mustflow 2.74.2 → 2.74.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/script-pack.js +132 -3
- package/dist/cli/i18n/en.js +30 -3
- package/dist/cli/i18n/es.js +30 -3
- package/dist/cli/i18n/fr.js +30 -3
- package/dist/cli/i18n/hi.js +30 -3
- package/dist/cli/i18n/ko.js +30 -3
- package/dist/cli/i18n/zh.js +30 -3
- package/dist/cli/lib/script-pack-registry.js +53 -0
- package/dist/cli/script-packs/repo-generated-boundary.js +94 -0
- package/dist/core/generated-boundary.js +231 -0
- package/dist/core/public-json-contracts.js +35 -0
- package/dist/core/script-pack-suggestions.js +199 -0
- package/package.json +1 -1
- package/schemas/README.md +8 -1
- package/schemas/generated-boundary-report.schema.json +148 -0
- package/schemas/script-pack-catalog.schema.json +32 -0
- package/schemas/script-pack-suggestion-report.schema.json +159 -0
- package/templates/default/common/.mustflow/config/commands.toml +32 -0
- package/templates/default/i18n.toml +17 -17
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +4 -4
- package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +5 -3
- package/templates/default/locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md +4 -1
- package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +7 -7
- package/templates/default/locales/en/.mustflow/skills/elysia-code-change/SKILL.md +15 -8
- package/templates/default/locales/en/.mustflow/skills/external-skill-intake/SKILL.md +10 -5
- package/templates/default/locales/en/.mustflow/skills/public-json-contract-change/SKILL.md +5 -2
- package/templates/default/locales/en/.mustflow/skills/rate-limit-integrity-review/SKILL.md +7 -4
- package/templates/default/locales/en/.mustflow/skills/repo-improvement-loop/SKILL.md +6 -2
- package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +4 -3
- package/templates/default/locales/en/.mustflow/skills/skill-authoring/SKILL.md +3 -1
- package/templates/default/locales/en/.mustflow/skills/skill-refresh/SKILL.md +19 -2
- package/templates/default/locales/en/.mustflow/skills/tailwind-code-change/SKILL.md +12 -9
- package/templates/default/locales/en/.mustflow/skills/template-install-surface-sync/SKILL.md +6 -3
- package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +22 -17
- package/templates/default/locales/en/.mustflow/skills/unocss-code-change/SKILL.md +16 -5
- package/templates/default/locales/en/.mustflow/skills/version-freshness-check/SKILL.md +8 -8
- package/templates/default/manifest.toml +1 -1
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/generated-boundary-report.schema.json",
|
|
4
|
+
"title": "mustflow generated-boundary report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"targets",
|
|
20
|
+
"findings",
|
|
21
|
+
"issues"
|
|
22
|
+
],
|
|
23
|
+
"properties": {
|
|
24
|
+
"schema_version": { "const": "1" },
|
|
25
|
+
"command": { "const": "script-pack" },
|
|
26
|
+
"pack_id": { "const": "repo" },
|
|
27
|
+
"script_id": { "const": "generated-boundary" },
|
|
28
|
+
"script_ref": { "const": "repo/generated-boundary" },
|
|
29
|
+
"action": { "const": "check" },
|
|
30
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
31
|
+
"ok": { "type": "boolean" },
|
|
32
|
+
"mustflow_root": { "type": "string" },
|
|
33
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
34
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
35
|
+
"targets": {
|
|
36
|
+
"type": "array",
|
|
37
|
+
"items": { "$ref": "#/$defs/target" }
|
|
38
|
+
},
|
|
39
|
+
"findings": {
|
|
40
|
+
"type": "array",
|
|
41
|
+
"items": { "$ref": "#/$defs/finding" }
|
|
42
|
+
},
|
|
43
|
+
"issues": {
|
|
44
|
+
"type": "array",
|
|
45
|
+
"items": { "type": "string" }
|
|
46
|
+
}
|
|
47
|
+
},
|
|
48
|
+
"$defs": {
|
|
49
|
+
"sha256": {
|
|
50
|
+
"type": "string",
|
|
51
|
+
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
52
|
+
},
|
|
53
|
+
"category": {
|
|
54
|
+
"enum": ["generated", "ignored", "protected", "vendor", "cache", "outside_root"]
|
|
55
|
+
},
|
|
56
|
+
"patternSource": {
|
|
57
|
+
"enum": ["mustflow_config", "builtin"]
|
|
58
|
+
},
|
|
59
|
+
"patternMatch": {
|
|
60
|
+
"type": "object",
|
|
61
|
+
"additionalProperties": false,
|
|
62
|
+
"required": ["category", "pattern", "source"],
|
|
63
|
+
"properties": {
|
|
64
|
+
"category": { "$ref": "#/$defs/category" },
|
|
65
|
+
"pattern": { "type": "string" },
|
|
66
|
+
"source": { "$ref": "#/$defs/patternSource" }
|
|
67
|
+
}
|
|
68
|
+
},
|
|
69
|
+
"policy": {
|
|
70
|
+
"type": "object",
|
|
71
|
+
"additionalProperties": false,
|
|
72
|
+
"required": [
|
|
73
|
+
"config_path",
|
|
74
|
+
"config_loaded",
|
|
75
|
+
"generated_patterns",
|
|
76
|
+
"ignored_patterns",
|
|
77
|
+
"protected_patterns",
|
|
78
|
+
"builtin_generated_patterns",
|
|
79
|
+
"builtin_vendor_patterns",
|
|
80
|
+
"builtin_cache_patterns",
|
|
81
|
+
"builtin_protected_patterns"
|
|
82
|
+
],
|
|
83
|
+
"properties": {
|
|
84
|
+
"config_path": { "const": ".mustflow/config/mustflow.toml" },
|
|
85
|
+
