change/SKILL.md +27 -12
- package/templates/default/locales/en/.mustflow/skills/elysia-code-change/SKILL.md +74 -20
- package/templates/default/locales/en/.mustflow/skills/godot-code-change/SKILL.md +272 -0
- package/templates/default/locales/en/.mustflow/skills/hono-code-change/SKILL.md +37 -23
- package/templates/default/locales/en/.mustflow/skills/routes.toml +28 -4
- package/templates/default/locales/en/.mustflow/skills/svelte-code-change/SKILL.md +65 -40
- package/templates/default/locales/en/.mustflow/skills/vue-code-change/SKILL.md +305 -0
- package/templates/default/manifest.toml +29 -1
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
mustflow_doc: skill.bun-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 2
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: bun-code-change
|
|
9
|
-
description: Apply this skill when Bun runtime code, Bun package manager behavior, bun.lock, bunfig.toml, Bun test runner behavior, Bun bundling, Bun TypeScript execution,
|
|
9
|
+
description: Apply this skill when Bun runtime code, Bun.serve or Elysia-on-Bun server behavior, Bun package manager behavior, bun.lock, bunfig.toml, Bun test runner behavior, Bun bundling, Bun compile, Bun TypeScript execution, Bun-specific APIs, Docker deployment, or Bun runtime compatibility is created, changed, reviewed, or upgraded.
|
|
10
10
|
metadata:
|
|
11
11
|
mustflow_schema: "1"
|
|
12
12
|
mustflow_kind: procedure
|
|
@@ -29,15 +29,15 @@ metadata:
|
|
|
29
29
|
<!-- mustflow-section: purpose -->
|
|
30
30
|
## Purpose
|
|
31
31
|
|
|
32
|
-
Preserve Bun's separate roles as runtime, package manager, script runner, test runner, bundler, transpiler, and Node-compatible environment without mistaking one successful role for another.
|
|
32
|
+
Preserve Bun's separate roles as runtime, package manager, script runner, test runner, bundler, transpiler, compiler, server runtime, and Node-compatible environment without mistaking one successful role for another.
|
|
33
33
|
|
|
34
34
|
<!-- mustflow-section: use-when -->
|
|
35
35
|
## Use When
|
|
36
36
|
|
|
37
37
|
- `bun.lock`, `bun.lockb`, `bunfig.toml`, `packageManager: "bun@..."`, Bun install settings, `trustedDependencies`, Bun workspace behavior, or Bun lockfile migration changes.
|
|
38
|
-
- Bun runtime code or config changes, including `Bun.*`, `Bun.serve`, `Bun.file`, `Bun.write`, `Bun.spawn`, `Bun.$`, `bun:sqlite`, `#!/usr/bin/env bun`, Bun preload, Bun `.env` behavior, or `bun run --bun`.
|
|
38
|
+
- Bun runtime code or config changes, including `Bun.*`, `Bun.serve`, Elysia-on-Bun `serve` settings, `Bun.file`, `Bun.write`, `Bun.spawn`, `Bun.$`, `bun:sqlite`, `#!/usr/bin/env bun`, Bun preload, Bun `.env` behavior, or `bun run --bun`.
|
|
39
39
|
- Bun test runner behavior changes, including `bun test`, `bun:test`, `[test]` in `bunfig.toml`, snapshots, mocks, preload, isolation, coverage, sharding, or parallelism.
|
|
40
|
-
- Bun bundling, compile, transpiler, build target, JSX settings, path aliases, TypeScript runtime execution, or library packaging with Bun changes.
|
|
40
|
+
- Bun bundling, compile, transpiler, build target, JSX settings, path aliases, TypeScript runtime execution, single executable output, Docker images, PORT binding, observability instrumentation, or library packaging with Bun changes.
|
|
41
41
|
|
|
42
42
|
<!-- mustflow-section: do-not-use-when -->
|
|
43
43
|
## Do Not Use When
|
|
@@ -54,6 +54,7 @@ Preserve Bun's separate roles as runtime, package manager, script runner, test r
|
|
|
54
54
|
- Bun ownership files: `bun.lock`, `bun.lockb`, `bunfig.toml`, npm, pnpm, or Yarn lockfiles that coexist with Bun, CI install commands, Docker install and runtime commands, and `oven-sh/setup-bun` usage.
|
|
55
55
|
- Bun config sections: `[install]`, `[test]`, top-level preload, env, define, loader, JSX, and run settings.
|
|
56
56
|
- Runtime and compatibility surfaces: `Bun.*`, `bun:test`, `node:*`, `.node`, `node-gyp`, lifecycle scripts, Prisma, sharp, Playwright, esbuild, native binary packages, streams, workers, child processes, crypto, filesystem watch, and shebangs.
|
|
57
|
+
- Server and deployment surfaces: `Bun.serve`, Elysia `serve` config, idle timeout, WebSocket config, backpressure limits, `SO_REUSEPORT`, clustering, compile target, CPU and libc assumptions, Docker base image, build context, distroless output, `PORT` env handling, OpenTelemetry or instrumentation, and reverse proxy config.
|
|
57
58
|
- TypeScript and package surfaces: `tsconfig*.json`, `@types/bun`, `types: ["bun"]`, module resolution, path aliases, JSX runtime, declaration output, build targets, package exports, and command contract entries.
|
|
58
59
|
|
|
59
60
|
<!-- mustflow-section: preconditions -->
|
|
@@ -63,6 +64,7 @@ Preserve Bun's separate roles as runtime, package manager, script runner, test r
|
|
|
63
64
|
- Do not treat Bun package installation as proof that Bun runtime behavior works.
|
|
64
65
|
- Do not treat Bun runtime execution, Bun transpilation, Bun tests, or Bun bundling as TypeScript typechecking or declaration generation.
|
|
65
66
|
- Treat lockfile, trusted dependency, build target, and package entry changes as release-sensitive unless proven internal.
|
|
67
|
+
- Treat Elysia-on-Bun deployment settings as runtime contracts, not local development conveniences.
|
|
66
68
|
|
|
67
69
|
<!-- mustflow-section: allowed-edits -->
|
|
68
70
|
## Allowed Edits
|
|
@@ -70,6 +72,8 @@ Preserve Bun's separate roles as runtime, package manager, script runner, test r
|
|
|
70
72
|
- Keep Bun-specific APIs in Bun-owned runtime files, adapters, tests, or package entrypoints.
