mustflow 2.108.2 → 2.108.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -0
- package/dist/cli/commands/script-pack.js +3 -0
- package/dist/cli/i18n/en.js +37 -0
- package/dist/cli/i18n/es.js +37 -0
- package/dist/cli/i18n/fr.js +37 -0
- package/dist/cli/i18n/hi.js +37 -0
- package/dist/cli/i18n/ko.js +37 -0
- package/dist/cli/i18n/zh.js +37 -0
- package/dist/cli/lib/command-registry.js +3 -0
- package/dist/cli/lib/script-pack-registry.js +84 -0
- package/dist/cli/script-packs/repo-automation-surface.js +88 -0
- package/dist/cli/script-packs/repo-dependency-surface.js +87 -0
- package/dist/cli/script-packs/repo-toolchain-provenance.js +90 -0
- package/dist/core/public-json-contracts.js +27 -0
- package/dist/core/repo-automation-surface.js +376 -0
- package/dist/core/repo-dependency-surface.js +282 -0
- package/dist/core/repo-toolchain-provenance.js +421 -0
- package/dist/core/script-pack-suggestions.js +33 -1
- package/package.json +1 -1
- package/schemas/README.md +10 -0
- package/schemas/repo-automation-surface-report.schema.json +148 -0
- package/schemas/repo-dependency-surface-report.schema.json +121 -0
- package/schemas/repo-toolchain-provenance-report.schema.json +124 -0
- package/templates/default/i18n.toml +5 -5
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +5 -5
- package/templates/default/locales/en/.mustflow/skills/go-code-change/SKILL.md +56 -17
- package/templates/default/locales/en/.mustflow/skills/python-code-change/SKILL.md +86 -27
- package/templates/default/locales/en/.mustflow/skills/routes.toml +4 -4
- package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +51 -32
- package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +47 -29
- package/templates/default/manifest.toml +1 -1
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/repo-dependency-surface-report.schema.json",
|
|
4
|
+
"title": "mustflow repo dependency-surface report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"input",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"summary",
|
|
20
|
+
"surfaces",
|
|
21
|
+
"findings",
|
|
22
|
+
"issues"
|
|
23
|
+
],
|
|
24
|
+
"properties": {
|
|
25
|
+
"schema_version": { "const": "1" },
|
|
26
|
+
"command": { "const": "script-pack" },
|
|
27
|
+
"pack_id": { "const": "repo" },
|
|
28
|
+
"script_id": { "const": "dependency-surface" },
|
|
29
|
+
"script_ref": { "const": "repo/dependency-surface" },
|
|
30
|
+
"action": { "const": "inspect" },
|
|
31
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
32
|
+
"ok": { "type": "boolean" },
|
|
33
|
+
"mustflow_root": { "type": "string" },
|
|
34
|
+
"input": { "$ref": "#/$defs/input" },
|
|
35
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
36
|
+
"summary": { "$ref": "#/$defs/summary" },
|
|
37
|
+
"surfaces": { "type": "array", "items": { "$ref": "#/$defs/surface" } },
|
|
38
|
+
"findings": { "type": "array", "items": { "$ref": "#/$defs/finding" } },
|
|
39
|
+
"issues": { "type": "array", "items": { "type": "string" } }
|
|
40
|
+
},
|
|
41
|
+
"$defs": {
|
|
42
|
+
"sha256": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" },
|
|
43
|
+
"input": {
|
|
44
|
+
"type": "object",
|
|
45
|
+
"additionalProperties": false,
|
|
46
|
+
"required": ["scanned_paths", "max_file_bytes"],
|
|
47
|
+
"properties": {
|
|
48
|
+
"scanned_paths": { "type": "array", "items": { "type": "string", "minLength": 1 } },
|
|
49
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 }
|
|
50
|
+
}
|
|
51
|
+
},
|
|
52
|
+
"summary": {
|
|
53
|
+
"type": "object",
|
|
54
|
+
"additionalProperties": false,
|
|
55
|
+
"required": [
|
|
56
|
+
"surface_count",
|
|
57
|
+
"manifest_count",
|
|
58
|
+
"lockfile_count",
|
|
59
|
+
"update_config_count",
|
|
60
|
+
"audit_config_count",
|
|
61
|
+
"ecosystem_count",
|
|
62
|
+
"finding_count"
|
|
63
|
+
],
|
|
64
|
+
"properties": {
|
|
65
|
+
"surface_count": { "type": "integer", "minimum": 0 },
|
|
66
|
+
"manifest_count": { "type": "integer", "minimum": 0 },
|
|
67
|
+
"lockfile_count": { "type": "integer", "minimum": 0 },
|
|
68
|
+
"update_config_count": { "type": "integer", "minimum": 0 },
|
|
69
|
+
"audit_config_count": { "type": "integer", "minimum": 0 },
|
|
70
|
+
"ecosystem_count": { "type": "integer", "minimum": 0 },
|
|
71
|
+
"finding_count": { "type": "integer", "minimum": 0 }
|
|
72
|
+
}
|
|
73
|
+
},
|
|
74
|
+
"surface": {
|
|
75
|
+
"type": "object",
|
|
76
|
+
"additionalProperties": false,
|
|
77
|
+
"required": ["id", "ecosystem", "kind", "path", "line", "name", "evidence"],
|
|
78
|
+
"properties": {
|
|
79
|
+
"id": { "type": "string", "minLength": 1 },
|
|
80
|
+
"ecosystem": { "enum": ["go", "javascript", "python", "rust"] },
|
|
81
|
+
"kind": {
|
|
82
|
+
"enum": [
|
|
83
|
+
"audit_config",
|
|
84
|
+
"dependency_update_config",
|
|
85
|
+
"lockfile",
|
|
86
|
+
"manifest",
|
|
87
|
+
"package_manager_config",
|
|
88
|
+
"workspace_config"
|
|
89
|
+
]
|
|
90
|
+
},
|
|
91
|
+
"path": { "type": "string", "minLength": 1 },
|
|
92
|
+
"line": { "type": ["integer", "null"], "minimum": 1 },
|
|
93
|
+
"name": { "type": "string", "minLength": 1 },
|
|
94
|
+
"evidence": { "type": "string", "minLength": 1 }
|
|
95
|
+
}
|
|
96
|
+
},
|
|
97
|
+
"finding": {
|
|
98
|
+
"type": "object",
|
|
99
|
+
"additionalProperties": false,
|
|
100
|
+
"required": ["code", "severity", "message", "path", "json_pointer", "metric", "actual", "expected"],
|
|
101
|
+
"properties": {
|
|
102
|
+
"code": {
|
|
103
|
+
"enum": [
|
|
104
|
+
"conflicting_javascript_lockfiles",
|
|
105
|
+
"manifest_without_lockfile",
|
|
106
|
+
"update_automation_without_policy",
|
|
107
|
+
"lockfile_without_manifest",
|
|
108
|
+
"dependency_surface_without_update_automation"
|
|
109
|
+
]
|
|
110
|
+
},
|
|
111
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
112
|
+
"message": { "type": "string" },
|
|
113
|
+
"path": { "type": "string", "minLength": 1 },
|
|
114
|
+
"json_pointer": { "type": ["string", "null"] },
|
|
115
|
+
"metric": { "type": ["string", "null"] },
|
|
116
|
+
"actual": { "type": ["number", "null"] },
|
|
117
|
+
"expected": { "type": ["number", "null"] }
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/repo-toolchain-provenance-report.schema.json",
|
|
4
|
+
