mustflow 2.74.2 → 2.74.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/dist/cli/commands/script-pack.js +132 -3
  2. package/dist/cli/i18n/en.js +30 -3
  3. package/dist/cli/i18n/es.js +30 -3
  4. package/dist/cli/i18n/fr.js +30 -3
  5. package/dist/cli/i18n/hi.js +30 -3
  6. package/dist/cli/i18n/ko.js +30 -3
  7. package/dist/cli/i18n/zh.js +30 -3
  8. package/dist/cli/lib/script-pack-registry.js +53 -0
  9. package/dist/cli/script-packs/repo-generated-boundary.js +94 -0
  10. package/dist/core/generated-boundary.js +231 -0
  11. package/dist/core/public-json-contracts.js +35 -0
  12. package/dist/core/script-pack-suggestions.js +199 -0
  13. package/package.json +1 -1
  14. package/schemas/README.md +8 -1
  15. package/schemas/generated-boundary-report.schema.json +148 -0
  16. package/schemas/script-pack-catalog.schema.json +32 -0
  17. package/schemas/script-pack-suggestion-report.schema.json +159 -0
  18. package/templates/default/common/.mustflow/config/commands.toml +32 -0
  19. package/templates/default/i18n.toml +17 -17
  20. package/templates/default/locales/en/.mustflow/skills/INDEX.md +4 -4
  21. package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +5 -3
  22. package/templates/default/locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md +4 -1
  23. package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +7 -7
  24. package/templates/default/locales/en/.mustflow/skills/elysia-code-change/SKILL.md +15 -8
  25. package/templates/default/locales/en/.mustflow/skills/external-skill-intake/SKILL.md +10 -5
  26. package/templates/default/locales/en/.mustflow/skills/public-json-contract-change/SKILL.md +5 -2
  27. package/templates/default/locales/en/.mustflow/skills/rate-limit-integrity-review/SKILL.md +7 -4
  28. package/templates/default/locales/en/.mustflow/skills/repo-improvement-loop/SKILL.md +6 -2
  29. package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +4 -3
  30. package/templates/default/locales/en/.mustflow/skills/skill-authoring/SKILL.md +3 -1
  31. package/templates/default/locales/en/.mustflow/skills/skill-refresh/SKILL.md +19 -2
  32. package/templates/default/locales/en/.mustflow/skills/tailwind-code-change/SKILL.md +12 -9
  33. package/templates/default/locales/en/.mustflow/skills/template-install-surface-sync/SKILL.md +6 -3
  34. package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +22 -17
  35. package/templates/default/locales/en/.mustflow/skills/unocss-code-change/SKILL.md +16 -5
  36. package/templates/default/locales/en/.mustflow/skills/version-freshness-check/SKILL.md +8 -8
  37. package/templates/default/manifest.toml +1 -1
@@ -0,0 +1,148 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://mustflow.github.io/schemas/generated-boundary-report.schema.json",
4
+ "title": "mustflow generated-boundary report",
5
+ "type": "object",
6
+ "additionalProperties": false,
7
+ "required": [
8
+ "schema_version",
9
+ "command",
10
+ "pack_id",
11
+ "script_id",
12
+ "script_ref",
13
+ "action",
14
+ "status",
15
+ "ok",
16
+ "mustflow_root",
17
+ "policy",
18
+ "input_hash",
19
+ "targets",
20
+ "findings",
21
+ "issues"
22
+ ],
23
+ "properties": {
24
+ "schema_version": { "const": "1" },
25
+ "command": { "const": "script-pack" },
26
+ "pack_id": { "const": "repo" },
27
+ "script_id": { "const": "generated-boundary" },
28
+ "script_ref": { "const": "repo/generated-boundary" },
29
+ "action": { "const": "check" },
30
+ "status": { "enum": ["passed", "failed", "error"] },
31
+ "ok": { "type": "boolean" },
32
+ "mustflow_root": { "type": "string" },
33
+ "policy": { "$ref": "#/$defs/policy" },
34
+ "input_hash": { "$ref": "#/$defs/sha256" },
35
+ "targets": {
36
+ "type": "array",
37
+ "items": { "$ref": "#/$defs/target" }
38
+ },
39
+ "findings": {
40
+ "type": "array",
41
+ "items": { "$ref": "#/$defs/finding" }
42
+ },
43
+ "issues": {
44
+ "type": "array",
45
+ "items": { "type": "string" }
46
+ }
47
+ },
48
+ "$defs": {
49
+ "sha256": {
50
+ "type": "string",
51
+ "pattern": "^sha256:[a-f0-9]{64}$"
52
+ },
53
+ "category": {
54
+ "enum": ["generated", "ignored", "protected", "vendor", "cache", "outside_root"]
55
+ },
56
+ "patternSource": {
57
+ "enum": ["mustflow_config", "builtin"]
58
+ },
59
+ "patternMatch": {
60
+ "type": "object",
61
+ "additionalProperties": false,
62
+ "required": ["category", "pattern", "source"],
63
+ "properties": {
64
+ "category": { "$ref": "#/$defs/category" },
65
+ "pattern": { "type": "string" },
66
+ "source": { "$ref": "#/$defs/patternSource" }
67
+ }
68
+ },
69
+ "policy": {
70
+ "type": "object",
71
+ "additionalProperties": false,
72
+ "required": [
73
+ "config_path",
74
+ "config_loaded",
75
+ "generated_patterns",
76
+ "ignored_patterns",
77
+ "protected_patterns",
78
+ "builtin_generated_patterns",
79
+ "builtin_vendor_patterns",
80
+ "builtin_cache_patterns",
81
+ "builtin_protected_patterns"
82
+ ],
83
+ "properties": {
84
+ "config_path": { "const": ".mustflow/config/mustflow.toml" },
85
+ "config_loaded": { "type": "boolean" },
86
+ "generated_patterns": { "$ref": "#/$defs/stringArray" },
87
+ "ignored_patterns": { "$ref": "#/$defs/stringArray" },
88
+ "protected_patterns": { "$ref": "#/$defs/stringArray" },
89
+ "builtin_generated_patterns": { "$ref": "#/$defs/stringArray" },
90
+ "builtin_vendor_patterns": { "$ref": "#/$defs/stringArray" },
91
+ "builtin_cache_patterns": { "$ref": "#/$defs/stringArray" },
92
+ "builtin_protected_patterns": { "$ref": "#/$defs/stringArray" }
93
+ }
94
+ },
95
+ "stringArray": {
96
+ "type": "array",
97
+ "items": { "type": "string" }
98
+ },
99
+ "target": {
100
+ "type": "object",
101
+ "additionalProperties": false,
102
+ "required": ["input", "path", "exists", "kind", "matched_boundaries", "matched_patterns"],
103
+ "properties": {
104
+ "input": { "type": "string" },
105
+ "path": { "type": "string" },
106
+ "exists": { "type": ["boolean", "null"] },
107
+ "kind": { "enum": ["file", "directory", "missing", "other", "unknown"] },
108
+ "matched_boundaries": {
109
+ "type": "array",
110
+ "items": { "$ref": "#/$defs/category" }
111
+ },
112
+ "matched_patterns": {
113
+ "type": "array",
114
+ "items": { "$ref": "#/$defs/patternMatch" }
115
+ }
116
+ }
117
+ },
118
+ "finding": {
119
+ "type": "object",
120
+ "additionalProperties": false,
121