|
|
71
73
|
- Keep Bun package manager changes aligned with `bun.lock`, `bunfig.toml`, CI, Docker, and workspace ownership.
|
|
72
74
|
- Preserve existing Node, browser, edge, Jest, Vitest, TypeScript, and package-consumer contracts unless the task explicitly asks to migrate them.
|
|
75
|
+
- Isolate Bun-only APIs behind runtime-owned adapters when Node, browser, edge, or test portability remains a project contract.
|
|
76
|
+
- Keep server runtime settings explicit when long-lived requests, streaming, WebSockets, uploaded files, generated exports, or reverse proxies are involved.
|
|
73
77
|
- Add focused tests or package checks only when they protect changed Bun runtime, package manager, test runner, build, or public package behavior.
|
|
74
78
|
|
|
75
79
|
<!-- mustflow-section: procedure -->
|
|
@@ -92,10 +96,19 @@ Preserve Bun's separate roles as runtime, package manager, script runner, test r
|
|
|
92
96
|
10. For Bun bundling and package output, distinguish `bun run build` from direct Bun bundler usage. Confirm script bodies before treating a build as Bun bundling. Choose target and format according to actual consumers; Bun-targeted output is not automatically Node-compatible.
|
|
93
97
|
11. If Node consumers are supported, do not emit package entrypoints that rely on Bun-only APIs, Bun-only wrappers, or Bun-only module resolution unless the package clearly exposes a Bun-specific entry.
|
|
94
98
|
12. Treat Bun runtime as Node-compatible, not Node itself. JavaScriptCore, Node API compatibility gaps, native addons, Node internals, worker options, child process IPC, stream/backpressure, crypto/FIPS, watch behavior, Prisma CLI, sharp, Playwright, and esbuild all need targeted evidence when touched.
|
|
95
|
-
13.
|
|
96
|
-
14.
|
|
97
|
-
15.
|
|
98
|
-
16.
|
|
99
|
+
13. For Bun server changes, check idle timeout and long-lived request behavior. Plain `Bun.serve`, Elysia `serve.idleTimeout`, SSE, streaming AI responses, long uploads, downloads, exports, and quiet proxy connections may need explicit timeout policy.
|
|
100
|
+
14. For WebSocket changes, review `idleTimeout`, `maxPayloadLength`, `backpressureLimit`, `closeOnBackpressureLimit`, compression, and slow-client behavior. A connection opening successfully does not prove memory-safe backpressure behavior.
|
|
101
|
+
15. For multi-core deployment, distinguish single-process Bun behavior from clustered or multi-worker deployment. Treat `SO_REUSEPORT` and same-port multi-process assumptions as platform-sensitive, especially across Linux, macOS, Windows, containers, and hosting platforms.
|
|
102
|
+
16. For `Bun.serve({ routes })`, Elysia mounts, native routes, and framework interop, benchmark or test the actual route structure instead of assuming every request uses the same optimized path.
|
|
103
|
+
17. For `bun build --compile` or single executable output, check target OS, architecture, libc, executable permission, CPU requirements, dynamic files, `.d.ts` or source files used by runtime generators, native addons, and externalized packages.
|
|
104
|
+
18. Do not assume bundling eliminates `node_modules`. Instrumentation, monkey-patching, native modules, dynamic loading, OpenTelemetry, database drivers, and generated clients may require explicit externals and deployed runtime dependencies.
|
|
105
|
+
19. Treat minification as an observability decision. Full minify can damage function-name-based tracing, stack readability, and instrumentation. Prefer smaller minification scopes when tracing or production diagnostics depend on names.
|
|
106
|
+
20. For Docker and platform deploys, verify build context, workspace package copying, final base image, runtime user, executable path, `PORT` environment binding, health checks, signal handling, and reverse proxy expectations.
|
|
107
|
+
21. Treat benchmarks as workload evidence, not framework marketing. Use a load generator and scenario that are fast enough to drive Bun, and include real handler, serialization, database, TLS, proxy, streaming, or WebSocket paths when those paths changed.
|
|
108
|
+
22. Check shebang and runner behavior. A CLI with `#!/usr/bin/env node` may execute under Node even when launched through Bun. Do not call a path Bun-runtime-verified unless the entrypoint actually ran under Bun.
|
|
109
|
+
23. Use Bun's test runner only when the project intentionally uses it or the task targets Bun. Do not silently migrate Jest or Vitest tests to `bun:test`. Treat mocks, snapshots, preloads, globals, path aliases, coverage, isolation, and parallelism as migration-risk areas.
|
|
110
|
+
24. Do not update Bun snapshots as a generic fix. Snapshot updates require intended output change, diff inspection, and a follow-up run without update mode through configured intents.
|
|
111
|
+
25. Choose configured verification intents that cover typecheck, build, tests, package metadata, package artifact risk, docs examples, Bun runtime behavior, Bun test behavior, server timeout behavior, WebSocket backpressure, compile artifact behavior, Docker runtime, and mustflow contract checks when available. Report missing frozen install, Bun runtime, Bun test, declaration, package artifact, native dependency, Node compatibility, Docker, or CI verification.
|
|
99
112
|
|
|
100
113
|
<!-- mustflow-section: postconditions -->
|
|
101
114
|
## Postconditions
|
|
@@ -104,7 +117,7 @@ Preserve Bun's separate roles as runtime, package manager, script runner, test r
|
|
|
104
117
|
- Bun lockfile, install, workspace, trust, and lifecycle behavior is aligned with project ownership.
|
|
105
118
|
- Bun runtime, test, bundler, TypeScript, and declaration claims are not conflated.
|
|
106
119
|
- Bun-only APIs do not leak into Node, browser, edge, or shared package surfaces unintentionally.
|
|
107
|
-
-
|
|
120
|
+
- Bun server timeout, WebSocket backpressure, clustering, compile target, Docker, PORT, observability, native dependency, shebang, Node compatibility, and package consumer risks are handled or reported.