"title": "mustflow repo toolchain-provenance report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"input",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"summary",
|
|
20
|
+
"sources",
|
|
21
|
+
"lockfiles",
|
|
22
|
+
"findings",
|
|
23
|
+
"issues"
|
|
24
|
+
],
|
|
25
|
+
"properties": {
|
|
26
|
+
"schema_version": { "const": "1" },
|
|
27
|
+
"command": { "const": "script-pack" },
|
|
28
|
+
"pack_id": { "const": "repo" },
|
|
29
|
+
"script_id": { "const": "toolchain-provenance" },
|
|
30
|
+
"script_ref": { "const": "repo/toolchain-provenance" },
|
|
31
|
+
"action": { "const": "inspect" },
|
|
32
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
33
|
+
"ok": { "type": "boolean" },
|
|
34
|
+
"mustflow_root": { "type": "string" },
|
|
35
|
+
"input": { "$ref": "#/$defs/input" },
|
|
36
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
37
|
+
"summary": { "$ref": "#/$defs/summary" },
|
|
38
|
+
"sources": { "type": "array", "items": { "$ref": "#/$defs/source" } },
|
|
39
|
+
"lockfiles": { "type": "array", "items": { "type": "string", "minLength": 1 } },
|
|
40
|
+
"findings": { "type": "array", "items": { "$ref": "#/$defs/finding" } },
|
|
41
|
+
"issues": { "type": "array", "items": { "type": "string" } }
|
|
42
|
+
},
|
|
43
|
+
"$defs": {
|
|
44
|
+
"sha256": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" },
|
|
45
|
+
"input": {
|
|
46
|
+
"type": "object",
|
|
47
|
+
"additionalProperties": false,
|
|
48
|
+
"required": ["scanned_paths", "max_file_bytes"],
|
|
49
|
+
"properties": {
|
|
50
|
+
"scanned_paths": { "type": "array", "items": { "type": "string", "minLength": 1 } },
|
|
51
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 }
|
|
52
|
+
}
|
|
53
|
+
},
|
|
54
|
+
"summary": {
|
|
55
|
+
"type": "object",
|
|
56
|
+
"additionalProperties": false,
|
|
57
|
+
"required": [
|
|
58
|
+
"source_count",
|
|
59
|
+
"runtime_count",
|
|
60
|
+
"package_manager_count",
|
|
61
|
+
"lockfile_count",
|
|
62
|
+
"ci_source_count",
|
|
63
|
+
"finding_count"
|
|
64
|
+
],
|
|
65
|
+
"properties": {
|
|
66
|
+
"source_count": { "type": "integer", "minimum": 0 },
|
|
67
|
+
"runtime_count": { "type": "integer", "minimum": 0 },
|
|
68
|
+
"package_manager_count": { "type": "integer", "minimum": 0 },
|
|
69
|
+
"lockfile_count": { "type": "integer", "minimum": 0 },
|
|
70
|
+
"ci_source_count": { "type": "integer", "minimum": 0 },
|
|
71
|
+
"finding_count": { "type": "integer", "minimum": 0 }
|
|
72
|
+
}
|
|
73
|
+
},
|
|
74
|
+
"source": {
|
|
75
|
+
"type": "object",
|
|
76
|
+
"additionalProperties": false,
|
|
77
|
+
"required": ["kind", "source_kind", "path", "line", "key", "value"],
|
|
78
|
+
"properties": {
|
|
79
|
+
"kind": { "enum": ["bun", "docker", "go", "node", "package_manager", "python", "rust"] },
|
|
80
|
+
"source_kind": {
|
|
81
|
+
"enum": [
|
|
82
|
+
"ci_workflow",
|
|
83
|
+
"dockerfile",
|
|
84
|
+
"go_mod",
|
|
85
|
+
"mise_toml",
|
|
86
|
+
"node_version_file",
|
|
87
|
+
"package_json",
|
|
88
|
+
"python_version_file",
|
|
89
|
+
"pyproject_toml",
|
|
90
|
+
"rust_toolchain",
|
|
91
|
+
"tool_versions"
|
|
92
|
+
]
|
|
93
|
+
},
|
|
94
|
+
"path": { "type": "string", "minLength": 1 },
|
|
95
|
+
"line": { "type": ["integer", "null"], "minimum": 1 },
|
|
96
|
+
"key": { "type": "string", "minLength": 1 },
|
|
97
|
+
"value": { "type": "string", "minLength": 1 }
|
|
98
|
+
}
|
|
99
|
+
},
|
|
100
|
+
"finding": {
|
|
101
|
+
"type": "object",
|
|
102
|
+
"additionalProperties": false,
|
|
103
|
+
"required": ["code", "severity", "message", "path", "json_pointer", "metric", "actual", "expected"],
|
|
104
|
+
"properties": {
|
|
105
|
+
"code": {
|
|
106
|
+
"enum": [
|
|
107
|
+
"conflicting_node_version_sources",
|
|
108
|
+
"conflicting_package_manager_lockfiles",
|
|
109
|
+
"package_manager_without_lockfile",
|
|
110
|
+
"toolchain_declared_without_package_manager",
|
|
111
|
+
"runtime_declared_in_ci_only"
|
|
112
|
+
]
|
|
113
|
+
},
|
|
114
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
115
|
+
"message": { "type": "string" },
|
|
116
|
+
"path": { "type": "string", "minLength": 1 },
|
|
117
|
+
"json_pointer": { "type": ["string", "null"] },
|
|
118
|
+
"metric": { "type": ["string", "null"] },
|
|
119
|
+
"actual": { "type": ["number", "null"] },
|
|
120
|
+
"expected": { "type": ["number", "null"] }
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
}
|
|
@@ -62,7 +62,7 @@ translations = {}
|
|
|
62
62
|
[documents."skills.index"]
|
|
63
63
|
source = "locales/en/.mustflow/skills/INDEX.md"
|
|
64
64
|
source_locale = "en"
|
|
65
|
-
revision =
|
|
65
|
+
revision = 211
|
|
66
66
|
translations = {}
|
|
67
67
|
|
|
68
68
|
[documents."skill.adapter-boundary"]
|
|
@@ -709,7 +709,7 @@ translations = {}
|
|
|
709
709
|
[documents."skill.go-code-change"]
|
|
710
710
|
source = "locales/en/.mustflow/skills/go-code-change/SKILL.md"
|
|
711
711
|
source_locale = "en"
|
|
712
|
-
revision =
|
|
712
|
+
revision = 5
|
|
713
713
|
translations = {}
|
|
714
714
|
|
|
715
715
|
[documents."skill.godot-code-change"]
|
|
@@ -763,7 +763,7 @@ translations = {}
|
|
|
763
763
|
[documents."skill.python-code-change"]
|
|
764
764
|
source = "locales/en/.mustflow/skills/python-code-change/SKILL.md"
|
|
765
765
|
source_locale = "en"
|
|
766
|
-
revision =
|
|
766
|
+
revision = 5
|
|
767
767
|
translations = {}
|
|
768
768
|
|
|
769
769
|
[documents."skill.powershell-code-change"]
|
|
@@ -787,7 +787,7 @@ translations = {}
|
|
|
787
787
|
[documents."skill.rust-code-change"]
|
|
788
788
|
source = "locales/en/.mustflow/skills/rust-code-change/SKILL.md"
|
|
789
789
|
source_locale = "en"
|
|
790
|
-
revision =
|
|
790
|
+
revision = 7
|
|
791
791
|
translations = {}
|
|
792
792
|
|
|
793
793
|
[documents."skill.runtime-target-selection"]
|
|
@@ -835,7 +835,7 @@ translations = {}
|
|
|
835
835
|
[documents."skill.typescript-code-change"]
|
|
836
836
|
source = "locales/en/.mustflow/skills/typescript-code-change/SKILL.md"
|
|
837
837
|
source_locale = "en"
|
|
838
|
-
revision =
|
|
838
|
+
revision = 7
|
|
839
839
|
translations = {}
|
|
840
840
|
|
|
841
841
|
[documents."skill.unocss-code-change"]
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
mustflow_doc: skills.index