"config_loaded": { "type": "boolean" },
|
|
86
|
+
"generated_patterns": { "$ref": "#/$defs/stringArray" },
|
|
87
|
+
"ignored_patterns": { "$ref": "#/$defs/stringArray" },
|
|
88
|
+
"protected_patterns": { "$ref": "#/$defs/stringArray" },
|
|
89
|
+
"builtin_generated_patterns": { "$ref": "#/$defs/stringArray" },
|
|
90
|
+
"builtin_vendor_patterns": { "$ref": "#/$defs/stringArray" },
|
|
91
|
+
"builtin_cache_patterns": { "$ref": "#/$defs/stringArray" },
|
|
92
|
+
"builtin_protected_patterns": { "$ref": "#/$defs/stringArray" }
|
|
93
|
+
}
|
|
94
|
+
},
|
|
95
|
+
"stringArray": {
|
|
96
|
+
"type": "array",
|
|
97
|
+
"items": { "type": "string" }
|
|
98
|
+
},
|
|
99
|
+
"target": {
|
|
100
|
+
"type": "object",
|
|
101
|
+
"additionalProperties": false,
|
|
102
|
+
"required": ["input", "path", "exists", "kind", "matched_boundaries", "matched_patterns"],
|
|
103
|
+
"properties": {
|
|
104
|
+
"input": { "type": "string" },
|
|
105
|
+
"path": { "type": "string" },
|
|
106
|
+
"exists": { "type": ["boolean", "null"] },
|
|
107
|
+
"kind": { "enum": ["file", "directory", "missing", "other", "unknown"] },
|
|
108
|
+
"matched_boundaries": {
|
|
109
|
+
"type": "array",
|
|
110
|
+
"items": { "$ref": "#/$defs/category" }
|
|
111
|
+
},
|
|
112
|
+
"matched_patterns": {
|
|
113
|
+
"type": "array",
|
|
114
|
+
"items": { "$ref": "#/$defs/patternMatch" }
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
},
|
|
118
|
+
"finding": {
|
|
119
|
+
"type": "object",
|
|
120
|
+
"additionalProperties": false,
|
|
121
|
+
"required": ["code", "severity", "message", "path", "boundary", "pattern", "source"],
|
|
122
|
+
"properties": {
|
|
123
|
+
"code": {
|
|
124
|
+
"enum": [
|
|
125
|
+
"generated_boundary_generated_path",
|
|
126
|
+
"generated_boundary_ignored_path",
|
|
127
|
+
"generated_boundary_protected_path",
|
|
128
|
+
"generated_boundary_vendor_path",
|
|
129
|
+
"generated_boundary_cache_path",
|
|
130
|
+
"generated_boundary_path_outside_root",
|
|
131
|
+
"generated_boundary_unreadable_path"
|
|
132
|
+
]
|
|
133
|
+
},
|
|
134
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
135
|
+
"message": { "type": "string" },
|
|
136
|
+
"path": { "type": "string" },
|
|
137
|
+
"boundary": { "$ref": "#/$defs/category" },
|
|
138
|
+
"pattern": { "type": ["string", "null"] },
|
|
139
|
+
"source": {
|
|
140
|
+
"anyOf": [
|
|
141
|
+
{ "$ref": "#/$defs/patternSource" },
|
|
142
|
+
{ "type": "null" }
|
|
143
|
+
]
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
}
|
|
@@ -56,6 +56,38 @@
|
|
|
56
56
|
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" },
|
|
57
57
|
"minItems": 1
|
|
58
58
|
},
|
|
59
|
+
"use_when": {
|
|
60
|
+
"type": "array",
|
|
61
|
+
"items": { "type": "string" },
|
|
62
|
+
"minItems": 1
|
|
63
|
+
},
|
|
64
|
+
"phases": {
|
|
65
|
+
"type": "array",
|
|
66
|
+
"items": {
|
|
67
|
+
"type": "string",
|
|
68
|
+
"enum": ["before_change", "during_change", "after_change", "review"]
|
|
69
|
+
},
|
|
70
|
+
"minItems": 1
|
|
71
|
+
},
|
|
72
|
+
"read_only": { "type": "boolean" },
|
|
73
|
+
"mutates": { "type": "boolean" },
|
|
74
|
+
"network": { "type": "boolean" },
|
|
75
|
+
"inputs": {
|
|
76
|
+
"type": "array",
|
|
77
|
+
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:_[a-z0-9]+)*$" },
|
|
78
|
+
"minItems": 1
|
|
79
|
+
},
|
|
80
|
+
"outputs": {
|
|
81
|
+
"type": "array",
|
|
82
|
+
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:_[a-z0-9]+)*$" },
|
|
83
|
+
"minItems": 1
|
|
84
|
+
},
|
|
85
|
+
"related_skills": {
|
|
86
|
+
"type": "array",
|
|
87
|
+
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
|
|
88
|
+
},
|
|
89
|
+
"risk_level": { "type": "string", "enum": ["low", "medium", "high"] },
|
|
90
|
+
"cost": { "type": "string", "enum": ["low", "medium", "high"] },
|
|
59
91
|
"report_schema_file": {
|
|
60
92
|
"anyOf": [
|
|
61
93
|
{ "type": "string", "pattern": "^[a-z0-9-]+\\.schema\\.json$" },
|
|
@@ -0,0 +1,159 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/script-pack-suggestion-report.schema.json",
|
|
4
|
+
"title": "mustflow script-pack suggestion report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"action",
|
|
11
|
+
"status",
|
|
12
|
+
"ok",
|
|
13
|
+
"mustflow_root",
|
|
14
|
+
"input",
|
|
15
|
+
"analyzed_paths",
|
|
16
|
+
"suggestions",
|
|
17
|
+
"issues"
|
|
18
|
+
],
|
|
19
|
+
"properties": {
|
|
20
|
+
"schema_version": { "const": "1" },
|
|
21
|
+
"command": { "const": "script-pack" },
|
|
22
|
+
"action": { "const": "suggest" },
|
|
23
|
+
"status": { "type": "string", "enum": ["suggested", "empty", "partial"] },
|
|
24
|
+
"ok": { "type": "boolean" },
|
|
25
|
+
"mustflow_root": { "type": "string" },
|
|
26
|
+
"input": { "$ref": "#/$defs/input" },
|
|
27
|
+
"analyzed_paths": {
|
|
28
|
+
"type": "array",
|
|
29
|
+
"items": { "$ref": "#/$defs/analyzedPath" }
|
|
30
|
+
},
|
|
31
|
+
"suggestions": {
|
|
32
|
+
"type": "array",
|
|
33
|
+
"items": { "$ref": "#/$defs/suggestion" }
|
|
34
|
+
},
|
|
35
|
+