|
|
108
121
|
|
|
109
122
|
<!-- mustflow-section: verification -->
|
|
110
123
|
## Verification
|
|
@@ -119,7 +132,7 @@ Use configured oneshot command intents when available:
|
|
|
119
132
|
- `test_release`
|
|
120
133
|
- `mustflow_check`
|
|
121
134
|
|
|
122
|
-
Report missing frozen install, Bun runtime, Bun test, declaration output, package artifact, Node compatibility, native dependency, CI,
|
|
135
|
+
Report missing frozen install, Bun runtime, Bun server, WebSocket, compile artifact, Docker, Bun test, declaration output, package artifact, Node compatibility, native dependency, CI, observability, benchmark, or snapshot review verification intents when those surfaces change.
|
|
123
136
|
|
|
124
137
|
<!-- mustflow-section: failure-handling -->
|
|
125
138
|
## Failure Handling
|
|
@@ -128,6 +141,8 @@ Report missing frozen install, Bun runtime, Bun test, declaration output, packag
|
|
|
128
141
|
- If lockfile ownership conflicts, do not run dependency migration or generate a new lockfile unless the task explicitly asks for migration.
|
|
129
142
|
- If Bun runtime execution succeeds but typecheck or declarations are unverified, report that gap instead of claiming TypeScript correctness.
|
|
130
143
|
- If a package works under Bun but claims Node support, repair the Node-compatible entry or report the compatibility risk.
|
|
144
|
+
- If a server works locally but has no timeout, backpressure, port, signal, or Docker evidence, report the deployment risk instead of claiming production readiness.
|
|
145
|
+
- If a single executable works on the build machine only, report target CPU, OS, libc, dynamic dependency, and instrumentation gaps.
|
|
131
146
|
- If a native dependency, lifecycle script, or trusted dependency change cannot be verified, keep the change scoped and report release-sensitive risk.
|
|
132
147
|
|
|
133
148
|
<!-- mustflow-section: output-format -->
|
|
@@ -136,7 +151,7 @@ Report missing frozen install, Bun runtime, Bun test, declaration output, packag
|
|
|
136
151
|
- Bun role classification
|
|
137
152
|
- Package manager, lockfile, and trust notes
|
|
138
153
|
- Runtime, TypeScript, bundler, and test runner notes
|
|
139
|
-
-
|
|
154
|
+
- Server timeout, WebSocket, cluster, compile, Docker, observability, benchmark, native, shebang, Node compatibility, or package consumer risks
|
|
140
155
|
- Files changed
|
|
141
156
|
- Command intents run
|
|
142
157
|
- Skipped checks and reasons
|
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
mustflow_doc: skill.elysia-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 3
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: elysia-code-change
|
|
9
|
-
description: Apply this skill when Elysia routes, schemas, plugins, decorators, derives, resolves, guards, auth, error handling, OpenAPI
|
|
9
|
+
description: Apply this skill when Elysia routes, schemas, plugins, decorators, derives, resolves, guards, macros, auth, error handling, OpenAPI or Scalar docs, Eden Treaty clients, streaming, WebSocket, or Bun-backed Elysia server behavior are created, changed, reviewed, or upgraded.
|
|
10
10
|
metadata:
|
|
11
11
|
mustflow_schema: "1"
|
|
12
12
|
mustflow_kind: procedure
|
|
@@ -28,31 +28,34 @@ metadata:
|
|
|
28
28
|
<!-- mustflow-section: purpose -->
|
|
29
29
|
## Purpose
|
|
30
30
|
|
|
31
|
-
Preserve Elysia schema-first runtime validation, type inference, plugin, auth, error, OpenAPI, Eden, and Bun runtime boundaries.
|
|
31
|
+
Preserve Elysia schema-first runtime validation, type inference, plugin, auth, error, OpenAPI, Eden Treaty, lifecycle, streaming, and Bun-backed runtime boundaries.
|
|
32
32
|
|
|
33
33
|
<!-- mustflow-section: use-when -->
|
|
34
34
|
## Use When
|
|
35
35
|
|
|
36
|
-
- `new Elysia`, route methods, `t.Object`, request or response schemas, `.use`, `.guard`, `.derive`, `.resolve`, `.decorate`, `.onError`, auth middleware, OpenAPI, Eden, or Bun server tests change.
|
|
37
|
-
- The task adds API routes, plugins, validators, error envelopes, authentication,
|
|
36
|
+
- `new Elysia`, route methods, `t.Object`, Standard Schema validators, request or response schemas, `.model`, `.use`, `.guard`, `.derive`, `.resolve`, `.decorate`, `.state`, `.macro`, `.onError`, auth middleware, OpenAPI or Scalar docs, Eden Treaty, streaming, WebSocket, or Bun server tests change.
|
|
37
|
+
- The task adds API routes, plugins, validators, error envelopes, authentication, generated client contracts, SDK-facing route paths, runtime deployment settings, or Elysia version-sensitive behavior.
|
|
38
38
|
|
|
39
39
|
<!-- mustflow-section: do-not-use-when -->
|
|
40
40
|
## Do Not Use When
|
|
41
41
|
|
|
42
|
-
- The task only edits framework-free service functions called by Elysia routes; use the relevant language or architecture skill.
|
|
42
|
+
- The task only edits framework-free service functions called by Elysia routes; use the relevant language or architecture skill unless route contracts, schemas, lifecycle hooks, OpenAPI, or Eden types also change.
|
|
43
43
|
- Another web framework owns the route surface.
|
|
44
44
|
|
|
45
45
|
<!-- mustflow-section: required-inputs -->
|
|
46
46
|
## Required Inputs
|
|
47
47
|
|
|
48
|
-
- Package metadata, Bun lockfile if present, TypeScript config, server entrypoint, route modules, plugin modules, schema/model files, auth/session files, error handling, OpenAPI config, Eden client exports, and tests.
|
|
48
|
+
- Package metadata, Bun lockfile if present, TypeScript config, server entrypoint, route modules, plugin modules, schema/model files, auth/session files, cookie and CORS config, error handling, OpenAPI config, Eden client exports, streaming and WebSocket config, deployment config, and tests.
|
|
49
49
|
- Existing response envelope, status-code contract, and strict TypeScript policy.
|
|
50
|
+
- Current Elysia and plugin version evidence when the task depends on release-specific behavior. Refresh official package or vendor sources before preserving exact "latest" claims.
|
|
50
51
|
|
|
51
52
|
<!-- mustflow-section: preconditions -->
|
|
52
53
|
## Preconditions
|
|
53
54
|
|
|
54
55
|
- Identify whether schema is the source of truth for runtime validation and type inference.