+ "required": ["code", "severity", "message", "path", "boundary", "pattern", "source"],
122
+ "properties": {
123
+ "code": {
124
+ "enum": [
125
+ "generated_boundary_generated_path",
126
+ "generated_boundary_ignored_path",
127
+ "generated_boundary_protected_path",
128
+ "generated_boundary_vendor_path",
129
+ "generated_boundary_cache_path",
130
+ "generated_boundary_path_outside_root",
131
+ "generated_boundary_unreadable_path"
132
+ ]
133
+ },
134
+ "severity": { "enum": ["low", "medium", "high", "critical"] },
135
+ "message": { "type": "string" },
136
+ "path": { "type": "string" },
137
+ "boundary": { "$ref": "#/$defs/category" },
138
+ "pattern": { "type": ["string", "null"] },
139
+ "source": {
140
+ "anyOf": [
141
+ { "$ref": "#/$defs/patternSource" },
142
+ { "type": "null" }
143
+ ]
144
+ }
145
+ }
146
+ }
147
+ }
148
+ }
@@ -56,6 +56,38 @@
56
56
  "items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" },
57
57
  "minItems": 1
58
58
  },
59
+ "use_when": {
60
+ "type": "array",
61
+ "items": { "type": "string" },
62
+ "minItems": 1
63
+ },
64
+ "phases": {
65
+ "type": "array",
66
+ "items": {
67
+ "type": "string",
68
+ "enum": ["before_change", "during_change", "after_change", "review"]
69
+ },
70
+ "minItems": 1
71
+ },
72
+ "read_only": { "type": "boolean" },
73
+ "mutates": { "type": "boolean" },
74
+ "network": { "type": "boolean" },
75
+ "inputs": {
76
+ "type": "array",
77
+ "items": { "type": "string", "pattern": "^[a-z0-9]+(?:_[a-z0-9]+)*$" },
78
+ "minItems": 1
79
+ },
80
+ "outputs": {
81
+ "type": "array",
82
+ "items": { "type": "string", "pattern": "^[a-z0-9]+(?:_[a-z0-9]+)*$" },
83
+ "minItems": 1
84
+ },
85
+ "related_skills": {
86
+ "type": "array",
87
+ "items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
88
+ },
89
+ "risk_level": { "type": "string", "enum": ["low", "medium", "high"] },
90
+ "cost": { "type": "string", "enum": ["low", "medium", "high"] },
59
91
  "report_schema_file": {
60
92
  "anyOf": [
61
93
  { "type": "string", "pattern": "^[a-z0-9-]+\\.schema\\.json$" },
@@ -0,0 +1,159 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://mustflow.github.io/schemas/script-pack-suggestion-report.schema.json",
4
+ "title": "mustflow script-pack suggestion report",
5
+ "type": "object",
6
+ "additionalProperties": false,
7
+ "required": [
8
+ "schema_version",
9
+ "command",
10
+ "action",
11
+ "status",
12
+ "ok",
13
+ "mustflow_root",
14
+ "input",
15
+ "analyzed_paths",
16
+ "suggestions",
17
+ "issues"
18
+ ],
19
+ "properties": {
20
+ "schema_version": { "const": "1" },
21
+ "command": { "const": "script-pack" },
22
+ "action": { "const": "suggest" },
23
+ "status": { "type": "string", "enum": ["suggested", "empty", "partial"] },
24
+ "ok": { "type": "boolean" },
25
+ "mustflow_root": { "type": "string" },
26
+ "input": { "$ref": "#/$defs/input" },
27
+ "analyzed_paths": {
28
+ "type": "array",
29
+ "items": { "$ref": "#/$defs/analyzedPath" }
30
+ },
31
+ "suggestions": {
32
+ "type": "array",
33
+ "items": { "$ref": "#/$defs/suggestion" }
34
+ },
35
+ "issues": {
36
+ "type": "array",
37
+ "items": { "type": "string" }
38
+ }
39
+ },
40
+ "$defs": {
41
+ "phase": {
42
+ "type": "string",
43
+ "enum": ["before_change", "during_change", "after_change", "review"]
44
+ },
45
+ "surface": {
46
+ "type": "string",
47
+ "enum": [
48
+ "config",
49
+ "docs",
50
+ "generated",
51
+ "package",
52
+ "schema",
53
+ "skill",
54
+ "source",
55
+ "template",
56
+ "test",
57
+ "unknown"
58
+ ]
59
+ },
60
+ "input": {
61
+ "type": "object",
62
+ "additionalProperties": false,
63
+ "required": ["phases", "skills", "paths", "changed"],
64
+ "properties": {
65
+ "phases": {
66
+ "type": "array",
67
+ "items": { "$ref": "#/$defs/phase" }
68
+ },
69
+ "skills": {
70
+ "type": "array",
71
+ "items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
72
+ },
73
+ "paths": {
74
+ "type": "array",
75
+ "items": { "type": "string" }
76
+ },
77
+ "changed": { "type": "boolean" }
78
+ }
79
+ },
80
+ "analyzedPath": {
81
+ "type": "object",
82
+ "additionalProperties": false,
83
+ "required": ["path", "surfaces"],
84
+ "properties": {
85
+ "path": { "type": "string" },
86
+ "surfaces": {
87
+ "type": "array",
88
+ "items": { "$ref": "#/$defs/surface" },
89
+ "minItems": 1
90
+ }
91
+ }
92
+ },
93
+ "suggestion": {
94
+ "type": "object",
95
+ "additionalProperties": false,
96
+ "required": [
97
+ "script_ref",
98
+ "score",
99
+ "confidence",
100
+ "usage",
101
+ "phases",
102
+ "matched_phases",
103
+ "matched_skills",
104
+ "matched_surfaces",
105
+ "reasons",
106
+ "read_only",
107
+ "mutates",
108
+ "network",
109
+ "risk_level",
110
+ "cost",
111
+ "report_schema_file",
112
+ "run_hint"
113
+ ],
114
+ "properties": {
115
+ "script_ref": {
116
+ "type": "string",
117
+ "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*/[a-z0-9]+(?:-[a-z0-9]+)*$"
118
+ },
119
+ "score": { "type": "integer", "minimum": 0 },
120
+ "confidence": { "type": "string", "enum": ["low", "medium", "high"] },
121
+ "usage": { "type": "string" },
122
+ "phases": {
123
+ "type": "array",
124
+ "items": { "$ref": "#/$defs/phase" },
125
+ "minItems": 1
126
+ },
127
+ "matched_phases": {
128
+ "type": "array",
129
+ "items": { "$ref": "#/$defs/phase" }
130
+ },
131
+ "matched_skills": {
132
+ "type": "array",
133
+ "items": { "type": "string", "pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$" }
134
+ },
135
+ "matched_surfaces": {
136
+ "type": "array",
137
+ "items": { "$ref": "#/$defs/surface" }
138
+ },
139
+ "reasons": {
140
+ "type": "array",
141
+ "items": { "type": "string" },
142
+ "minItems": 1
143
+ },
144
+ "read_only": { "type": "boolean" },
145
+ "mutates": { "type": "boolean" },
146
+ "network": { "type": "boolean" },
147
+ "risk_level": { "type": "string", "enum": ["low", "medium", "high"] },
148
+ "cost": { "type": "string", "enum": ["low", "medium", "high"] },
149
+ "report_schema_file": {
150
+ "anyOf": [
151
+ { "type": "string", "pattern": "^[a-z0-9-]+\\.schema\\.json$" },
152
+ { "type": "null" }
153
+ ]
154
+ },
155
+ "run_hint": { "type": "string" }
156
+ }
157
+ }
158
+ }
159
+ }
@@ -143,6 +143,38 @@ network = false
143
143
  destructive = false
144
144
  required_after = ["code_change", "behavior_change", "test_change", "public_api_change", "performance_change", "unknown_change"]
145
145
 