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 211
|
|
6
6
|
authority: router
|
|
7
7
|
lifecycle: mustflow-owned
|
|
8
8
|
---
|
|
@@ -562,12 +562,12 @@ routes. Event routes stay inactive until their event occurs.
|
|
|
562
562
|
| Node.js runtime code, package manager ownership, module format, package entry metadata, native dependencies, Node test runner behavior, TypeScript execution mode, or deployment runtime support is created or changed | `.mustflow/skills/node-code-change/SKILL.md` | Node version signals, package manager and lockfile owner, module/package metadata, TypeScript loader, test runner, native dependency, deployment target, and command contract entries | Node runtime code, package metadata, lockfiles, scripts, CI or Docker runtime declarations, test runner config, native dependency handling, docs examples, and directly synchronized package surfaces | newest-Node assumption, package manager drift, ESM/CJS break, blocked deep import, native dependency break, Node native TypeScript overclaim, test runner migration risk, deployment mismatch, or permission-model overclaim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Runtime and package manager decision, module/package entry notes, TypeScript/test runner notes, native/deployment risks, verification, and remaining Node.js risk |
|
|
563
563
|
| Bun runtime code, `Bun.serve`, Elysia-on-Bun server behavior, Bun package manager behavior, `bun.lock`, `bunfig.toml`, Bun test runner behavior, Bun bundling, Bun compile, Bun TypeScript execution, Docker deployment, or Bun-specific APIs are created or changed | `.mustflow/skills/bun-code-change/SKILL.md` | Bun role signals, `package.json`, Bun and non-Bun lockfiles, `bunfig.toml`, CI/Docker Bun setup, TypeScript config, Bun APIs, server timeout and WebSocket settings, compile target, native dependency signals, and command contract entries | Bun runtime code, server config, package manager metadata, lockfiles, `bunfig.toml`, scripts, tests, bundler or compile config, TypeScript/declaration pipeline, Docker/deploy config, package metadata, and directly synchronized docs | Bun role confusion, lockfile drift, trusted dependency overgrant, runtime/package-manager conflation, Bun TypeScript typecheck overclaim, Bun build declaration gap, server timeout or WebSocket backpressure gap, compile target break, Node compatibility break, shebang mismatch, Docker/PORT drift, observability loss, or native binary break | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Bun role classification, lockfile/trust notes, runtime/type/build/test/deploy notes, Node compatibility risks, verification, and remaining Bun risk |
|
|
564
564
|
| Dockerfiles, `.dockerignore`, Docker Compose files, BuildKit or buildx behavior, container image metadata, tags, entrypoints, health checks, Docker CI workflows, image security scanning, SBOM or provenance settings, registry publishing, or container runtime validation are created or changed | `.mustflow/skills/docker-code-change/SKILL.md` | Docker surfaces, project image shape, base image and platform signals, build context and cache signals, runtime contract, security and supply-chain contract, and command contract entries | Dockerfiles, `.dockerignore`, Compose files, container CI workflow snippets, image metadata, package tests, docs examples, template metadata, and directly synchronized skill routes | cache breakage, secret leak, root runtime, host access escape, dev dependency in final image, mutable tag drift, untrusted CI publish, missing SBOM/provenance, unverified runtime, or false production-readiness claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Docker surface classification, image/base/cache/stage decisions, secret/user/runtime/Compose/CI supply-chain notes, verification, and remaining Docker risk |
|
|
565
|
-
| TypeScript source, declarations, tsconfig, package exports, module resolution, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces, TypeScript 7 RC or nightly tooling, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, compiler track, package entry metadata, target runtime, changed files, declaration, TS6 API, TS7 RC, and optional TS7 nightly surfaces, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, compiler-track comparison notes, and directly synchronized docs | weakened type safety, module drift, public API drift, unverified declaration output, TypeScript 6 deprecation suppression, TS7 RC over-adoption, TS7 nightly over-adoption, or compiler API track drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, public API, compiler-version, RC, nightly, and API-track boundary checked, changes made, verification, and remaining TypeScript risk |
|
|
565
|
+
| TypeScript source, declarations, tsconfig, package exports, module resolution, project references, type-check performance, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces, TypeScript 7 RC or nightly tooling, runtime data validation, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, compiler track, package entry metadata, target runtime, changed files, declaration, project references, package graph, TS6 API, TS7 RC, and optional TS7 nightly surfaces, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, project-reference and type-graph notes, compiler-track comparison notes, and directly synchronized docs | weakened type safety, module drift, public API drift, DTO/domain drift, runtime validation gap, type-graph bloat, path alias boundary bypass, unverified declaration output, TypeScript 6 deprecation suppression, TS7 RC over-adoption, TS7 nightly over-adoption, or compiler API track drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, public API, project-reference, type-performance, compiler-version, RC, nightly, and API-track boundary checked, changes made, verification, and remaining TypeScript risk |
|
|
566
566
|
| JavaScript source, module format, package entry, browser or Node runtime, dependency usage, Promise handling, bundler config, or JavaScript tests are created or changed | `.mustflow/skills/javascript-code-change/SKILL.md` | Package metadata, module system, runtime target, entrypoints, changed files, and command contract entries | JavaScript source, package exports, bundler config, dependencies, tests, and docs examples | runtime API leakage, ESM/CJS drift, discarded Promise, dependency bloat, or broken package entry | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime and module boundary checked, async and dependency notes, verification, and remaining JavaScript risk |