"issues": {
|
|
36
|
+
"type": "array",
|
|
37
|
+
"items": { "type": "string" }
|
|
38
|
+
}
|
|
39
|
+
},
|
|
40
|
+
"$defs": {
|
|
41
|
+
"phase": {
|
|
42
|
+
"type": "string",
|
|
43
|
+
"enum": ["before_change", "during_change", "after_change", "review"]
|
|
44
|
+
},
|
|
45
|
+
"surface": {
|
|
46
|
+
"type": "string",
|
|
47
|
+
"enum": [
|
|
48
|
+
"config",
|
|
49
|
+
"docs",
|
|
50
|
+
"generated",
|
|
51
|
+
"package",
|
|
52
|
+
"schema",
|
|
53
|
+
"skill",
|
|
54
|
+
"source",
|
|
55
|
+
"template",
|
|
56
|
+
"test",
|
|
57
|
+
"unknown"
|
|
58
|
+
]
|
|
59
|
+
},
|
|
60
|
+
"input": {
|
|
61
|
+
"type": "object",
|
|
62
|
+
"additionalProperties": false,
|
|
63
|
+
"required": ["phases", "skills", "paths", "changed"],
|
|
64
|
+
"properties": {
|
|
65
|
+
"phases": {
|
|
66
|
+
"type": "array",
|
|
67
|
+
"items": { "$ref": "#/$defs/phase" }
|
|
68
|
+
},
|
|
69
|
+
"skills": {
|
|
70
|
+
"type": "array",
|
|
71
|
+
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
|
|
72
|
+
},
|
|
73
|
+
"paths": {
|
|
74
|
+
"type": "array",
|
|
75
|
+
"items": { "type": "string" }
|
|
76
|
+
},
|
|
77
|
+
"changed": { "type": "boolean" }
|
|
78
|
+
}
|
|
79
|
+
},
|
|
80
|
+
"analyzedPath": {
|
|
81
|
+
"type": "object",
|
|
82
|
+
"additionalProperties": false,
|
|
83
|
+
"required": ["path", "surfaces"],
|
|
84
|
+
"properties": {
|
|
85
|
+
"path": { "type": "string" },
|
|
86
|
+
"surfaces": {
|
|
87
|
+
"type": "array",
|
|
88
|
+
"items": { "$ref": "#/$defs/surface" },
|
|
89
|
+
"minItems": 1
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
},
|
|
93
|
+
"suggestion": {
|
|
94
|
+
"type": "object",
|
|
95
|
+
"additionalProperties": false,
|
|
96
|
+
"required": [
|
|
97
|
+
"script_ref",
|
|
98
|
+
"score",
|
|
99
|
+
"confidence",
|
|
100
|
+
"usage",
|
|
101
|
+
"phases",
|
|
102
|
+
"matched_phases",
|
|
103
|
+
"matched_skills",
|
|
104
|
+
"matched_surfaces",
|
|
105
|
+
"reasons",
|
|
106
|
+
"read_only",
|
|
107
|
+
"mutates",
|
|
108
|
+
"network",
|
|
109
|
+
"risk_level",
|
|
110
|
+
"cost",
|
|
111
|
+
"report_schema_file",
|
|
112
|
+
"run_hint"
|
|
113
|
+
],
|
|
114
|
+
"properties": {
|
|
115
|
+
"script_ref": {
|
|
116
|
+
"type": "string",
|
|
117
|
+
"pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*/[a-z0-9]+(?:-[a-z0-9]+)*$"
|
|
118
|
+
},
|
|
119
|
+
"score": { "type": "integer", "minimum": 0 },
|
|
120
|
+
"confidence": { "type": "string", "enum": ["low", "medium", "high"] },
|
|
121
|
+
"usage": { "type": "string" },
|
|
122
|
+
"phases": {
|
|
123
|
+
"type": "array",
|
|
124
|
+
"items": { "$ref": "#/$defs/phase" },
|
|
125
|
+
"minItems": 1
|
|
126
|
+
},
|
|
127
|
+
"matched_phases": {
|
|
128
|
+
"type": "array",
|
|
129
|
+
"items": { "$ref": "#/$defs/phase" }
|
|
130
|
+
},
|
|
131
|
+
"matched_skills": {
|
|
132
|
+
"type": "array",
|
|
133
|
+
"items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
|
|
134
|
+
},
|
|
135
|
+
"matched_surfaces": {
|
|
136
|
+
"type": "array",
|
|
137
|
+
"items": { "$ref": "#/$defs/surface" }
|
|
138
|
+
},
|
|
139
|
+
"reasons": {
|
|
140
|
+
"type": "array",
|
|
141
|
+
"items": { "type": "string" },
|
|
142
|
+
"minItems": 1
|
|
143
|
+
},
|
|
144
|
+
"read_only": { "type": "boolean" },
|
|
145
|
+
"mutates": { "type": "boolean" },
|
|
146
|
+
"network": { "type": "boolean" },
|
|
147
|
+
"risk_level": { "type": "string", "enum": ["low", "medium", "high"] },
|
|
148
|
+
"cost": { "type": "string", "enum": ["low", "medium", "high"] },
|
|
149
|
+
"report_schema_file": {
|
|
150
|
+
"anyOf": [
|
|
151
|
+
{ "type": "string", "pattern": "^[a-z0-9-]+\\.schema\\.json$" },
|
|
152
|
+
{ "type": "null" }
|
|
153
|
+
]
|
|
154
|
+
},
|
|
155
|
+
"run_hint": { "type": "string" }
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
}
|
|
@@ -143,6 +143,38 @@ network = false
|
|
|
143
143
|
destructive = false
|
|
144
144
|
required_after = ["code_change", "behavior_change", "test_change", "public_api_change", "performance_change", "unknown_change"]
|
|
145
145
|
|
|
146
|
+
[intents.script_pack_list]
|
|
147
|
+
status = "configured"
|
|
148
|
+
kind = "mustflow_builtin"
|
|
149
|
+
lifecycle = "oneshot"
|
|
150
|
+
run_policy = "agent_allowed"
|
|
151
|
+
description = "List bundled mustflow script-pack utilities and routing metadata read-only."
|
|
152
|
+
argv = ["mf", "script-pack", "list", "--json"]
|
|
153
|
+
cwd = "."
|
|
154
|
+
timeout_seconds = 120
|
|
155
|
+
stdin = "closed"
|
|
156
|
+
success_exit_codes = [0]
|
|
157
|
+
writes = []
|
|
158
|
+
network = false
|
|
159
|
+
destructive = false
|
|
160
|
+
required_after = ["before_task", "docs_change", "public_api_change", "unknown_change"]
|
|
161
|
+
|
|
162
|
+
[intents.script_pack_suggest_changed]
|
|
163
|
+
status = "configured"
|
|
164
|
+
kind = "mustflow_builtin"
|
|
165
|
+
lifecycle = "oneshot"
|
|
166
|
+
run_policy = "agent_allowed"
|
|
167
|
+
description = "Suggest bundled mustflow script-pack utilities for current changed files read-only."