146
+ [intents.script_pack_list]
147
+ status = "configured"
148
+ kind = "mustflow_builtin"
149
+ lifecycle = "oneshot"
150
+ run_policy = "agent_allowed"
151
+ description = "List bundled mustflow script-pack utilities and routing metadata read-only."
152
+ argv = ["mf", "script-pack", "list", "--json"]
153
+ cwd = "."
154
+ timeout_seconds = 120
155
+ stdin = "closed"
156
+ success_exit_codes = [0]
157
+ writes = []
158
+ network = false
159
+ destructive = false
160
+ required_after = ["before_task", "docs_change", "public_api_change", "unknown_change"]
161
+
162
+ [intents.script_pack_suggest_changed]
163
+ status = "configured"
164
+ kind = "mustflow_builtin"
165
+ lifecycle = "oneshot"
166
+ run_policy = "agent_allowed"
167
+ description = "Suggest bundled mustflow script-pack utilities for current changed files read-only."
168
+ argv = ["mf", "script-pack", "suggest", "--changed", "--json"]
169
+ cwd = "."
170
+ timeout_seconds = 120
171
+ stdin = "closed"
172
+ success_exit_codes = [0]
173
+ writes = []
174
+ network = false
175
+ destructive = false
176
+ required_after = ["before_task", "docs_change", "public_api_change", "mustflow_docs_change", "unknown_change"]
177
+
146
178
  [intents.prompt_cache_audit]
147
179
  status = "configured"
148
180
  kind = "mustflow_builtin"
@@ -62,7 +62,7 @@ translations = {}
62
62
  [documents."skills.index"]
63
63
  source = "locales/en/.mustflow/skills/INDEX.md"
64
64
  source_locale = "en"
65
- revision = 173
65
+ revision = 174
66
66
  translations = {}
67
67
 