|
|
55
56
|
- Inventory method, path, params, query, headers, cookies, body, response statuses, auth, and plugin/decorator dependencies.
|
|
57
|
+
- Identify whether the public client contract is Eden Treaty, OpenAPI JSON, generated SDKs, or a mix. Eden uses `typeof app`; OpenAPI SDKs use the OpenAPI document.
|
|
58
|
+
- Identify whether Bun runtime deployment details are in scope. If so, apply `bun-code-change` for Bun-specific runtime, compile, package manager, and deploy risks.
|
|
56
59
|
|
|
57
60
|
<!-- mustflow-section: allowed-edits -->
|
|
58
61
|
## Allowed Edits
|
|
@@ -60,33 +63,78 @@ Preserve Elysia schema-first runtime validation, type inference, plugin, auth, e
|
|
|
60
63
|
- Define request and response schemas with the route.
|
|
61
64
|
- Keep framework context at the route boundary and move only framework-free business logic into services.
|
|
62
65
|
- Preserve plugin, decorator, derive, resolve, and store inference through Elysia chaining.
|
|
66
|
+
- Preserve method chaining or return typed Elysia plugin instances so `typeof app`, decorators, schemas, and lifecycle additions remain visible to Eden and tests.
|
|
63
67
|
- Use `.derive` only for intentional pre-validation context shaping. Use `.resolve` by default for auth, session, user, tenant, permission, or other request-derived values that depend on validated headers, body, query, or params.
|
|
64
|
-
- Keep OpenAPI and Eden clients aligned with route schemas when present.
|
|
68
|
+
- Keep OpenAPI and Eden Treaty clients aligned with route schemas when present.
|
|
69
|
+
- Use `model()` or named schema references for reused schemas in larger route sets when it reduces duplicate schema drift and OpenAPI component churn.
|
|
70
|
+
- Keep reusable plugins explicit with `new Elysia({ name, seed })` when lifecycle deduplication, encapsulation, or dependency visibility matters.
|
|
65
71
|
|
|
66
72
|
<!-- mustflow-section: procedure -->
|
|
67
73
|
## Procedure
|
|
68
74
|
|
|
69
|
-
1. Read server entry, routes, plugins, schemas, auth, error handling, OpenAPI, Eden exports, and tests.
|
|
75
|
+
1. Read server entry, routes, plugins, schemas, auth, cookies, CORS, error handling, OpenAPI, Eden exports, runtime deployment config, and tests.
|
|
70
76
|
2. Build a route inventory for the changed surface.
|
|
71
|
-
3.
|
|
72
|
-
4.
|
|
73
|
-
5.
|
|
74
|
-
|
|
77
|
+
3. Treat route schema as the primary contract for runtime validation, TypeScript inference, OpenAPI, and Eden. Avoid duplicating request and response contracts as separate TypeScript interfaces unless a clear external boundary requires it.
|
|
78
|
+
4. Add or update schemas for every external input and meaningful response status, including non-2xx statuses.
|
|
79
|
+
5. For URL and header inputs, remember that params, query, and headers arrive as HTTP strings:
|
|
80
|
+
- use lower-case header schema keys;
|
|
81
|
+
- use explicit numeric or boolean coercion schemas such as `t.Numeric()` where the route expects converted URL values;
|
|
82
|
+
- use array schemas for query arrays instead of relying on caller convention;
|
|
83
|
+
- distinguish `t.Optional` around an input object from optional properties inside the object.
|
|
84
|
+
6. For file uploads, distinguish `t.File()` behavior from Standard Schema file validation. If using Zod, Valibot, or another Standard Schema, require explicit JSON Schema or file magic-number mapping when OpenAPI or runtime file validation depends on it.
|
|
85
|
+
7. Check body parser ownership. For webhook verifiers, tRPC, oRPC, proxy, or raw-body endpoints, require an explicit raw-body or `parse: 'none'` design instead of letting schema inference consume the request body first.
|
|
86
|
+
8. Reject GET or HEAD bodies as portable public API contracts unless the repository has an explicit non-portable exception. Use query contracts or a POST search/action endpoint instead.
|
|
87
|
+
9. Do not annotate handlers with broad `any`, duplicated manual interfaces, or imported `Context` types that erase inference. Keep Elysia context at the route boundary and pass only validated values into services.
|
|
88
|
+
10. Keep request-specific state out of module-level mutable globals, `.store`, and `.decorate`. Use validated `.resolve` or handler context for user, session, tenant, request id, or permission data.
|
|
89
|
+
11. For request-derived context, choose the lifecycle hook by validation dependency:
|
|
75
90
|
- use `.derive` only when transforming raw request context before validation is intentional;
|
|
76
91
|
- use `.guard()` to apply schema and auth-related validation around a route group;
|
|
77
92
|
- use `.resolve()` inside the validated chain for user, session, tenant, permission, or other values that depend on validated input;
|
|
78
93
|
- check the order between `.resolve()` and `beforeHandle` before relying on a value in an auth or permission hook.
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
94
|
+
12. Check lifecycle scope and registration order:
|
|
95
|
+
- hooks generally affect routes registered after them;
|
|
96
|
+
- plugin lifecycle is local unless scoped or global behavior is explicitly chosen;
|
|
97
|
+
- `global` scope should be reserved for true app-wide policy, not hidden feature dependencies;
|
|
98
|
+
- async or lazy plugins may require tests to wait for registered modules before asserting routes.
|
|
99
|
+
13. Treat macros as public route-option APIs. Review their schema, lifecycle, OpenAPI, type-inference, dedupe, and error-response effects before adding or changing macro options.
|
|
100
|
+
14. Centralize expected error envelope and auth failure behavior. Prefer typed `status(...)` return paths for expected route failures when Eden or OpenAPI clients need status-specific types; use `throw status(...)` intentionally when `onError` logging or transformation must run.
|
|
101
|
+
15. Register custom errors and map unknown errors deliberately. Avoid collapsing business, auth, validation, upstream, and server bugs into one unknown 500.