|
|
567
|
-
| Python source, package metadata, runtime version, import layout, type checking, linting, CLI entry points, or tests are created or changed | `.mustflow/skills/python-code-change/SKILL.md` | Python version source, packaging files, import layout, lint/type/test config, changed files, and command contract entries | Python source, packaging metadata, imports, type hints, tests, and docs examples | unsupported syntax, import hacks, packaging drift, swallowed
|
|
567
|
+
| Python source, package metadata, runtime version, import layout, architecture boundaries, type checking, async tasks, exception/logging/retry behavior, collection performance, pytest fixtures or mocks, linting, CLI entry points, or tests are created or changed | `.mustflow/skills/python-code-change/SKILL.md` | Python version source, packaging files, build backend or package-manager owner, import layout, architecture boundary, lint/type/test config, async/failure/performance surface, changed files, and command contract entries | Python source, packaging metadata, imports, type hints, adapters, async ownership, exception/logging/retry code, collection hot paths, tests, and docs examples | unsupported syntax, import hacks, packaging drift, framework or ORM leakage into domain code, false type safety, unowned task, swallowed cancellation, retry storm, hidden fallback, copy-heavy hot path, fixture state leak, bare mock lie, or weakened lint/type checks | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, packaging, import, architecture, type, async, failure, performance, and test boundary checked, verification, and remaining Python risk |
|
|
568
568
|
| PowerShell scripts, modules, command examples, `pwsh` invocations, native-command wrappers, quoting, here-strings, splatting, regex, wildcard, replacement strings, or PowerShell argument passing are created or changed | `.mustflow/skills/powershell-code-change/SKILL.md` | PowerShell version and invocation path, parser layers, native-command boundary, dynamic input boundaries, changed files, and command contract entries | PowerShell scripts, modules, package scripts, CI snippets, docs examples, native-command wrappers, tests, and directly synchronized docs | parser-layer confusion, quote loss, variable over-expansion, metacharacter interpretation, native argv drift, command injection, `--%` overuse, or cross-shell `-Command` breakage | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | PowerShell version and invocation boundary, parser ledger, string/here-string/regex/wildcard/replacement/native argv decisions, verification, and remaining PowerShell risk |
|
|
569
|
-
| Go source, modules, package APIs, interfaces, errors, goroutines, channels, context propagation, HTTP clients or servers, reverse proxies, JSON encoding, filesystem roots, network addresses, runtime limits, benchmarks, tools, tests, or generated-code boundaries are created or changed | `.mustflow/skills/go-code-change/SKILL.md` | Module files, Go version support, full package files, tests, public API surface, concurrency owner, runtime/deployment context, changed files, and command contract entries | Go packages, module metadata, interfaces, errors, concurrency code, HTTP/proxy code, JSON encoding, filesystem and network helpers, runtime settings, tests, tools, and docs examples | unnecessary abstraction, unsupported Go feature, context loss, goroutine leak, missing timeout, JSON contract drift, filesystem traversal, IPv6 host-port bug, runtime tuning drift, error contract drift, or
|
|
570
|
-
| Rust source, Cargo metadata, features, traits, errors, ownership, async
|
|
569
|
+
| Go source, modules, workspaces, package APIs, package layout, `internal` boundaries, interfaces, structs, errors, goroutines, channels, context propagation, HTTP clients or servers, graceful shutdown, reverse proxies, JSON encoding, filesystem roots, network addresses, runtime limits, profiling, benchmarks, tools, tests, or generated-code boundaries are created or changed | `.mustflow/skills/go-code-change/SKILL.md` | Module files, workspace policy, Go version support, full package files, tests, public API surface, package ownership, concurrency owner, runtime/deployment context, changed files, and command contract entries | Go packages, module and workspace metadata, internal boundaries, interfaces, structs, errors, concurrency code, HTTP/shutdown/proxy code, JSON encoding, filesystem and network helpers, runtime settings, profiling and benchmarks, tests, tools, and docs examples | unnecessary abstraction, module boundary drift, unsupported Go feature, context loss, goroutine leak, missing timeout, unsafe shutdown, JSON contract drift, filesystem traversal, IPv6 host-port bug, runtime tuning drift, performance folklore, error contract drift, or dependency drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Package, API, module/workspace, Go version, context, concurrency, runtime, HTTP/shutdown, JSON, filesystem, profiling, tool, and error boundary checked, verification, and remaining Go risk |
|
|
570
|
+
| Rust source, Cargo metadata, features, traits, errors, ownership, borrowing, lifetimes, `Clone`, `Rc`, `Arc`, `Mutex`, `RefCell`, async tasks, channels, cancellation, unsafe code, allocation, zero-copy, tests, examples, benchmarks, release profiles, MSRV, toolchain declarations, standard-library APIs, or public crate APIs are created or changed | `.mustflow/skills/rust-code-change/SKILL.md` | Cargo metadata, feature flags, public exports, ownership map, error convention, async runtime, task and channel policy, unsafe invariants, allocation or benchmark evidence, `rust-version`, edition, toolchain, workspace policy, changed files, and command contract entries | Rust source, Cargo metadata, features, errors, traits, ownership signatures, async task/channel code, tests, examples, benchmarks, profiles, and docs | clone or shared-state aliasing, lifetime debt, error opacity, unsupported Rust feature, feature drift, Cargo resolver drift, async runtime mixing, task or channel leak, zero-copy retention bug, allocation folklore, unsafe invariant loss, release-profile overclaim, or public API breakage | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Ownership, MSRV, standard-library API, Cargo feature, error, async task/channel/cancellation, allocation, unsafe, release-profile, and public API boundary checked, verification, and remaining Rust risk |