|
|
168
|
+
argv = ["mf", "script-pack", "suggest", "--changed", "--json"]
|
|
169
|
+
cwd = "."
|
|
170
|
+
timeout_seconds = 120
|
|
171
|
+
stdin = "closed"
|
|
172
|
+
success_exit_codes = [0]
|
|
173
|
+
writes = []
|
|
174
|
+
network = false
|
|
175
|
+
destructive = false
|
|
176
|
+
required_after = ["before_task", "docs_change", "public_api_change", "mustflow_docs_change", "unknown_change"]
|
|
177
|
+
|
|
146
178
|
[intents.prompt_cache_audit]
|
|
147
179
|
status = "configured"
|
|
148
180
|
kind = "mustflow_builtin"
|
|
@@ -62,7 +62,7 @@ translations = {}
|
|
|
62
62
|
[documents."skills.index"]
|
|
63
63
|
source = "locales/en/.mustflow/skills/INDEX.md"
|
|
64
64
|
source_locale = "en"
|
|
65
|
-
revision =
|
|
65
|
+
revision = 174
|
|
66
66
|
translations = {}
|
|
67
67
|
|
|
68
68
|
[documents."skill.adapter-boundary"]
|
|
@@ -356,7 +356,7 @@ translations = {}
|
|
|
356
356
|
[documents."skill.rate-limit-integrity-review"]
|
|
357
357
|
source = "locales/en/.mustflow/skills/rate-limit-integrity-review/SKILL.md"
|
|
358
358
|
source_locale = "en"
|
|
359
|
-
revision =
|
|
359
|
+
revision = 2
|
|
360
360
|
translations = {}
|
|
361
361
|
|
|
362
362
|
[documents."skill.idempotency-integrity-review"]
|
|
@@ -469,13 +469,13 @@ translations = {}
|
|
|
469
469
|
[documents."skill.dependency-upgrade-review"]
|
|
470
470
|
source = "locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md"
|
|
471
471
|
source_locale = "en"
|
|
472
|
-
revision =
|
|
472
|
+
revision = 4
|
|
473
473
|
translations = {}
|
|
474
474
|
|
|
475
475
|
[documents."skill.version-freshness-check"]
|
|
476
476
|
source = "locales/en/.mustflow/skills/version-freshness-check/SKILL.md"
|
|
477
477
|
source_locale = "en"
|
|
478
|
-
revision =
|
|
478
|
+
revision = 7
|
|
479
479
|
translations = {}
|
|
480
480
|
|
|
481
481
|
[documents."skill.line-ending-hygiene"]
|
|
@@ -517,7 +517,7 @@ translations = {}
|
|
|
517
517
|
[documents."skill.astro-code-change"]
|
|
518
518
|
source = "locales/en/.mustflow/skills/astro-code-change/SKILL.md"
|
|
519
519
|
source_locale = "en"
|
|
520
|
-
revision =
|
|
520
|
+
revision = 3
|
|
521
521
|
translations = {}
|
|
522
522
|
|
|
523
523
|
[documents."skill.auth-permission-change"]
|
|
@@ -571,7 +571,7 @@ translations = {}
|
|
|
571
571
|
[documents."skill.elysia-code-change"]
|
|
572
572
|
source = "locales/en/.mustflow/skills/elysia-code-change/SKILL.md"
|
|
573
573
|
source_locale = "en"
|
|
574
|
-
revision =
|
|
574
|
+
revision = 2
|
|
575
575
|
translations = {}
|
|
576
576
|
|
|
577
577
|
[documents."skill.flutter-code-change"]
|
|
@@ -625,7 +625,7 @@ translations = {}
|
|
|
625
625
|
[documents."skill.rust-code-change"]
|
|
626
626
|
source = "locales/en/.mustflow/skills/rust-code-change/SKILL.md"
|
|
627
627
|
source_locale = "en"
|
|
628
|
-
revision =
|
|
628
|
+
revision = 5
|
|
629
629
|
translations = {}
|
|
630
630
|
|
|
631
631
|
[documents."skill.runtime-target-selection"]
|
|
@@ -655,7 +655,7 @@ translations = {}
|
|
|
655
655
|
[documents."skill.tailwind-code-change"]
|
|
656
656
|
source = "locales/en/.mustflow/skills/tailwind-code-change/SKILL.md"
|
|
657
657
|
source_locale = "en"
|
|
658
|
-
revision =
|
|
658
|
+
revision = 4
|
|
659
659
|
translations = {}
|
|
660
660
|
|
|
661
661
|
[documents."skill.tauri-code-change"]
|
|
@@ -667,13 +667,13 @@ translations = {}
|
|
|
667
667
|
[documents."skill.typescript-code-change"]
|
|
668
668
|
source = "locales/en/.mustflow/skills/typescript-code-change/SKILL.md"
|
|
669
669
|
source_locale = "en"
|
|
670
|
-
revision =
|
|
670
|
+
revision = 4
|
|
671
671
|
translations = {}
|
|
672
672
|
|
|
673
673
|
[documents."skill.unocss-code-change"]
|
|
674
674
|
source = "locales/en/.mustflow/skills/unocss-code-change/SKILL.md"
|
|
675
675
|
source_locale = "en"
|
|
676
|
-
revision =
|
|
676
|
+
revision = 4
|
|
677
677
|
translations = {}
|
|
678
678
|
|
|
679
679
|
[documents."skill.service-boundary-architecture"]
|
|
@@ -691,7 +691,7 @@ translations = {}
|
|
|
691
691
|
[documents."skill.completion-evidence-gate"]
|
|
692
692
|
source = "locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md"
|
|
693
693
|
source_locale = "en"
|
|
694
|
-
revision =
|
|
694
|
+
revision = 3
|
|
695
695
|
translations = {}
|
|
696
696
|
|
|
697
697
|
[documents."skill.evidence-stall-breaker"]
|
|
@@ -709,7 +709,7 @@ translations = {}
|
|
|
709
709
|
[documents."skill.public-json-contract-change"]
|
|
710
710
|
source = "locales/en/.mustflow/skills/public-json-contract-change/SKILL.md"
|
|
711
711
|
source_locale = "en"
|
|
712
|
-
revision =
|
|
712
|
+
revision = 2
|
|
713
713
|
translations = {}
|
|
714
714
|
|
|
715
715
|
[documents."skill.provenance-license-gate"]
|
|
@@ -781,7 +781,7 @@ translations = {}
|
|
|
781
781
|
[documents."skill.external-skill-intake"]
|
|
782
782
|
source = "locales/en/.mustflow/skills/external-skill-intake/SKILL.md"
|
|
783
783
|
source_locale = "en"
|
|
784
|
-
revision =
|
|
784
|
+
revision = 3
|
|
785
785
|
translations = {}
|
|
786
786
|
|
|
787
787
|
[documents."skill.github-contribution-quality-gate"]
|
|
@@ -846,7 +846,7 @@ translations = {}
|
|
|
846
846
|
[documents."skill.repo-improvement-loop"]
|
|
847
847
|
source = "locales/en/.mustflow/skills/repo-improvement-loop/SKILL.md"
|
|
848
848
|
source_locale = "en"
|
|
849
|
-
revision =
|
|
849
|
+
revision = 2
|
|
850
850
|
translations = {}
|
|
851
851
|
|
|
852
852
|
[documents."skill.requirement-regression-guard"]
|
|
@@ -936,13 +936,13 @@ translations = {}
|
|
|
936
936
|
[documents."skill.skill-refresh"]
|
|
937
937
|
source = "locales/en/.mustflow/skills/skill-refresh/SKILL.md"
|
|
938
938
|
source_locale = "en"
|
|
939
|
-
revision =
|
|
939
|
+
revision = 2
|
|
940
940
|
translations = {}
|
|
941
941
|
|
|
942
942
|
[documents."skill.skill-authoring"]
|
|
943
943
|
source = "locales/en/.mustflow/skills/skill-authoring/SKILL.md"
|
|
944
944
|
source_locale = "en"
|
|
945
|
-
revision =
|
|
945
|
+
revision = 9
|
|
946
946
|
translations = {}
|
|
947
947
|
|
|
948
948
|
[documents."skill.task-instruction-authoring"]
|
|
@@ -954,7 +954,7 @@ translations = {}
|
|
|
954
954
|
[documents."skill.template-install-surface-sync"]
|
|
955
955
|
source = "locales/en/.mustflow/skills/template-install-surface-sync/SKILL.md"
|
|
956
956
|
source_locale = "en"
|
|
957
|
-
revision =
|
|
957
|
+
revision = 2
|
|
958
958
|
translations = {}
|
|
959
959
|
|
|
960
960
|
[documents."skill.restricted-handoff-resume"]
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
mustflow_doc: skills.index
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 174
|
|
6
6
|
authority: router
|
|
7
7
|
lifecycle: mustflow-owned
|
|
8
8
|
---
|
|
@@ -421,7 +421,7 @@ routes. Event routes stay inactive until their event occurs.