68
68
  [documents."skill.adapter-boundary"]
@@ -356,7 +356,7 @@ translations = {}
356
356
  [documents."skill.rate-limit-integrity-review"]
357
357
  source = "locales/en/.mustflow/skills/rate-limit-integrity-review/SKILL.md"
358
358
  source_locale = "en"
359
- revision = 1
359
+ revision = 2
360
360
  translations = {}
361
361
 
362
362
  [documents."skill.idempotency-integrity-review"]
@@ -469,13 +469,13 @@ translations = {}
469
469
  [documents."skill.dependency-upgrade-review"]
470
470
  source = "locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md"
471
471
  source_locale = "en"
472
- revision = 3
472
+ revision = 4
473
473
  translations = {}
474
474
 
475
475
  [documents."skill.version-freshness-check"]
476
476
  source = "locales/en/.mustflow/skills/version-freshness-check/SKILL.md"
477
477
  source_locale = "en"
478
- revision = 6
478
+ revision = 7
479
479
  translations = {}
480
480
 
481
481
  [documents."skill.line-ending-hygiene"]
@@ -517,7 +517,7 @@ translations = {}
517
517
  [documents."skill.astro-code-change"]
518
518
  source = "locales/en/.mustflow/skills/astro-code-change/SKILL.md"
519
519
  source_locale = "en"
520
- revision = 2
520
+ revision = 3
521
521
  translations = {}
522
522
 
523
523
  [documents."skill.auth-permission-change"]
@@ -571,7 +571,7 @@ translations = {}
571
571
  [documents."skill.elysia-code-change"]
572
572
  source = "locales/en/.mustflow/skills/elysia-code-change/SKILL.md"
573
573
  source_locale = "en"
574
- revision = 1
574
+ revision = 2
575
575
  translations = {}
576
576
 
577
577
  [documents."skill.flutter-code-change"]
@@ -625,7 +625,7 @@ translations = {}
625
625
  [documents."skill.rust-code-change"]
626
626
  source = "locales/en/.mustflow/skills/rust-code-change/SKILL.md"
627
627
  source_locale = "en"
628
- revision = 4
628
+ revision = 5
629
629
  translations = {}
630
630
 
631
631
  [documents."skill.runtime-target-selection"]
@@ -655,7 +655,7 @@ translations = {}
655
655
  [documents."skill.tailwind-code-change"]
656
656
  source = "locales/en/.mustflow/skills/tailwind-code-change/SKILL.md"
657
657
  source_locale = "en"
658
- revision = 3
658
+ revision = 4
659
659
  translations = {}
660
660
 
661
661
  [documents."skill.tauri-code-change"]
@@ -667,13 +667,13 @@ translations = {}
667
667
  [documents."skill.typescript-code-change"]
668
668
  source = "locales/en/.mustflow/skills/typescript-code-change/SKILL.md"
669
669
  source_locale = "en"
670
- revision = 3
670
+ revision = 4
671
671
  translations = {}
672
672
 
673
673
  [documents."skill.unocss-code-change"]
674
674
  source = "locales/en/.mustflow/skills/unocss-code-change/SKILL.md"
675
675
  source_locale = "en"
676
- revision = 3
676
+ revision = 4
677
677
  translations = {}
678
678
 
679
679
  [documents."skill.service-boundary-architecture"]
@@ -691,7 +691,7 @@ translations = {}
691
691
  [documents."skill.completion-evidence-gate"]
692
692
  source = "locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md"
693
693
  source_locale = "en"
694
- revision = 2
694
+ revision = 3
695
695
  translations = {}
696
696
 