|
|
571
571
|
| Axum apps, routers, handlers, extractors, state, extensions, middleware, Tower or Tower-HTTP layers, CORS, cookies, headers, WebSockets, body limits, rejections, error responses, Tokio tasks or locks, SQLx pools, or Rust HTTP API tests are created, changed, reviewed, or upgraded | `.mustflow/skills/axum-code-change/SKILL.md` | Cargo and Axum-related crate version evidence, router ledger, handler and extractor contracts, state and extension owners, middleware and Tower stack, response envelope, Tokio runtime, SQLx pool and transaction boundaries, changed files, and command contract entries | Axum routers, handlers, extractors, state, extensions, middleware, Tower layers, CORS/cookie/header policy, error and rejection mapping, Tokio task and lock boundaries, SQLx pool setup, tests, and docs examples | stale Axum version claim, route syntax migration drift, auth or body-consuming extractor bug, `State` versus `Extension` leak, inconsistent error envelope, fallible Tower error not mapped to response, CORS-as-auth mistake, cookie confidentiality gap, sensitive header logging, body-limit bypass, unbounded spawn, lock contention, pool starvation, or transaction lifetime leak | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Axum version, route, handler, extractor, state, response, Tower middleware, CORS/cookie/header/body-limit, Tokio task/lock, SQLx pool, verification, and remaining Axum risk |
|
|
572
572
|
| Godot projects, scenes, nodes, GDScript, C# scripts, Resources, Autoloads, signals, groups, save/load systems, rendering, physics, UI, input, exports, plugins, editor tools, or Godot version migrations are created, changed, reviewed, or upgraded | `.mustflow/skills/godot-code-change/SKILL.md` | Godot version, renderer, platform targets, project settings, input map, autoloads, addons, affected scenes, scripts, Resources, save/load participants, export presets, profiler evidence when performance is claimed, and command contract entries | Godot scenes, nodes, GDScript or C# scripts, Resources, Autoloads, signals, groups, save/load systems, rendering, physics, UI, input, exports, plugins, editor tools, tests, and docs examples | stale Godot version claim, scene-tree reach-through, global-state sprawl, shared Resource mutation, hidden signal flow, save corruption, thread-unsafe SceneTree access, renderer regression, target-device drift, export preset drift, or stale migration advice | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Godot version, renderer, scene, node, signal, Resource, Autoload, save/load, rendering, physics, UI, input, export, verification, and remaining Godot risk |
|
|
573
573
|
| Dart source, pub package metadata, null safety, Futures, Streams, isolates, analyzer lints, tests, CLI entry points, or public package APIs are created or changed | `.mustflow/skills/dart-code-change/SKILL.md` | Pub metadata, analyzer config, public exports, async ownership, package layout, changed files, and command contract entries | Dart source, pub metadata, exports, async code, tests, examples, and docs | null-safety bypass, discarded Future, uncanceled Stream, isolate ownership drift, or public API breakage | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Nullability, async, stream, isolate, and API boundary checked, verification, and remaining Dart risk |
|
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
mustflow_doc: skill.go-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 5
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: go-code-change
|
|
9
|
-
description: Apply this skill when Go source, modules, package APIs, interfaces, errors, goroutines, channels, context propagation, HTTP clients or servers, reverse proxies, JSON encoding, filesystem roots, network addresses, runtime limits, benchmarks, tests, tools, or generated code boundaries are created or changed.
|
|
9
|
+
description: Apply this skill when Go source, modules, workspaces, package APIs, package layout, internal boundaries, interfaces, structs, errors, goroutines, channels, context propagation, HTTP clients or servers, graceful shutdown, reverse proxies, JSON encoding, filesystem roots, network addresses, runtime limits, profiling, benchmarks, tests, tools, or generated code boundaries are created or changed.
|
|
10
10
|
metadata:
|
|
11
11
|
mustflow_schema: "1"
|
|
12
12
|
mustflow_kind: procedure
|
|
@@ -28,13 +28,13 @@ metadata:
|
|
|
28
28
|
<!-- mustflow-section: purpose -->
|
|
29
29
|
## Purpose
|
|
30
30
|
|
|
31
|
-
Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JSON, filesystem, and test boundaries without adding needless abstraction.
|
|
31
|
+
Preserve Go package, module, workspace, API, error, context, concurrency, runtime, HTTP, JSON, filesystem, performance, and test boundaries without adding needless abstraction.
|
|
32
32
|
|
|
33
33
|
<!-- mustflow-section: use-when -->
|
|
34
34
|
## Use When
|
|
35
35
|
|
|
36
|
-
- `.go`, `go.mod`, `go.sum`, `go.work`, build tags, generated code, public package API, tests, benchmarks, goroutines, channels, context propagation, HTTP clients or servers, reverse proxies, JSON encoding, filesystem access, network addresses, runtime tuning, tools, or module dependencies change.
|
|
37
|
-
- The task touches interfaces, error wrapping, package structure, concurrency ownership, cancellation, timeout policy, memory limits, race-sensitive code, benchmark measurement, or module dependencies.
|
|
36
|
+
- `.go`, `go.mod`, `go.sum`, `go.work`, build tags, generated code, public package API, tests, benchmarks, goroutines, channels, context propagation, HTTP clients or servers, graceful shutdown, reverse proxies, JSON encoding, filesystem access, network addresses, runtime tuning, profiling, tools, or module dependencies change.