|
|
102
|
+
16. Review security defaults and exposure:
|
|
103
|
+
- configure CORS origins and credential behavior explicitly;
|
|
104
|
+
- protect or intentionally expose `/openapi`, `/openapi/json`, Scalar or Swagger UI routes;
|
|
105
|
+
- do not treat `detail.hide` as access control;
|
|
106
|
+
- sign and secure session cookies where applicable;
|
|
107
|
+
- avoid production validation details that leak schema internals.
|
|
108
|
+
17. Review OpenAPI separately from docs UI:
|
|
109
|
+
- the official Elysia OpenAPI plugin and its docs UI provider are not the same thing as the raw OpenAPI document;
|
|
110
|
+
- confirm the raw OpenAPI JSON path, UI provider, and access policy before telling SDK consumers where to read the spec;
|
|
111
|
+
- if `fromTypes()` or type generation is used, verify production and bundled builds can still read the required `.d.ts`, `projectRoot`, and `tsconfigPath`;
|
|
112
|
+
- if Standard Schema is used, verify `mapJsonSchema` or equivalent JSON Schema mapping rather than assuming OpenAPI output is complete;
|
|
113
|
+
- remember `withHeader()` documents response headers; it does not enforce that the runtime sets them.
|
|
114
|
+
18. Review Eden Treaty separately from OpenAPI codegen:
|
|
115
|
+
- export `type App = typeof app` from the server boundary;
|
|
116
|
+
- keep frontend imports type-only so server runtime code does not enter client bundles;
|
|
117
|
+
- keep server and client Elysia versions and strict TypeScript settings aligned;
|
|
118
|
+
- treat route path shape as SDK surface;
|
|
119
|
+
- handle Treaty `error` before assuming `data` is non-null;
|
|
120
|
+
- centralize auth headers in Treaty config or request hooks;
|
|
121
|
+
- split public, admin, internal, WebSocket, and streaming surfaces when one giant `App` type would expose too much or slow typechecking.
|
|
122
|
+
19. Review routing semantics:
|
|
123
|
+
- static, dynamic, wildcard, optional, group, guard, prefix, mount, and `all()` behavior affect auth, cache, generated clients, and tests;
|
|
124
|
+
- auto HEAD behavior, explicit HEAD routes, range responses, SSE, and stream headers need separate verification when relevant;
|
|
125
|
+
- avoid `all()` unless accepting every method is the intended public contract.
|
|
126
|
+
20. If Bun-backed runtime behavior changes, also review Elysia production settings that affect idle timeout, WebSocket backpressure, clustering, compile targets, port binding, Docker build context, and observability. Use `bun-code-change` for Bun-specific edits.
|
|
127
|
+
21. Choose configured verification intents that cover types, server boot, route happy path, validation failure, auth failure, OpenAPI JSON, Eden inference, streaming/WebSocket behavior, and deployment config when available.
|
|
82
128
|
|
|
83
129
|
<!-- mustflow-section: postconditions -->
|
|
84
130
|
## Postconditions
|
|
85
131
|
|
|
86
132
|
- Schemas, runtime validation, and inferred types remain one contract.
|
|
87
133
|
- Error and auth responses are consistent.
|
|
88
|
-
- OpenAPI and Eden impact is known.
|
|
89
|
-
- No route relies on unvalidated input, pre-validation auth context, or erased context types.
|
|
134
|
+
- OpenAPI docs UI, raw OpenAPI JSON, generated SDK, and Eden Treaty impact is known and not conflated.
|
|
135
|
+
- No route relies on unvalidated input, pre-validation auth context, request-specific global state, or erased context types.
|
|
136
|
+
- Plugin scope, hook order, macro behavior, and public route path shape are deliberate.
|
|
137
|
+
- Runtime, streaming, WebSocket, or deploy-specific Elysia/Bun risks are handled or reported.
|
|
90
138
|
|
|
91
139
|
<!-- mustflow-section: verification -->
|
|
92
140
|
## Verification
|
|
@@ -100,7 +148,7 @@ Use configured oneshot command intents when available:
|
|
|
100
148
|
- `docs_validate_fast`
|
|
101
149
|
- `mustflow_check`
|
|
102
150
|
|
|
103
|
-
Report missing route, OpenAPI, or
|
|
151
|
+
Report missing route, OpenAPI JSON, Eden Treaty, streaming, WebSocket, security, Docker, deploy, or runtime verification intents when relevant.
|
|
104
152
|
|
|
105
153
|
<!-- mustflow-section: failure-handling -->
|
|
106
154
|
## Failure Handling
|
|
@@ -108,6 +156,10 @@ Report missing route, OpenAPI, or Eden verification intents when relevant.
|
|
|
108
156
|
- If schema and manual types diverge, make schema the source of truth or report the competing contract.
|
|
109
157
|
- If plugin inference breaks after extraction, return context-sensitive code to the Elysia chain or narrow the extraction.
|
|
110
158
|
- If auth or session state is derived before validation through `.derive`, move it to a validated `.guard()` plus `.resolve()` chain or report the validation-order risk.
|
|
159
|
+
- If OpenAPI output looks correct only in development, inspect type generation inputs and production or bundled artifact availability before trusting generated SDKs.
|
|
160
|
+
- If `detail.hide` is used for sensitive routes, add real access control or report the exposure risk.
|
|
161
|
+
- If Eden types require importing server runtime into a frontend bundle, split type-only exports or report the bundling risk.
|
|
162
|
+
- If streaming, WebSocket, or long-lived request behavior is touched without timeout or backpressure evidence, report the operational risk.
|
|
111
163
|
- If auth behavior is unclear, stop the route change and inspect or request the auth contract.
|
|
112
164
|
|
|
113
165
|
<!-- mustflow-section: output-format -->
|
|
@@ -115,7 +167,9 @@ Report missing route, OpenAPI, or Eden verification intents when relevant.