697
697
  [documents."skill.evidence-stall-breaker"]
@@ -709,7 +709,7 @@ translations = {}
709
709
  [documents."skill.public-json-contract-change"]
710
710
  source = "locales/en/.mustflow/skills/public-json-contract-change/SKILL.md"
711
711
  source_locale = "en"
712
- revision = 1
712
+ revision = 2
713
713
  translations = {}
714
714
 
715
715
  [documents."skill.provenance-license-gate"]
@@ -781,7 +781,7 @@ translations = {}
781
781
  [documents."skill.external-skill-intake"]
782
782
  source = "locales/en/.mustflow/skills/external-skill-intake/SKILL.md"
783
783
  source_locale = "en"
784
- revision = 2
784
+ revision = 3
785
785
  translations = {}
786
786
 
787
787
  [documents."skill.github-contribution-quality-gate"]
@@ -846,7 +846,7 @@ translations = {}
846
846
  [documents."skill.repo-improvement-loop"]
847
847
  source = "locales/en/.mustflow/skills/repo-improvement-loop/SKILL.md"
848
848
  source_locale = "en"
849
- revision = 1
849
+ revision = 2
850
850
  translations = {}
851
851
 
852
852
  [documents."skill.requirement-regression-guard"]
@@ -936,13 +936,13 @@ translations = {}
936
936
  [documents."skill.skill-refresh"]
937
937
  source = "locales/en/.mustflow/skills/skill-refresh/SKILL.md"
938
938
  source_locale = "en"
939
- revision = 1
939
+ revision = 2
940
940
  translations = {}
941
941
 
942
942
  [documents."skill.skill-authoring"]
943
943
  source = "locales/en/.mustflow/skills/skill-authoring/SKILL.md"
944
944
  source_locale = "en"
945
- revision = 8
945
+ revision = 9
946
946
  translations = {}
947
947
 
948
948
  [documents."skill.task-instruction-authoring"]
@@ -954,7 +954,7 @@ translations = {}
954
954
  [documents."skill.template-install-surface-sync"]
955
955
  source = "locales/en/.mustflow/skills/template-install-surface-sync/SKILL.md"
956
956
  source_locale = "en"
957
- revision = 1
957
+ revision = 2
958
958
  translations = {}
959
959
 