|
|
|
421
421
|
| Node.js runtime code, package manager ownership, module format, package entry metadata, native dependencies, Node test runner behavior, TypeScript execution mode, or deployment runtime support is created or changed | `.mustflow/skills/node-code-change/SKILL.md` | Node version signals, package manager and lockfile owner, module/package metadata, TypeScript loader, test runner, native dependency, deployment target, and command contract entries | Node runtime code, package metadata, lockfiles, scripts, CI or Docker runtime declarations, test runner config, native dependency handling, docs examples, and directly synchronized package surfaces | newest-Node assumption, package manager drift, ESM/CJS break, blocked deep import, native dependency break, Node native TypeScript overclaim, test runner migration risk, deployment mismatch, or permission-model overclaim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Runtime and package manager decision, module/package entry notes, TypeScript/test runner notes, native/deployment risks, verification, and remaining Node.js risk |
|
|
422
422
|
| Bun runtime code, Bun package manager behavior, `bun.lock`, `bunfig.toml`, Bun test runner behavior, Bun bundling, Bun TypeScript execution, or Bun-specific APIs are created or changed | `.mustflow/skills/bun-code-change/SKILL.md` | Bun role signals, `package.json`, Bun and non-Bun lockfiles, `bunfig.toml`, CI/Docker Bun setup, TypeScript config, Bun APIs, native dependency signals, and command contract entries | Bun runtime code, Bun package manager metadata, lockfiles, `bunfig.toml`, scripts, tests, bundler config, TypeScript/declaration pipeline, package metadata, and directly synchronized docs | Bun role confusion, lockfile drift, trusted dependency overgrant, runtime/package-manager conflation, Bun TypeScript typecheck overclaim, Bun build declaration gap, Node compatibility break, shebang mismatch, or native binary break | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Bun role classification, lockfile/trust notes, runtime/type/build/test notes, Node compatibility risks, verification, and remaining Bun risk |
|
|
423
423
|
| Dockerfiles, `.dockerignore`, Docker Compose files, BuildKit or buildx behavior, container image metadata, tags, entrypoints, health checks, Docker CI workflows, image security scanning, SBOM or provenance settings, registry publishing, or container runtime validation are created or changed | `.mustflow/skills/docker-code-change/SKILL.md` | Docker surfaces, project image shape, base image and platform signals, build context and cache signals, runtime contract, security and supply-chain contract, and command contract entries | Dockerfiles, `.dockerignore`, Compose files, container CI workflow snippets, image metadata, package tests, docs examples, template metadata, and directly synchronized skill routes | cache breakage, secret leak, root runtime, host access escape, dev dependency in final image, mutable tag drift, untrusted CI publish, missing SBOM/provenance, unverified runtime, or false production-readiness claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Docker surface classification, image/base/cache/stage decisions, secret/user/runtime/Compose/CI supply-chain notes, verification, and remaining Docker risk |
|
|
424
|
-
| TypeScript source, declarations, tsconfig, package exports, module resolution, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces,
|
|
424
|
+
| TypeScript source, declarations, tsconfig, package exports, module resolution, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces, TypeScript 7 RC or nightly tooling, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, compiler track, package entry metadata, target runtime, changed files, declaration, TS6 API, TS7 RC, and optional TS7 nightly surfaces, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, compiler-track comparison notes, and directly synchronized docs | weakened type safety, module drift, public API drift, unverified declaration output, TypeScript 6 deprecation suppression, TS7 RC over-adoption, TS7 nightly over-adoption, or compiler API track drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, public API, compiler-version, RC, nightly, and API-track boundary checked, changes made, verification, and remaining TypeScript risk |
|
|
425
425
|
| JavaScript source, module format, package entry, browser or Node runtime, dependency usage, Promise handling, bundler config, or JavaScript tests are created or changed | `.mustflow/skills/javascript-code-change/SKILL.md` | Package metadata, module system, runtime target, entrypoints, changed files, and command contract entries | JavaScript source, package exports, bundler config, dependencies, tests, and docs examples | runtime API leakage, ESM/CJS drift, discarded Promise, dependency bloat, or broken package entry | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime and module boundary checked, async and dependency notes, verification, and remaining JavaScript risk |
|
|
426
426
|
| Python source, package metadata, runtime version, import layout, type checking, linting, CLI entry points, or tests are created or changed | `.mustflow/skills/python-code-change/SKILL.md` | Python version source, packaging files, import layout, lint/type/test config, changed files, and command contract entries | Python source, packaging metadata, imports, type hints, tests, and docs examples | unsupported syntax, import hacks, packaging drift, swallowed errors, or weakened lint/type checks | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, packaging, import, and type boundary checked, verification, and remaining Python risk |
|
|
427
427
|
| PowerShell scripts, modules, command examples, `pwsh` invocations, native-command wrappers, quoting, here-strings, splatting, regex, wildcard, replacement strings, or PowerShell argument passing are created or changed | `.mustflow/skills/powershell-code-change/SKILL.md` | PowerShell version and invocation path, parser layers, native-command boundary, dynamic input boundaries, changed files, and command contract entries | PowerShell scripts, modules, package scripts, CI snippets, docs examples, native-command wrappers, tests, and directly synchronized docs | parser-layer confusion, quote loss, variable over-expansion, metacharacter interpretation, native argv drift, command injection, `--%` overuse, or cross-shell `-Command` breakage | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | PowerShell version and invocation boundary, parser ledger, string/here-string/regex/wildcard/replacement/native argv decisions, verification, and remaining PowerShell risk |
|
|
@@ -488,9 +488,9 @@ routes. Event routes stay inactive until their event occurs.