|
|
|
115
167
|
|
|
116
168
|
- Boundary checked
|
|
117
169
|
- Schema and type inference notes
|
|
118
|
-
-
|
|
170
|
+
- Lifecycle, plugin, macro, auth, and error notes
|
|
171
|
+
- OpenAPI, Scalar or Swagger UI, generated SDK, and Eden Treaty impact
|
|
172
|
+
- Bun-backed runtime, streaming, WebSocket, or deployment notes
|
|
119
173
|
- Files changed
|
|
120
174
|
- Command intents run
|
|
121
175
|
- Skipped checks and reasons
|
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.godot-code-change
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 1
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: godot-code-change
|
|
9
|
+
description: Apply this skill when Godot projects, scenes, nodes, GDScript, C# scripts, Resources, Autoloads, signals, groups, save/load systems, rendering, physics, UI, input, exports, plugins, editor tools, or Godot version migrations are created, changed, reviewed, or upgraded.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.godot-code-change
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- mustflow_check
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
# Godot Code Change
|
|
27
|
+
|
|
28
|
+
<!-- mustflow-section: purpose -->
|
|
29
|
+
## Purpose
|
|
30
|
+
|
|
31
|
+
Preserve Godot scene ownership, node lifecycle, Resource sharing, Autoload boundaries, signal flow,
|
|
32
|
+
save/load integrity, rendering budgets, physics stability, export behavior, and version migration
|
|
33
|
+
assumptions while making focused game or editor-tool changes.
|
|
34
|
+
|
|
35
|
+
Godot work is not "script changes plus some scenes". Many failures come from scene-tree coupling,
|
|
36
|
+
shared Resources mutated as instance state, Autoloads used as global storage, hidden signal
|
|
37
|
+
connections, per-frame tree searches, blocking loads, save files written into `res://`, or renderer
|
|
38
|
+
settings changed without profiling evidence.
|
|
39
|
+
|
|
40
|
+
<!-- mustflow-section: use-when -->
|
|
41
|
+
## Use When
|
|
42
|
+
|
|
43
|
+
- `project.godot`, `.tscn`, `.tres`, `.res`, `.gd`, `.gdshader`, `.cs`, export presets, addons,
|
|
44
|
+
editor plugins, import settings, input maps, autoloads, groups, scenes, nodes, Resources, or
|
|
45
|
+
Godot-specific tests change.
|
|
46
|
+
- Scene composition, ownership, instancing, inherited scenes, node paths, unique names, exported
|
|
47
|
+
NodePath references, groups, signals, tweens, animations, UI Controls, Containers, camera,
|
|
48
|
+
rendering, physics, input, save/load, or export templates are created, changed, reviewed, or
|
|
49
|
+
upgraded.
|
|
50
|
+
- GDScript typing, `await`, signals, callables, `@onready`, `@export`, `ResourceLoader`,
|
|
51
|
+
`ResourceSaver`, `FileAccess`, `DirAccess`, `ConfigFile`, threaded loading, or Autoload behavior
|
|
52
|
+
affects runtime paths.
|
|
53
|
+
- A Godot 3.x to 4.x migration, Godot 4.x minor upgrade, renderer change, platform export change,
|
|
54
|
+
mobile/XR/input change, or plugin compatibility change is part of the task.
|
|
55
|
+
|
|
56
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
57
|
+
## Do Not Use When
|
|
58
|
+
|
|
59
|
+
- The repository does not use Godot and only changes general assets, docs, or game design prose.
|
|
60
|
+
- Generic C#, Rust, C++, JavaScript, or shader code changes have no Godot scene, resource, engine,
|
|
61
|
+
export, editor, or runtime lifecycle effect; use the matching language or asset skill instead.
|
|
62
|
+
- The task only updates external version prose; use source-freshness guidance unless this procedure
|
|
63
|
+
itself changes.
|
|
64
|
+
- Generated import files, caches, exported builds, or `.godot/` state should be regenerated by a
|
|
65
|
+
declared command rather than edited.
|
|
66
|
+
|
|
67
|
+
<!-- mustflow-section: required-inputs -->
|
|
68
|
+
## Required Inputs
|
|
69
|
+
|
|
70
|
+
- Godot version, renderer, platform targets, export presets, project settings, input map, autoload
|
|
71
|
+
list, addon/plugin list, script language mix, and relevant official docs for the version in use.
|
|
72
|
+
- Scene ledger: entry scene, affected `.tscn` files, node ownership, instanced scenes, inherited
|
|
73
|
+
scenes, unique names, NodePaths, groups, signals, animation players, tweens, UI Containers,
|
|
74
|
+
physics nodes, cameras, lights, materials, Resources, and save/load participants.
|
|
75
|
+
- Runtime ledger: `_ready`, `_enter_tree`, `_exit_tree`, `_process`, `_physics_process`, input
|
|
76
|
+
callbacks, threaded loading, timers, deferred calls, scene transitions, queue/free behavior, and
|
|
77
|
+
profiler or frame-time evidence when performance is claimed.
|
|
78
|
+
- Data ledger: user data paths, save schema version, migration path, atomic write strategy,
|
|
79
|
+
Resource cache behavior, config defaults, validation rules, and untrusted file boundaries.
|
|
80
|
+
- Configured verification intents.
|
|
81
|
+
|
|
82
|
+
<!-- mustflow-section: preconditions -->
|
|
83
|
+
## Preconditions
|
|
84
|
+
|
|
85
|
+
- Read project settings, affected scenes, scripts, Resources, autoload declarations, export presets,
|
|
86
|
+
and tests before editing.
|
|
87
|
+
- Identify the Godot major/minor version before applying version-specific syntax, migration, or
|
|
88
|
+
export guidance. Do not mix stable docs for one branch, latest docs for another branch, and blog
|
|
89
|
+
examples as if they were one source.
|
|
90
|
+
- Apply language-specific skills alongside this skill when C#, C++, Rust/GDExtension, shader, or
|
|
91
|
+
package/tooling behavior changes outside the Godot boundary.
|
|
92
|
+
- Apply security, data, performance, UI, accessibility, or release skills when the change touches
|
|
93
|
+
save-file trust, networked games, monetized state, rendering budgets, UI behavior, or export
|
|
94
|
+
artifacts.
|
|
95
|
+
|
|
96
|
+
<!-- mustflow-section: allowed-edits -->
|
|
97
|
+
## Allowed Edits
|
|
98
|
+
|
|
99
|
+
- Keep scenes independently instantiable where practical. Parent nodes may coordinate children, but
|
|
100
|
+
child scenes should not hard-code distant parents, sibling internals, or `/root/Main` paths.
|
|
101
|
+
- Keep nodes for objects with lifecycle, transforms, notifications, or scene-tree behavior. Use
|
|
102
|
+
Resources, RefCounted, plain data, or DTOs for definitions and serializable state.