|
|
37
|
+
- The task touches interfaces, structs, zero-value behavior, error wrapping, package structure, `internal` boundaries, import direction, concurrency ownership, cancellation, timeout policy, memory limits, race-sensitive code, benchmark measurement, or module dependencies.
|
|
38
38
|
- Code or docs use Go-version-gated features such as expression operands to `new`, range-over-function iterators, generic type aliases, reflect iterators, `errors.AsType`, `sync.WaitGroup.Go`, `testing/synctest`, `testing.B.Loop`, `T.ArtifactDir`, `B.ArtifactDir`, `F.ArtifactDir`, `testing/cryptotest.SetGlobalRandom`, `os.Root` or `os.OpenInRoot`, `omitzero`, `go.mod` `tool`, `go fix` modernizers, `encoding/json/v2`, experimental `GOEXPERIMENT` features, or newer runtime defaults.
|
|
39
39
|
|
|
40
40
|
<!-- mustflow-section: do-not-use-when -->
|
|
@@ -49,6 +49,7 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
49
49
|
- `go.mod`, `go.sum`, `go.work`, build tooling, lint config, and CI hints.
|
|
50
50
|
- All files in the changed package, including `_test.go`, build-tagged files, examples, and generated-file markers.
|
|
51
51
|
- The public API surface when exported identifiers, errors, or package paths change.
|
|
52
|
+
- Package ownership, import direction, `internal` visibility, module path, major-version suffix, workspace usage, and whether the project is an importable library, self-contained server, tool, or monorepo.
|
|
52
53
|
- Runtime and deployment context when the change touches HTTP, goroutines, timers, memory, `GOMAXPROCS`, cgroups, race detection, PGO, profiling, or container behavior.
|
|
53
54
|
- Minimum supported Go version, `go` directive, `toolchain` directive, `GOEXPERIMENT`, and whether the feature is stable, experimental, or repository-pinned.
|
|
54
55
|
- Configured verification intents.
|
|
@@ -67,6 +68,9 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
67
68
|
- Keep interfaces small and preferably owned by the consuming side.
|
|
68
69
|
- Return concrete provider types from provider packages unless the package intentionally hides multiple implementations as its public API.
|
|
69
70
|
- Keep domain and use-case packages free of SQL, HTTP transport, queue, cloud SDK, ORM, and vendor persistence types unless those types are the explicit public API.
|
|
71
|
+
- Use `internal` to protect implementation freedom for server and tool packages that are not meant to be imported.
|
|
72
|
+
- Keep structs, constructors, and zero values aligned with invariants: make the zero value useful, harmless, or impossible to misuse.
|
|
73
|
+
- Split domain, storage, JSON, and transport DTO shapes when they have different owners, lifetimes, validation rules, or compatibility contracts.
|
|
70
74
|
- Preserve context propagation across API and goroutine boundaries.
|
|
71
75
|
- Return actionable errors and wrap causes when callers need `errors.Is` or `errors.As`.
|
|
72
76
|
- Add table-driven tests when they clarify behavior.
|
|
@@ -76,43 +80,57 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
76
80
|
## Procedure
|
|
77
81
|
|
|
78
82
|
1. Read module files, package files, tests, build tags, and generated-code markers.
|
|
79
|
-
2. Classify the change as package API, internal implementation, dependency, error behavior, context flow, concurrency, HTTP or proxy behavior, JSON encoding, filesystem safety, runtime or deployment behavior, benchmark, tooling, or test-only.
|
|
83
|
+
2. Classify the change as module or workspace metadata, package API, package layout, internal implementation, dependency, error behavior, context flow, concurrency, HTTP or proxy behavior, JSON encoding, filesystem safety, runtime or deployment behavior, performance measurement, benchmark, tooling, or test-only.
|
|
80
84
|
3. Check the Go version contract before using newer syntax or APIs:
|
|
81
85
|
- treat the `go` directive as a language and module compatibility switch, not decoration;
|
|
82
86
|
- do not use `new(expr)`, range-over-function iterators, generic type aliases, reflect iterator methods, `errors.AsType`, `sync.WaitGroup.Go`, `testing/synctest`, `testing.B.Loop`, `T.ArtifactDir`, `B.ArtifactDir`, `F.ArtifactDir`, `testing/cryptotest.SetGlobalRandom`, `os.Root`, `os.OpenInRoot`, `omitzero`, `go.mod` `tool`, `go fix` modernizers, `encoding/json/v2`, or any `GOEXPERIMENT` feature unless the repository's supported Go version and build path allow it;
|
|
83
87
|
- distinguish stable standard-library APIs from experimental APIs that require `GOEXPERIMENT`;
|
|
84
|
-
- when `go.mod` or `go.work` changes, report language-version, module-graph, toolchain, and downstream support impact.
|
|
88
|
+
- when `go.mod` or `go.work` changes, report language-version, module-graph, workspace, toolchain, and downstream support impact.
|
|
85
89
|
4. Check package boundaries before adding a package or interface:
|
|
90
|
+
- treat a module as a release, version, and distribution boundary, not a folder-cleanup tool;
|
|
91
|
+
- treat `go.work` as a local multi-module development surface unless the repository explicitly supports committing and verifying workspace mode;
|
|
92
|
+
- keep module paths stable and use the required major-version suffix for v2+ modules;
|
|
93
|
+
- prefer `internal` for server implementation packages that are not intended as public imports;
|
|
94
|
+
- check import direction before function bodies: domain packages should not import HTTP status codes, ORM rows, SQL drivers, queues, cloud SDKs, or vendor transport shapes unless that dependency is the package's explicit contract;
|
|
86
95
|
- reject shared bucket packages named `common`, `util`, `types`, `interfaces`, `api`, or `models` unless the repository already has a specific local convention with a narrower meaning;
|
|
87
96
|
- put an interface in the package that consumes the methods, not in the package that merely implements them;
|
|
88
97
|
- create an interface only after a real consumer needs that exact method set;
|
|
89
98
|
- shrink an interface to the methods the immediate consumer calls;
|
|
90
99
|
- reject provider-side interfaces that exist only for mocks;
|
|
91
100
|
- reject provider constructors that return interfaces by default; prefer concrete exported types such as `*Client`, `*Store`, or `*Service`;
|
|
101
|
+
- use generics for reusable containers, algorithms, and type-safe plumbing, not as a substitute for clear domain boundaries;
|
|
92
102
|
- verify that a package split reduces a real dependency direction problem or creates a coherent capability instead of hiding imports.