960
960
  [documents."skill.restricted-handoff-resume"]
@@ -2,7 +2,7 @@
2
2
  mustflow_doc: skills.index
3
3
  locale: en
4
4
  canonical: true
5
- revision: 173
5
+ revision: 174
6
6
  authority: router
7
7
  lifecycle: mustflow-owned
8
8
  ---
@@ -421,7 +421,7 @@ routes. Event routes stay inactive until their event occurs.
421
421
  | Node.js runtime code, package manager ownership, module format, package entry metadata, native dependencies, Node test runner behavior, TypeScript execution mode, or deployment runtime support is created or changed | `.mustflow/skills/node-code-change/SKILL.md` | Node version signals, package manager and lockfile owner, module/package metadata, TypeScript loader, test runner, native dependency, deployment target, and command contract entries | Node runtime code, package metadata, lockfiles, scripts, CI or Docker runtime declarations, test runner config, native dependency handling, docs examples, and directly synchronized package surfaces | newest-Node assumption, package manager drift, ESM/CJS break, blocked deep import, native dependency break, Node native TypeScript overclaim, test runner migration risk, deployment mismatch, or permission-model overclaim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Runtime and package manager decision, module/package entry notes, TypeScript/test runner notes, native/deployment risks, verification, and remaining Node.js risk |
422
422
  | Bun runtime code, Bun package manager behavior, `bun.lock`, `bunfig.toml`, Bun test runner behavior, Bun bundling, Bun TypeScript execution, or Bun-specific APIs are created or changed | `.mustflow/skills/bun-code-change/SKILL.md` | Bun role signals, `package.json`, Bun and non-Bun lockfiles, `bunfig.toml`, CI/Docker Bun setup, TypeScript config, Bun APIs, native dependency signals, and command contract entries | Bun runtime code, Bun package manager metadata, lockfiles, `bunfig.toml`, scripts, tests, bundler config, TypeScript/declaration pipeline, package metadata, and directly synchronized docs | Bun role confusion, lockfile drift, trusted dependency overgrant, runtime/package-manager conflation, Bun TypeScript typecheck overclaim, Bun build declaration gap, Node compatibility break, shebang mismatch, or native binary break | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Bun role classification, lockfile/trust notes, runtime/type/build/test notes, Node compatibility risks, verification, and remaining Bun risk |
423
423
  | Dockerfiles, `.dockerignore`, Docker Compose files, BuildKit or buildx behavior, container image metadata, tags, entrypoints, health checks, Docker CI workflows, image security scanning, SBOM or provenance settings, registry publishing, or container runtime validation are created or changed | `.mustflow/skills/docker-code-change/SKILL.md` | Docker surfaces, project image shape, base image and platform signals, build context and cache signals, runtime contract, security and supply-chain contract, and command contract entries | Dockerfiles, `.dockerignore`, Compose files, container CI workflow snippets, image metadata, package tests, docs examples, template metadata, and directly synchronized skill routes | cache breakage, secret leak, root runtime, host access escape, dev dependency in final image, mutable tag drift, untrusted CI publish, missing SBOM/provenance, unverified runtime, or false production-readiness claim | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Docker surface classification, image/base/cache/stage decisions, secret/user/runtime/Compose/CI supply-chain notes, verification, and remaining Docker risk |
424
- | TypeScript source, declarations, tsconfig, package exports, module resolution, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces, native preview tooling, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, compiler track, package entry metadata, target runtime, changed files, declaration and native-preview surfaces, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, native-preview comparison notes, and directly synchronized docs | weakened type safety, module drift, public API drift, unverified declaration output, TypeScript 6 deprecation suppression, or native-preview over-adoption | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, public API, compiler-version, and native-preview boundary checked, changes made, verification, and remaining TypeScript risk |
424
+ | TypeScript source, declarations, tsconfig, package exports, module resolution, public API, compiler-version behavior, TypeScript 6-to-7 migration surfaces, TypeScript 7 RC or nightly tooling, or TypeScript tests are created or changed | `.mustflow/skills/typescript-code-change/SKILL.md` | TypeScript config, compiler track, package entry metadata, target runtime, changed files, declaration, TS6 API, TS7 RC, and optional TS7 nightly surfaces, and command contract entries | TypeScript source, declarations, compiler config, exports, tests, compiler-track comparison notes, and directly synchronized docs | weakened type safety, module drift, public API drift, unverified declaration output, TypeScript 6 deprecation suppression, TS7 RC over-adoption, TS7 nightly over-adoption, or compiler API track drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, module, type, public API, compiler-version, RC, nightly, and API-track boundary checked, changes made, verification, and remaining TypeScript risk |
425
425
  | JavaScript source, module format, package entry, browser or Node runtime, dependency usage, Promise handling, bundler config, or JavaScript tests are created or changed | `.mustflow/skills/javascript-code-change/SKILL.md` | Package metadata, module system, runtime target, entrypoints, changed files, and command contract entries | JavaScript source, package exports, bundler config, dependencies, tests, and docs examples | runtime API leakage, ESM/CJS drift, discarded Promise, dependency bloat, or broken package entry | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime and module boundary checked, async and dependency notes, verification, and remaining JavaScript risk |
426
426
  | Python source, package metadata, runtime version, import layout, type checking, linting, CLI entry points, or tests are created or changed | `.mustflow/skills/python-code-change/SKILL.md` | Python version source, packaging files, import layout, lint/type/test config, changed files, and command contract entries | Python source, packaging metadata, imports, type hints, tests, and docs examples | unsupported syntax, import hacks, packaging drift, swallowed errors, or weakened lint/type checks | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | Runtime, packaging, import, and type boundary checked, verification, and remaining Python risk |
427
427
  | PowerShell scripts, modules, command examples, `pwsh` invocations, native-command wrappers, quoting, here-strings, splatting, regex, wildcard, replacement strings, or PowerShell argument passing are created or changed | `.mustflow/skills/powershell-code-change/SKILL.md` | PowerShell version and invocation path, parser layers, native-command boundary, dynamic input boundaries, changed files, and command contract entries | PowerShell scripts, modules, package scripts, CI snippets, docs examples, native-command wrappers, tests, and directly synchronized docs | parser-layer confusion, quote loss, variable over-expansion, metacharacter interpretation, native argv drift, command injection, `--%` overuse, or cross-shell `-Command` breakage | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | PowerShell version and invocation boundary, parser ledger, string/here-string/regex/wildcard/replacement/native argv decisions, verification, and remaining PowerShell risk |