|
|
103
|
+
- Keep Autoloads limited to true process-wide services such as scene transition, save service,
|
|
104
|
+
audio bus control, settings, telemetry facade, or platform integration.
|
|
105
|
+
- Keep runtime-mutated Resources duplicated, local-to-scene, or separated from authoring data.
|
|
106
|
+
- Keep user-writable data under `user://`, not `res://`.
|
|
107
|
+
- Keep version-specific guidance behind a version gate and omit durable exact "latest" claims unless
|
|
108
|
+
refreshed from official sources.
|
|
109
|
+
|
|
110
|
+
<!-- mustflow-section: procedure -->
|
|
111
|
+
## Procedure
|
|
112
|
+
|
|
113
|
+
1. Read the Godot version, renderer, export targets, project settings, autoload declarations, input
|
|
114
|
+
map, addon list, affected scenes, scripts, Resources, shaders, import/export files, and tests.
|
|
115
|
+
2. Apply the Version Gate:
|
|
116
|
+
- identify current Godot major/minor version and whether the project is 3.x, 4.x, or in a
|
|
117
|
+
migration window;
|
|
118
|
+
- use official docs for the branch actually in use before applying syntax, API, renderer, export,
|
|
119
|
+
or migration behavior;
|
|
120
|
+
- treat stable docs, latest docs, release notes, blog posts, and pasted upgrade notes as
|
|
121
|
+
different evidence tracks until reconciled;
|
|
122
|
+
- for 4.x projects, check obsolete 3.x habits such as `yield`, stringly signal connections,
|
|
123
|
+
renderer assumptions, old physics behavior, and global singleton patterns before copying code.
|
|
124
|
+
3. Build a scene and ownership ledger:
|
|
125
|
+
- entry scene, world/UI split, instanced subscenes, inherited scenes, lifecycle owner, cleanup
|
|
126
|
+
owner, injected dependencies, sibling relationships, NodePaths, groups, signals, and public
|
|
127
|
+
scene contract;
|
|
128
|
+
- reject distant relative paths, `/root/Main` reach-through, sibling-to-sibling hard references,
|
|
129
|
+
and child scenes that cannot run or preview outside one parent unless that coupling is
|
|
130
|
+
intentional and documented.
|
|
131
|
+
4. Review node lifecycle and runtime order:
|
|
132
|
+
- distinguish `_enter_tree`, `_ready`, `_exit_tree`, `_process`, `_physics_process`, input
|
|
133
|
+
callbacks, timers, deferred calls, and scene transition timing;
|
|
134
|
+
- do not assume a new scene is immediately ready after `change_scene_to_*`;
|
|
135
|
+
- remember that `queue_free()` is deferred deletion, `remove_child()` is detachment, and
|
|
136
|
+
`replace_by()` does not automatically free the old node.
|
|
137
|
+
5. Review signals, groups, and flow visibility:
|
|
138
|
+
- use signals for events, not hidden remote commands;
|
|
139
|
+
- avoid duplicate connections on scene re-entry and lambdas that cannot be disconnected when
|
|
140
|
+
lifecycle requires cleanup;
|
|
141
|
+
- prefer typed signal/callable patterns for maintained 4.x code;
|
|
142
|
+
- treat `call_group` and `set_group` as broad broadcasts that can stutter when used on many
|
|
143
|
+
nodes; chunk, defer, or queue high-volume work.
|
|
144
|
+
6. Review Autoload and global state:
|
|
145
|
+
- keep Autoload APIs narrow and service-like;
|
|
146
|
+
- avoid putting player health, enemy state, UI control state, per-level state, or transient
|
|
147
|
+
request data into globals;
|
|
148
|
+
- do not free Autoloads during normal runtime;
|
|
149
|
+
- ensure scene transitions through an Autoload have an explicit ordering contract.
|
|
150
|
+
7. Review Resources and serialized data:
|
|
151
|
+
- remember that path-loaded Resources are cached shared references;
|
|
152
|
+
- never mutate authoring Resources as per-instance runtime state unless they are duplicated or
|
|
153
|
+
local-to-scene by design;
|
|
154
|
+
- keep item definitions, tuning tables, materials, and animation data separate from player save
|
|
155
|
+
state;
|
|
156
|
+
- avoid using instance overrides as an untracked data-management system.
|
|
157
|
+
8. Review GDScript and language boundaries:
|
|
158
|
+
- use static typing on long-lived gameplay systems, save DTOs, inventory, combat math, settings,
|
|
159
|
+
networking, and scene-transition managers;
|
|
160
|
+
- avoid per-frame `find_child`, `find_children`, and `find_parent`; cache references with
|
|
161
|
+
`@onready`, unique names, exported references, or dependency injection;
|
|
162
|
+
- use `_process` only for per-frame behavior, `_physics_process` for fixed-step physics, and
|
|
163
|
+
input callbacks for input events.
|
|
164
|
+
9. Review save/load, config, and file I/O:
|
|
165
|
+
- save state snapshots, not raw node trees;
|
|
166
|
+
- write user data to `user://`;
|
|
167
|
+
- put schema, game/content version, slot id, timestamps, and migration path at the save root;
|
|
168
|
+
- use atomic temp, backup, validate, rename style writes when save loss matters;
|
|
169
|
+
- treat JSON as readable but type-weak; validate parsed data;
|
|
170
|
+
- avoid object deserialization from untrusted files, especially object-enabled Variant loading;
|
|
171
|
+
- use `ConfigFile` for settings, with defaults, validation, apply, and batched save behavior.
|
|
172
|
+
10. Review loading, threads, and deferred work:
|
|
173
|
+
- use threaded resource requests with status polling before getting the loaded resource;
|
|
174
|
+
- avoid calling blocking loads during gameplay spikes or UI opening;
|
|
175
|
+
- do not touch active SceneTree nodes directly from background threads; use deferred calls or a
|
|
176
|
+
main-thread handoff;
|
|
177
|
+
- guard shared data with a clear ownership or mutex policy.