|
|
|
488
488
|
| Database lock contention review needs to catch blocking visible in the diff, including hot rows, mutable counter caches, balance or stock updates, reservation flows, queue table claiming, `SELECT ... FOR UPDATE`, weaker row-lock choices, optimistic version checks, conditional updates, lock order, deadlock retry, MySQL/InnoDB gap or next-key locks, PostgreSQL row-lock variants, SQL Server lock escalation, long transactions, external calls inside transactions, DDL or metadata lock waits, idle-in-transaction blockers, lock timeout policy, connection-pool waits, or lock observability | `.mustflow/skills/database-lock-contention-review/SKILL.md` | Contended resource, workload concentration, database engine and isolation, lock path, index and predicate shape, transaction width, queue claim model, batch size, timeout and retry policy, observability evidence, and configured command intents | Data-shape changes such as ledgers, reservations, sharded counters, materialized summaries, conditional updates, weaker locks, stable lock order, chunked batches, queue shards, timeout policy, focused tests, docs, and directly synchronized templates | hot-row serialization, parent-counter bottleneck, select-then-update race, over-strong `FOR UPDATE`, missing lock-footprint index, gap-lock insert block, metadata-lock surprise, unordered multi-row deadlock, unchunked write outage, queue head contention, hidden FK parent lock, idle transaction blocking DDL, infinite lock wait, pool starvation, unsafe deadlock retry, or missing blocker/waiter evidence | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Lock-contention surface reviewed, contended resource and workload ledger, lock strength/order/index/queue/batch/DDL/timeout/pool/observability findings, evidence level, verification, and remaining database lock-contention risk |
|
|
489
489
|
| SQLite-specific schema, query, transaction, migration, indexing, extension, WAL, local-file persistence, embedded database, mobile database, browser OPFS/WASM SQLite, cache index, or SQLite runtime behavior is created, changed, reviewed, or reported | `.mustflow/skills/sqlite-code-change/SKILL.md` | SQLite role, runtime and binding, file ownership, storage medium, concurrency shape, schema/type rules, query/index evidence, migration and recovery needs, changed files, and command contract entries | SQLite schema, queries, connection setup, transactions, pragmas, indexes, migrations, fixtures, tests, docs, and directly synchronized templates | wrong runtime assumption, file-lock surprise, WAL overclaim, network filesystem risk, disabled foreign keys, weak type constraints, unsafe raw SQL, query-plan overclaim, sidecar-file data loss, failed migration rebuild, or unverified backup/restore | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | SQLite runtime, storage, WAL/concurrency, schema/type/constraint, query/index, migration, backup/restore, verification, and remaining SQLite risk |
|
|
490
490
|
| PostgreSQL-specific schema, query, transaction, migration, indexing, extension, role, row-level security, connection pooling, replication, backup, restore, managed Postgres, or Postgres runtime behavior is created, changed, reviewed, or reported | `.mustflow/skills/postgresql-code-change/SKILL.md` | PostgreSQL role, version, provider, extension inventory, topology, pooler, schema/type rules, query-plan evidence, transaction/retry rules, migration and recovery needs, changed files, and command contract entries | PostgreSQL schema, queries, migrations, generated SQL, connection setup, pool settings, roles, RLS policies, extensions, tests, docs, and directly synchronized templates | version drift, provider constraint miss, connection storm, lock or rewrite surprise, unsafe online DDL claim, bad pooler assumption, RLS bypass, search-path risk, extension drift, stale replica read, query-plan overclaim, or unverified restore | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | PostgreSQL version/topology, pooling, lock/transaction, schema/type/RLS/role, query/index/statistics, backup/restore, verification, and remaining PostgreSQL risk |
|
|
491
|
-
| Dependency versions, lockfiles, package-manager metadata, workspace constraints, runtime engines, peer dependencies, optional dependencies, security advisory fixes, generated dependency output, framework plugins, TypeScript compiler tracks, CI actions, Docker base images, package manager behavior, or toolchain versions are upgraded, downgraded, pinned, widened, regenerated, reviewed, or reported | `.mustflow/skills/dependency-upgrade-review/SKILL.md` | Dependency name, old and new versions or ranges, direct or transitive path, ecosystem and package manager, declaration files, lockfiles, runtime or toolchain files, advisory or release-note evidence, generated outputs, callers, docs, package output, Docker, CI, or TypeScript compiler-track surfaces, and command contract entries | Package declarations, lockfiles, generated outputs, compatibility code, tests, docs, package metadata, Docker or CI files, TypeScript compiler-track notes, and directly synchronized examples | lockfile churn, hidden transitive replacement, peer or engine break, module-format drift, native or optional package break, framework or generator output drift, unsafe broad security update, weakened tests, Docker or CI runtime drift,
|
|
491
|
+
| Dependency versions, lockfiles, package-manager metadata, workspace constraints, runtime engines, peer dependencies, optional dependencies, security advisory fixes, generated dependency output, framework plugins, TypeScript compiler tracks, CI actions, Docker base images, package manager behavior, or toolchain versions are upgraded, downgraded, pinned, widened, regenerated, reviewed, or reported | `.mustflow/skills/dependency-upgrade-review/SKILL.md` | Dependency name, old and new versions or ranges, direct or transitive path, ecosystem and package manager, declaration files, lockfiles, runtime or toolchain files, advisory or release-note evidence, generated outputs, callers, docs, package output, Docker, CI, or TypeScript compiler-track surfaces, and command contract entries | Package declarations, lockfiles, generated outputs, compatibility code, tests, docs, package metadata, Docker or CI files, TypeScript compiler-track notes, and directly synchronized examples | lockfile churn, hidden transitive replacement, peer or engine break, module-format drift, native or optional package break, framework or generator output drift, unsafe broad security update, weakened tests, Docker or CI runtime drift, TS7 RC over-adoption, TS7 nightly over-adoption, or unreviewed supply-chain change | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Upgrade reason, ecosystem surface, direct and transitive graph changes, compatibility classification, runtime/peer/engine/module/feature/platform/generated-output/compiler-track risks, synchronized surfaces, verification, and remaining dependency-upgrade risk |