@@ -488,9 +488,9 @@ routes. Event routes stay inactive until their event occurs.
488
488
  | Database lock contention review needs to catch blocking visible in the diff, including hot rows, mutable counter caches, balance or stock updates, reservation flows, queue table claiming, `SELECT ... FOR UPDATE`, weaker row-lock choices, optimistic version checks, conditional updates, lock order, deadlock retry, MySQL/InnoDB gap or next-key locks, PostgreSQL row-lock variants, SQL Server lock escalation, long transactions, external calls inside transactions, DDL or metadata lock waits, idle-in-transaction blockers, lock timeout policy, connection-pool waits, or lock observability | `.mustflow/skills/database-lock-contention-review/SKILL.md` | Contended resource, workload concentration, database engine and isolation, lock path, index and predicate shape, transaction width, queue claim model, batch size, timeout and retry policy, observability evidence, and configured command intents | Data-shape changes such as ledgers, reservations, sharded counters, materialized summaries, conditional updates, weaker locks, stable lock order, chunked batches, queue shards, timeout policy, focused tests, docs, and directly synchronized templates | hot-row serialization, parent-counter bottleneck, select-then-update race, over-strong `FOR UPDATE`, missing lock-footprint index, gap-lock insert block, metadata-lock surprise, unordered multi-row deadlock, unchunked write outage, queue head contention, hidden FK parent lock, idle transaction blocking DDL, infinite lock wait, pool starvation, unsafe deadlock retry, or missing blocker/waiter evidence | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Lock-contention surface reviewed, contended resource and workload ledger, lock strength/order/index/queue/batch/DDL/timeout/pool/observability findings, evidence level, verification, and remaining database lock-contention risk |
489
489
  | SQLite-specific schema, query, transaction, migration, indexing, extension, WAL, local-file persistence, embedded database, mobile database, browser OPFS/WASM SQLite, cache index, or SQLite runtime behavior is created, changed, reviewed, or reported | `.mustflow/skills/sqlite-code-change/SKILL.md` | SQLite role, runtime and binding, file ownership, storage medium, concurrency shape, schema/type rules, query/index evidence, migration and recovery needs, changed files, and command contract entries | SQLite schema, queries, connection setup, transactions, pragmas, indexes, migrations, fixtures, tests, docs, and directly synchronized templates | wrong runtime assumption, file-lock surprise, WAL overclaim, network filesystem risk, disabled foreign keys, weak type constraints, unsafe raw SQL, query-plan overclaim, sidecar-file data loss, failed migration rebuild, or unverified backup/restore | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | SQLite runtime, storage, WAL/concurrency, schema/type/constraint, query/index, migration, backup/restore, verification, and remaining SQLite risk |
490
490
  | PostgreSQL-specific schema, query, transaction, migration, indexing, extension, role, row-level security, connection pooling, replication, backup, restore, managed Postgres, or Postgres runtime behavior is created, changed, reviewed, or reported | `.mustflow/skills/postgresql-code-change/SKILL.md` | PostgreSQL role, version, provider, extension inventory, topology, pooler, schema/type rules, query-plan evidence, transaction/retry rules, migration and recovery needs, changed files, and command contract entries | PostgreSQL schema, queries, migrations, generated SQL, connection setup, pool settings, roles, RLS policies, extensions, tests, docs, and directly synchronized templates | version drift, provider constraint miss, connection storm, lock or rewrite surprise, unsafe online DDL claim, bad pooler assumption, RLS bypass, search-path risk, extension drift, stale replica read, query-plan overclaim, or unverified restore | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | PostgreSQL version/topology, pooling, lock/transaction, schema/type/RLS/role, query/index/statistics, backup/restore, verification, and remaining PostgreSQL risk |
491
- | Dependency versions, lockfiles, package-manager metadata, workspace constraints, runtime engines, peer dependencies, optional dependencies, security advisory fixes, generated dependency output, framework plugins, TypeScript compiler tracks, CI actions, Docker base images, package manager behavior, or toolchain versions are upgraded, downgraded, pinned, widened, regenerated, reviewed, or reported | `.mustflow/skills/dependency-upgrade-review/SKILL.md` | Dependency name, old and new versions or ranges, direct or transitive path, ecosystem and package manager, declaration files, lockfiles, runtime or toolchain files, advisory or release-note evidence, generated outputs, callers, docs, package output, Docker, CI, or TypeScript compiler-track surfaces, and command contract entries | Package declarations, lockfiles, generated outputs, compatibility code, tests, docs, package metadata, Docker or CI files, TypeScript compiler-track notes, and directly synchronized examples | lockfile churn, hidden transitive replacement, peer or engine break, module-format drift, native or optional package break, framework or generator output drift, unsafe broad security update, weakened tests, Docker or CI runtime drift, native-preview over-adoption, or unreviewed supply-chain change | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Upgrade reason, ecosystem surface, direct and transitive graph changes, compatibility classification, runtime/peer/engine/module/feature/platform/generated-output/compiler-track risks, synchronized surfaces, verification, and remaining dependency-upgrade risk |
491
+ | Dependency versions, lockfiles, package-manager metadata, workspace constraints, runtime engines, peer dependencies, optional dependencies, security advisory fixes, generated dependency output, framework plugins, TypeScript compiler tracks, CI actions, Docker base images, package manager behavior, or toolchain versions are upgraded, downgraded, pinned, widened, regenerated, reviewed, or reported | `.mustflow/skills/dependency-upgrade-review/SKILL.md` | Dependency name, old and new versions or ranges, direct or transitive path, ecosystem and package manager, declaration files, lockfiles, runtime or toolchain files, advisory or release-note evidence, generated outputs, callers, docs, package output, Docker, CI, or TypeScript compiler-track surfaces, and command contract entries | Package declarations, lockfiles, generated outputs, compatibility code, tests, docs, package metadata, Docker or CI files, TypeScript compiler-track notes, and directly synchronized examples | lockfile churn, hidden transitive replacement, peer or engine break, module-format drift, native or optional package break, framework or generator output drift, unsafe broad security update, weakened tests, Docker or CI runtime drift, TS7 RC over-adoption, TS7 nightly over-adoption, or unreviewed supply-chain change | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Upgrade reason, ecosystem surface, direct and transitive graph changes, compatibility classification, runtime/peer/engine/module/feature/platform/generated-output/compiler-track risks, synchronized surfaces, verification, and remaining dependency-upgrade risk |