|
|
178
|
+
11. Review rendering, UI, physics, and input:
|
|
179
|
+
- require profiler or frame-time evidence before accepting performance claims;
|
|
180
|
+
- for 3D, check visibility ranges, occlusion, HLOD/LOD, far plane, light counts, shadows,
|
|
181
|
+
materials, shader variants, particles, MultiMesh usage, and camera cost;
|
|
182
|
+
- for 2D, check draw calls, canvas layers, custom drawing invalidation, particles, tilemaps,
|
|
183
|
+
collision shapes, and physics tick stability;
|
|
184
|
+
- for UI, keep Container layout separate from animation transforms and avoid wrapper-node
|
|
185
|
+
sprawl when the current version has a cleaner Control transform path;
|
|
186
|
+
- for mobile/gamepad/XR, check input mode, focus loss, virtual controls, safe areas, and export
|
|
187
|
+
target behavior.
|
|
188
|
+
12. Review export and plugin surfaces:
|
|
189
|
+
- keep export presets, export templates, platform architectures, signing, permissions, splash,
|
|
190
|
+
icon, native plugin, GDExtension, and addon compatibility explicit;
|
|
191
|
+
- do not edit generated imports, cache state, or exported binaries as source;
|
|
192
|
+
- verify release-sensitive export changes with configured package/release checks when available.
|
|
193
|
+
13. Choose configured verification intents that cover scene loading, script parsing/type checks,
|
|
194
|
+
save/load migration, settings validation, scene transitions, rendering smoke, physics/input
|
|
195
|
+
behavior, export metadata, and package/template sync when available.
|
|
196
|
+
|
|
197
|
+
<!-- mustflow-section: rejection-criteria -->
|
|
198
|
+
## Review Rejection Criteria
|
|
199
|
+
|
|
200
|
+
Reject or revise a change when:
|
|
201
|
+
|
|
202
|
+
- Godot 3.x syntax, signals, renderer, physics, or singleton patterns are applied to a 4.x project
|
|
203
|
+
without checking the project version.
|
|
204
|
+
- A subscene reaches distant parents, siblings, or `/root/Main` instead of receiving dependencies
|
|
205
|
+
through its parent, exported references, groups, or a service boundary.
|
|
206
|
+
- Autoload becomes a catch-all for gameplay, UI, level, save, and platform state.
|
|
207
|
+
- Runtime code mutates shared authoring Resources as if each instance owns a copy.
|
|
208
|
+
- Save files are written under `res://`, lack a schema version, or deserialize trusted objects from
|
|
209
|
+
user-controlled data.
|
|
210
|
+
- `_process` performs tree searches, heavy polling, loading, group broadcasts, or work that belongs
|
|
211
|
+
in input callbacks, timers, or cached references.
|
|
212
|
+
- Threads touch live SceneTree nodes directly.
|
|
213
|
+
- Scene transition code assumes old and new scenes are available synchronously after the transition
|
|
214
|
+
call.
|
|
215
|
+
- Rendering, physics, or memory changes claim performance wins without profiler, frame-time, or
|
|
216
|
+
target-device evidence.
|
|
217
|
+
- Export preset or platform changes omit target architecture, signing, permission, template, or
|
|
218
|
+
native-plugin impact.
|
|
219
|
+
|
|
220
|
+
<!-- mustflow-section: postconditions -->
|
|
221
|
+
## Postconditions
|
|
222
|
+
|
|
223
|
+
- Scene ownership, node lifecycle, signals, groups, Autoloads, Resources, save/load, config,
|
|
224
|
+
rendering, physics, input, export, and version assumptions are intentional and reported.
|
|
225
|
+
- Runtime-mutated state is separated from authoring Resources and process-wide services.
|
|
226
|
+
- User-writable files, migrations, atomic writes, and untrusted data boundaries are explicit.
|
|
227
|
+
- Version-specific guidance is refreshed from official sources for the project version or omitted
|
|
228
|
+
from durable claims.
|
|
229
|
+
- Missing scene, save/load, rendering, physics, input, export, or target-device verification is
|
|
230
|
+
reported.
|
|
231
|
+
|
|
232
|
+
<!-- mustflow-section: verification -->
|
|
233
|
+
## Verification
|
|
234
|
+
|
|
235
|
+
Use configured oneshot command intents when available:
|
|
236
|
+
|
|
237
|
+
- `lint`
|
|
238
|
+
- `build`
|
|
239
|
+
- `test_related`
|
|
240
|
+
- `test`
|
|
241
|
+
- `docs_validate_fast`
|
|
242
|
+
- `mustflow_check`
|
|
243
|
+
|
|
244
|
+
Report missing Godot editor import, script parse, scene load, save migration, renderer smoke,
|
|
245
|
+
physics/input, export preset, target-device, or release verification intents when relevant.
|
|
246
|
+
|
|
247
|
+
<!-- mustflow-section: failure-handling -->
|
|
248
|
+
## Failure Handling
|
|
249
|
+
|
|
250
|
+
- If scene behavior is unclear, build the scene and ownership ledger before changing scripts.
|
|
251
|
+
- If runtime errors mention missing nodes, inspect NodePaths, unique names, scene instancing,
|
|
252
|
+
lifecycle order, and scene transition timing before adding broader globals.
|
|
253
|
+
- If shared data changes leak across instances, inspect Resource cache, duplication, local-to-scene,
|
|
254
|
+
instance overrides, and authored-versus-runtime state separation.
|
|
255
|
+
- If save/load fails, inspect path choice, schema version, migration, parse errors, type validation,
|
|
256
|
+
atomic write behavior, and untrusted object deserialization.
|
|
257
|
+
- If performance cannot be measured by configured intents, report the missing profiler, scene-load,
|
|
258
|
+
target-device, or export-smoke coverage instead of claiming a performance fix.
|
|
259
|
+
- If official source freshness cannot be checked for a version, release, migration, or export claim,
|
|
260
|
+
omit the claim from durable skill text and report it as unverified snapshot context.
|
|
261
|
+
|
|
262
|
+
<!-- mustflow-section: output-format -->
|
|
263
|
+
## Output Format
|
|
264
|
+
|
|
265
|
+
- Boundary checked
|
|
266
|
+
- Godot version, renderer, scene, node, signal, Resource, Autoload, and lifecycle notes
|
|
267
|
+
- Save/load, config, file I/O, threaded loading, and untrusted data notes
|
|
268
|
+
- Rendering, physics, UI, input, export, plugin, and target-platform notes
|
|
269
|
+
- Files changed
|
|
270
|
+
- Command intents run
|
|
271
|
+
- Skipped checks and reasons
|
|
272
|
+
- Remaining Godot risk
|