|
|
492
492
|
| Dependency, package, runtime, framework, tool, command, plugin, service, platform capability, supported-version policy, security patch path, ecosystem maturity claim, maintainer-risk assumption, runtime portability claim, edge or serverless compatibility claim, critical-path library choice, package script, lifecycle hook, binary download, lockfile, audit result, or supply-chain-sensitive dependency surface is assumed, added, removed, imported, invoked, installed, audited, or documented | `.mustflow/skills/dependency-reality-check/SKILL.md` | Assumed dependency or capability, declaration files, version or feature expectation, role criticality, supported-version or end-of-life evidence, patchability expectation, runtime compatibility boundary, maintainer and ecosystem evidence when available, lockfile entry, package script or lifecycle hook, audit or provenance evidence, and relevant command intents | Package metadata, lockfiles, imports, scripts, command contracts, docs, tests, runtime policy notes, portability notes, and reports | unavailable dependency, hallucinated or lookalike package, fragile single-maintainer core dependency, experimental technology in a survival path, unsupported runtime, unclear security patch path, runtime-specific API leakage into core logic, stale version claim, lifecycle script risk, audit suppression, lockfile drift, or install guidance mismatch | `changes_status`, `changes_diff_summary`, `build`, `test_release`, `mustflow_check` | Dependency checked, ecosystem and maintainer-risk boundary reviewed, supported-version, patchability, and runtime-portability boundary reviewed, supply-chain surface reviewed, declarations synchronized, verification, and remaining dependency risk |
|
|
493
|
-
| Generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, TypeScript compiler-track references, Rust release or MSRV references, or migration-sensitive snippets introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, or scaffold commands that may be stale | `.mustflow/skills/version-freshness-check/SKILL.md` | Versioned reference, owning files, repository version policy, approved freshness source, compatibility context, migration risk, TypeScript compiler track or Rust MSRV/toolchain track when relevant, and command contract entries | Package metadata, lockfiles, CI workflows, Dockerfiles, runtime files, framework config, docs, examples, templates, tests, and version-decision reports | stale default version, false latest claim, accidental major migration, repository policy mismatch, unsupported generated example, TypeScript
|
|
493
|
+
| Generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, TypeScript compiler-track references, Rust release or MSRV references, or migration-sensitive snippets introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, or scaffold commands that may be stale | `.mustflow/skills/version-freshness-check/SKILL.md` | Versioned reference, owning files, repository version policy, approved freshness source, compatibility context, migration risk, TypeScript compiler track or Rust MSRV/toolchain track when relevant, and command contract entries | Package metadata, lockfiles, CI workflows, Dockerfiles, runtime files, framework config, docs, examples, templates, tests, and version-decision reports | stale default version, false latest claim, accidental major migration, repository policy mismatch, unsupported generated example, TypeScript RC/nightly/API-track confusion, Rust stable/nightly/MSRV confusion, floating-tag drift, or unverified security/support claim | `changes_status`, `changes_diff_summary`, `build`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Versioned surfaces checked, repository policy and freshness source, selected version track, compatibility classification, TypeScript stable/RC/nightly/API-track and Rust stable/nightly/MSRV split when relevant, approval need, synchronized surfaces, verification, and remaining version-freshness risk |
|
|
494
494
|
| External systems, protocols, SDKs, databases, webhooks, queues, files, object storage, signed upload or download URLs, caches, API response models, framework requests or responses, server actions, route handlers, edge functions, worker handlers, AI models, browser storage, search engines, analytics tools, email platforms, no-code tools, observability backends, trace or request context, provider data, or volatile component implementations cross the core boundary or need stable port/adapter translation, change isolation, error mapping, timeout, retry, circuit-breaker, bulkhead, idempotency, reconciliation, security, core-state ownership, vendor portability, or observability handling | `.mustflow/skills/adapter-boundary/SKILL.md` | External system or protocol, inbound/outbound direction, delivery boundary, internal use case, local port/adapter patterns, provider risk, provider failure policy, core-state ownership risk, vendor portability risk, observability identifier policy, API contract risk, change-isolation ledger, preserved consumer contract, changed files, and command contract entries | Ports, adapters, mappers, controllers, workers, stores, gateways, response mappers, telemetry mappers, timeout and retry policies, circuit breakers, bulkhead boundaries, tests, fixtures, assembly wiring, and directly synchronized docs or templates | provider leakage, caller churn from adapter-only changes, framework business-rule leakage, telemetry backend leakage, storage-key leakage, screen-shaped API coupling, pass-through wrapper, SaaS dashboard as truth source, search or analytics policy leakage, queue contract leakage, unclassified external failure, duplicate side effect, unsafe retry, missing timeout, missing circuit breaker, missing bulkhead, unresolved unknown provider outcome, broken identifier propagation, secret or personal-data leak, or untested integration drift | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | Boundary classification, change-isolation ledger, preserved consumer contract, delivery adapter responsibility, internal port, provider containment, core-state ownership, vendor portability, validation and mapping, API response mapping, observability identifier flow, timeout/retry/circuit-breaker/bulkhead/idempotency handling, reconciliation behavior, security notes, verification, and remaining provider risk |
|
|
495
495
|