|
|
93
103
|
5. If exported identifiers or package paths change, classify the public API impact:
|
|
94
104
|
- treat exported functions, variables, constants, types, methods, struct fields, interfaces, interface method sets, sentinel errors, typed errors, module path, package import path, and minimum Go version as contracts;
|
|
95
105
|
- assume exported symbols in a v1+ module are public API unless the package is internal or local evidence proves otherwise;
|
|
96
106
|
- do not remove, rename, or change exported signatures, exported field types, exported interface methods, or observable error behavior without an explicit breaking-change plan;
|
|
97
|
-
- adding a method to an exported interface is breaking for external implementations even when adding a method to a concrete type would be safe
|
|
107
|
+
- adding a method to an exported interface is breaking for external implementations even when adding a method to a concrete type would be safe;
|
|
108
|
+
- changing exported struct fields or JSON tags can be an API change even when function signatures stay stable.
|
|
98
109
|
6. Preserve error contracts:
|
|
99
110
|
- use `errors.Is` and `errors.As` semantics as observable API when documented or already tested;
|
|
100
111
|
- do not compare error strings;
|
|
112
|
+
- do not rely on `err == sentinel` when callers may receive wrapped errors;
|
|
101
113
|
- do not expose dependency sentinel or typed errors through wrapping unless the package intentionally supports them as API;
|
|
102
114
|
- treat a change between observable wrapping and non-observable formatting as API-sensitive;
|
|
115
|
+
- classify context cancellation, context deadlines, dependency timeouts, and domain failures at package boundaries instead of letting infrastructure errors leak upward unchanged;
|
|
116
|
+
- keep typed error pointer/value behavior consistent and avoid typed-nil errors behind an `error` interface;
|
|
117
|
+
- use `errors.Join` or multiple `%w` only when callers are expected to use `errors.Is` or `errors.As` rather than simple unwrap behavior;
|
|
103
118
|
- use `errors.AsType` only when the supported Go version allows it and the shorter form preserves the same typed-error contract;
|
|
104
119
|
- add tests for documented sentinel or typed errors when the error behavior changes.
|
|
105
|
-
7. If goroutines or channels change, name the owner, stop condition, cancellation path, wait path, error path, close responsibility, and test synchronization.
|
|
120
|
+
7. If goroutines or channels change, name the owner, stop condition, cancellation path, wait path, error path, panic policy, close responsibility, backpressure boundary, and test synchronization.
|
|
106
121
|
8. Choose the right goroutine primitive:
|
|
107
122
|
- use `sync.WaitGroup.Go` only for tasks that do not return errors and must not panic;
|
|
123
|
+
- call manual `WaitGroup.Add` before starting the goroutine and do not copy a `WaitGroup` after first use;
|
|
108
124
|
- use an errgroup-style boundary when work needs error propagation, context cancellation, or concurrency limits;
|
|
109
125
|
- do not hand-roll `WaitGroup` plus error channel plus cancellation plus semaphore unless the local code already owns that exact pattern and tests cover it;
|
|
110
126
|
- treat buffered-channel semaphores as semantic backpressure, not just a performance knob; changing capacity can change ordering and pressure;
|
|
127
|
+
- do not treat a channel as a data-race shield for maps, slices, pointers, or structs still shared across goroutines;
|
|
111
128
|
- treat `TryLock` as suspicious unless skipping the work is genuinely correct and observable.
|
|
112
129
|
9. Reject fire-and-forget goroutines unless they are owned by a long-lived object with a shutdown path, joined before return, managed by a group with a wait path, or explicitly documented as safely detached.
|
|
113
130
|
10. Preserve context propagation:
|
|
114
131
|
- request-scoped functions accept `ctx` first and pass it down;
|
|
115
132
|
- do not store request context in structs;
|
|
133
|
+
- do not use `context.Value` as dependency injection, optional parameters, or a hidden configuration bag;
|
|
116
134
|
- do not pass nil context;
|
|
117
135
|
- do not introduce `context.Background()` inside request or operation depth unless it is a true process root with a documented owner;
|
|
118
136
|
- derived contexts must release their cancel function on every path;
|
|
@@ -124,11 +142,20 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
124
142
|
- the sender that knows all sends are complete closes the channel;
|
|
125
143
|
- receivers do not close borrowed input channels;
|
|
126
144
|
- multiple senders require a coordinator that closes only after all senders finish;
|
|
127
|
-
- cancellable pipelines must avoid permanently blocking upstream goroutines when downstream stops early
|
|
145
|
+
- cancellable pipelines must avoid permanently blocking upstream goroutines when downstream stops early;
|
|
146
|
+
- buffered channels are not durable queues and must not hide unbounded producer or retry behavior;
|
|
147
|
+
- avoid busy-loop `select` statements with a `default` branch unless skipping work immediately is the intended behavior and CPU impact is bounded.
|
|
128
148
|
12. Use iterator functions only for pull-style traversal, not hidden concurrency. Honor the `yield` return value immediately, call the `stop` function from pull iterators, keep resource ownership visible, and keep channels for actual concurrent communication or backpressure.
|
|
129
149
|
13. Keep timeout policy at request, command, API, or operation boundaries. Do not hide arbitrary sleeps or timeouts in reusable helpers unless that helper explicitly owns the policy.
|
|
130
150
|
14. Check HTTP and proxy defaults:
|
|
131
|
-
-
|
|
151
|
+
- use an explicit `http.Server` for production-facing servers rather than bare convenience helpers;
|
|
152
|
+
- set deliberate `ReadHeaderTimeout`, request/body read policy, `WriteTimeout`, `IdleTimeout`, `MaxHeaderBytes`, `BaseContext`, `ConnState`, and `ErrorLog` where the server owns those behaviors; zero timeout means no limit in important cases;
|
|
153
|
+
- protect request bodies separately from headers with size limits and route-appropriate read deadlines;
|
|
154
|
+
- treat `WriteTimeout` carefully for SSE, long polling, chunked streaming, and large downloads; streaming paths need heartbeat, flush, per-write deadline, and disconnect behavior instead of a single short global timeout;
|
|
155
|
+
- do not treat `http.TimeoutHandler` as cancellation of the underlying business work; pass `r.Context()` through database, RPC, cache, queue, and outbound HTTP calls;
|
|
156
|
+
- do not use `ResponseWriter` or request bodies after `ServeHTTP` returns; background work must copy the needed payload and use a lifecycle context that is not the finished request context;
|
|
157
|
+
- design graceful shutdown as a state transition: drain readiness, stop new traffic, wait for `Shutdown`, fall back to `Close` only after the shutdown budget, and keep the main goroutine alive until shutdown completes;
|
|
158
|
+
- track WebSocket, hijacked, upgraded, or long-lived connections separately because ordinary `Shutdown` does not wait for them;
|
|
132
159
|
- reuse clients and transports instead of creating them per request;
|
|
133
160
|
- prefer reverse-proxy rewrite hooks over deprecated or unsafe director-style mutation when the supported Go version allows it;
|
|
134
161
|
- keep hop-by-hop header, forwarded-host, scheme, cancellation, streaming, and error-mapping behavior explicit.