| Tauri frontend invokes, Rust commands, capabilities, permissions, scopes, plugins, filesystem, dialog, shell, opener, updater, sidecar, or mobile native permissions are created or changed | `.mustflow/skills/tauri-code-change/SKILL.md` | Frontend call sites, Tauri config, Rust commands, capability and permission files, plugin config, changed files, and command contract entries | Tauri frontend, Rust commands, capabilities, permissions, scopes, plugins, tests, and docs | broad native permission, untrusted IPC input, filesystem escape, shell or updater risk, or WebView/native boundary drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | IPC, permission, scope, filesystem, shell, updater, and native boundary checked, verification, and remaining Tauri risk |
|
|
496
496
|
| File path handling, cross-platform path behavior, path helpers, safe filesystem wrappers, clone or checkout destinations, scaffold roots, temp or cache paths, atomic writes, locks, archive extraction, uploads, downloads, scanners, CLI/API/schema path contracts, snapshots, generated outputs, or package artifact paths are created, changed, reviewed, or reported | `.mustflow/skills/file-path-cross-platform-change/SKILL.md` | Path ledger, trust classes, accepted path representation, base root, path helpers, safe filesystem wrappers, clone/checkout/scaffold/install/extract outputs, staging and promotion policy, temp/cache helpers, lock policy, archive policy, upload/download policy, scanner policy, CLI/API/schema/snapshot/generated/package surfaces, platform expectations, failure taxonomy, and command contract entries | Path validators, helpers, wrappers, schemas, CLI/API parsing, snapshots, fixtures, docs, tests, generated-output paths, package artifact paths, clone or scaffold destinations, archive extraction, scanner bounds, temp/cache handling, locks, and cleanup code | path traversal, base containment bypass, drive-relative path bug, reserved-name bug, case-collision bug, Unicode-collision bug, Git checkout path-length failure misreported as network or auth, unsafe archive extraction, non-atomic write claim, stale lock, scanner loop, partial-output cleanup data loss, user-selected destination deletion, path contract drift, or package artifact path drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Path contract, path ledger, trust classes, root policy, preflight/staging/promotion decisions, Windows/macOS/Linux/archive/upload/download/scanner/lock/temp/cache/atomic/cleanup decisions, failure taxonomy, synchronized contract surfaces, verification, and remaining path risk |
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
mustflow_doc: skill.astro-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 3
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: astro-code-change
|
|
@@ -57,6 +57,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
|
|
|
57
57
|
## Preconditions
|
|
58
58
|
|
|
59
59
|
- Read Astro config, content config, and the affected route tree before changing routing, content, canonical, RSS, sitemap, or hydration behavior.
|
|
60
|
+
- Identify the Astro major version before applying migration rules. Astro v6 changes must be checked against the v6 upgrade guide instead of inferred from older routing or adapter habits.
|
|
60
61
|
- Identify build-time versus request-time data before adding data access.
|
|
61
62
|
- Identify which UI truly needs browser JavaScript and which UI truly needs framework state before adding a framework island.
|
|
62
63
|
- Treat file movement under `src/pages`, route parameter changes, and content slug changes as URL contract changes.
|
|
@@ -73,6 +74,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
|
|
|
73
74
|
## Procedure
|
|
74
75
|
|
|
75
76
|
1. Read package metadata and Astro config first. Record Astro version, framework integrations, `site`, `base`, `trailingSlash`, `output`, adapter, sitemap integration, MDX integration, and any framework integration.
|
|
77
|
+
- For Astro v6 migrations, check removed or changed surfaces before editing call sites: `Astro.glob()` replacement with `import.meta.glob()` or content collections, `.cjs` and `.cts` config removal, `astro:ssr-manifest`, `RouteData.generate()`, old adapter hooks, old `NodeApp` paths, Zod 4 schema effects, and numeric dynamic route params.
|
|
76
78
|
2. Read `src/content.config.*` when content, docs, blog, RSS, sitemap, canonical, or route generation is involved. Record each collection name, loader base, schema fields, slug/id policy, draft field, and date fields.
|
|
77
79
|
3. Build a route ledger from `src/pages`: static pages, dynamic pages, rest routes, endpoints, prerendered routes, on-demand routes, and possible route-priority collisions.
|
|
78
80
|
4. Classify the change: static route, dynamic route, endpoint, content collection, integration, adapter, SSR/on-demand, island, script, asset, RSS, sitemap, canonical, or docs/content.
|
|
@@ -100,7 +102,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
|
|
|
100
102
|
|
|
101
103
|
- In static output, every dynamic route must have `getStaticPaths`.
|
|
102
104
|
- In on-demand or SSR dynamic routes, do not use `getStaticPaths`; read `Astro.params`, perform the request-time lookup, and handle missing entries with an explicit 404 or redirect path.
|
|
103
|
-
- `getStaticPaths` params must match bracket parameter names exactly
|
|
105
|
+
- `getStaticPaths` params must match bracket parameter names exactly. Param values must be strings, except rest parameters may use `undefined`; numeric params are invalid in Astro 6.
|
|
104
106
|
- Custom slugs containing `/` require a rest route such as a catch-all route. Do not force slash-containing slugs into a single named parameter route.
|
|
105
107
|
- Treat changes under `src/pages` as public URL changes, including endpoint names and extension-bearing endpoint paths.
|
|
106
108
|
- Check route priority when adding static routes, named parameters, rest parameters, catch-all routes, and endpoints that could claim the same URL.
|
|
@@ -132,7 +134,7 @@ Reject or revise a change when:
|
|
|
132
134
|
- `client:only` is used because SSR broke, instead of isolating the browser-only dependency.
|
|
133
135
|
- Static output dynamic routes lack `getStaticPaths`.
|
|
134
136
|
- On-demand or SSR dynamic routes use `getStaticPaths`.
|
|
135
|
-
- Route params do not match bracket names
|
|
137
|
+
- Route params do not match bracket names, non-rest params are not strings, rest params use values other than strings or `undefined`, or Astro 6 routes still rely on numeric params.
|
|
136
138
|
- A content slug with `/` is mapped through a non-rest route.
|
|
137
139
|
- Draft filtering differs between lists, detail pages, RSS, sitemap, or pagination.
|
|
138
140
|
- Canonical URLs are built by ad hoc string concatenation.
|