|
|
@@ -147,18 +174,30 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
147
174
|
- use PGO only with representative profiles and keep `default.pgo` ownership clear;
|
|
148
175
|
- treat goroutine leak profiling, SIMD, JSON v2, and other experiments as opt-in evidence-gathering, not default production assumptions;
|
|
149
176
|
- remember that `-race` only finds races on executed paths and carries significant overhead.
|
|
150
|
-
18.
|
|
177
|
+
18. For performance changes, measure before simplifying or optimizing:
|
|
178
|
+
- require profile or benchmark evidence before accepting a more complex hot-path change;
|
|
179
|
+
- inspect CPU, heap, allocation, goroutine, block, and mutex evidence according to the symptom instead of assuming CPU is the bottleneck;
|
|
180
|
+
- treat allocation reduction as GC-pressure reduction only when benchmark or profile evidence supports it;
|
|
181
|
+
- use escape-analysis findings to explain heap movement instead of assuming pointers are faster than values;
|
|
182
|
+
- use `sync.Pool` only for disposable temporary objects that may vanish at any time, not as a durable cache or lifecycle owner.
|
|
183
|
+
19. Keep tests and benchmarks deterministic:
|
|
151
184
|
- do not use elapsed real time to wait for goroutine progress; use explicit synchronization, owned lifecycle waits, fake time, `testing/synctest` when supported, or the repository's established concurrency test helper;
|
|
152
185
|
- prefer `testing.B.Loop` for new benchmarks when the supported Go version allows it, and keep setup, cleanup, allocation measurement, and compiler optimization boundaries honest;
|
|
186
|
+
- compare benchmark changes across repeated runs and include `B/op` and `allocs/op` when allocation behavior is part of the claim;
|
|
153
187
|
- use test artifact directories for files that should survive a test run only when the supported Go version and test invocation preserve artifacts; otherwise use the repository's existing temporary-file or golden-output policy;
|
|
154
188
|
- for deterministic crypto tests, prefer the standard cryptographic test hook when the supported Go version provides it instead of overriding global readers in production code paths.
|
|
155
|
-
|
|
189
|
+
20. Keep Go tools and modernization explicit:
|
|
156
190
|
- prefer the `tool` directive over `tools.go` pinning only when the repository's supported Go version allows it;
|
|
157
191
|
- use `go fix` modernizers as reviewed migrations, not silent drive-by rewrites;
|
|
158
192
|
- update code generators, schema generators, lint helpers, and reflection-heavy tooling for generic aliases, alias node behavior, and reflect iterator methods only with fixture coverage;
|
|
159
193
|
- prefer standard-library helpers such as `min`, `max`, `clear`, `slices`, `maps`, and `cmp` over new local utility packages when the supported Go version allows them.
|
|
160
|
-
|
|
161
|
-
|
|
194
|
+
21. If dependency metadata changes, keep module files and dependent tests synchronized:
|
|
195
|
+
- do not raise the `go` directive, add toolchain requirements, change module path, or introduce direct dependencies unless the task requires it and the final report calls out the support impact;
|
|
196
|
+
- treat `go.sum` as checksum evidence, not a package lockfile and not disposable noise;
|
|
197
|
+
- treat `replace`, especially local-path `replace`, as temporary main-module or workspace-only wiring unless the repository documents a release plan for it;
|
|
198
|
+
- verify vendor output is regenerated by a configured intent when vendoring is part of the repository contract;
|
|
199
|
+
- check private module settings before adding private import paths so module names do not leak through public proxy or checksum lookups.
|
|
200
|
+
22. Choose configured verification intents that cover formatting, tests, race-sensitive behavior, lint, API drift, module drift, docs, and release metadata when available.
|
|
162
201
|
|
|
163
202
|
<!-- mustflow-section: postconditions -->
|
|
164
203
|
## Postconditions
|
|
@@ -166,7 +205,7 @@ Preserve Go package, module, API, error, context, concurrency, runtime, HTTP, JS
|
|
|
166
205
|
- Package ownership and exported API impact are clear.
|
|
167
206
|
- Context, goroutine, channel, and error ownership are explicit.
|
|
168
207
|
- Go-version-gated syntax, standard-library APIs, runtime defaults, experiments, and module metadata are compatible with the repository's supported Go version.
|
|
169
|
-
- HTTP timeout, proxy, JSON, filesystem, network address, runtime, test-time, benchmark, and tool decisions are explicit where touched.
|
|
208
|
+
- HTTP timeout, graceful shutdown, proxy, JSON, filesystem, network address, runtime, profiling, test-time, benchmark, and tool decisions are explicit where touched.
|
|
170
209
|
- Tests cover the changed behavior without sleeps as synchronization.
|
|
171
210
|
- Module drift is reported when dependency verification cannot run.
|
|
172
211
|
|
|
@@ -206,7 +245,7 @@ For concurrency-sensitive changes, report whether a configured race or equivalen
|
|
|
206
245
|
- Boundary checked
|
|
207
246
|
- Package and API impact
|
|
208
247
|
- Context/concurrency/error notes
|
|
209
|
-
- Go version, runtime, HTTP, JSON, filesystem, benchmark, and tool notes when relevant
|
|
248
|
+
- Go version, module/workspace, runtime, HTTP/shutdown, JSON, filesystem, profiling, benchmark, and tool notes when relevant
|
|
210
249
|
- Files changed
|
|
211
250
|
- Command intents run
|
|
212
251
|
- Skipped checks and reasons
|