492
492
  | Dependency, package, runtime, framework, tool, command, plugin, service, platform capability, supported-version policy, security patch path, ecosystem maturity claim, maintainer-risk assumption, runtime portability claim, edge or serverless compatibility claim, critical-path library choice, package script, lifecycle hook, binary download, lockfile, audit result, or supply-chain-sensitive dependency surface is assumed, added, removed, imported, invoked, installed, audited, or documented | `.mustflow/skills/dependency-reality-check/SKILL.md` | Assumed dependency or capability, declaration files, version or feature expectation, role criticality, supported-version or end-of-life evidence, patchability expectation, runtime compatibility boundary, maintainer and ecosystem evidence when available, lockfile entry, package script or lifecycle hook, audit or provenance evidence, and relevant command intents | Package metadata, lockfiles, imports, scripts, command contracts, docs, tests, runtime policy notes, portability notes, and reports | unavailable dependency, hallucinated or lookalike package, fragile single-maintainer core dependency, experimental technology in a survival path, unsupported runtime, unclear security patch path, runtime-specific API leakage into core logic, stale version claim, lifecycle script risk, audit suppression, lockfile drift, or install guidance mismatch | `changes_status`, `changes_diff_summary`, `build`, `test_release`, `mustflow_check` | Dependency checked, ecosystem and maintainer-risk boundary reviewed, supported-version, patchability, and runtime-portability boundary reviewed, supply-chain surface reviewed, declarations synchronized, verification, and remaining dependency risk |
493
- | Generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, TypeScript compiler-track references, Rust release or MSRV references, or migration-sensitive snippets introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, or scaffold commands that may be stale | `.mustflow/skills/version-freshness-check/SKILL.md` | Versioned reference, owning files, repository version policy, approved freshness source, compatibility context, migration risk, TypeScript compiler track or Rust MSRV/toolchain track when relevant, and command contract entries | Package metadata, lockfiles, CI workflows, Dockerfiles, runtime files, framework config, docs, examples, templates, tests, and version-decision reports | stale default version, false latest claim, accidental major migration, repository policy mismatch, unsupported generated example, TypeScript beta/native-preview track confusion, Rust stable/nightly/MSRV confusion, floating-tag drift, or unverified security/support claim | `changes_status`, `changes_diff_summary`, `build`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Versioned surfaces checked, repository policy and freshness source, selected version track, compatibility classification, TypeScript stable/beta/native-preview and Rust stable/nightly/MSRV split when relevant, approval need, synchronized surfaces, verification, and remaining version-freshness risk |
493
+ | Generated or edited code, configuration, CI workflows, package metadata, install instructions, examples, Docker images, framework setup, runtime declarations, toolchain declarations, TypeScript compiler-track references, Rust release or MSRV references, or migration-sensitive snippets introduce explicit external version references, action refs, package ranges, runtime versions, framework majors, Docker image tags, or scaffold commands that may be stale | `.mustflow/skills/version-freshness-check/SKILL.md` | Versioned reference, owning files, repository version policy, approved freshness source, compatibility context, migration risk, TypeScript compiler track or Rust MSRV/toolchain track when relevant, and command contract entries | Package metadata, lockfiles, CI workflows, Dockerfiles, runtime files, framework config, docs, examples, templates, tests, and version-decision reports | stale default version, false latest claim, accidental major migration, repository policy mismatch, unsupported generated example, TypeScript RC/nightly/API-track confusion, Rust stable/nightly/MSRV confusion, floating-tag drift, or unverified security/support claim | `changes_status`, `changes_diff_summary`, `build`, `test_related`, `docs_validate_fast`, `test_release`, `mustflow_check` | Versioned surfaces checked, repository policy and freshness source, selected version track, compatibility classification, TypeScript stable/RC/nightly/API-track and Rust stable/nightly/MSRV split when relevant, approval need, synchronized surfaces, verification, and remaining version-freshness risk |
494
494
  | External systems, protocols, SDKs, databases, webhooks, queues, files, object storage, signed upload or download URLs, caches, API response models, framework requests or responses, server actions, route handlers, edge functions, worker handlers, AI models, browser storage, search engines, analytics tools, email platforms, no-code tools, observability backends, trace or request context, provider data, or volatile component implementations cross the core boundary or need stable port/adapter translation, change isolation, error mapping, timeout, retry, circuit-breaker, bulkhead, idempotency, reconciliation, security, core-state ownership, vendor portability, or observability handling | `.mustflow/skills/adapter-boundary/SKILL.md` | External system or protocol, inbound/outbound direction, delivery boundary, internal use case, local port/adapter patterns, provider risk, provider failure policy, core-state ownership risk, vendor portability risk, observability identifier policy, API contract risk, change-isolation ledger, preserved consumer contract, changed files, and command contract entries | Ports, adapters, mappers, controllers, workers, stores, gateways, response mappers, telemetry mappers, timeout and retry policies, circuit breakers, bulkhead boundaries, tests, fixtures, assembly wiring, and directly synchronized docs or templates | provider leakage, caller churn from adapter-only changes, framework business-rule leakage, telemetry backend leakage, storage-key leakage, screen-shaped API coupling, pass-through wrapper, SaaS dashboard as truth source, search or analytics policy leakage, queue contract leakage, unclassified external failure, duplicate side effect, unsafe retry, missing timeout, missing circuit breaker, missing bulkhead, unresolved unknown provider outcome, broken identifier propagation, secret or personal-data leak, or untested integration drift | `changes_status`, `changes_diff_summary`, `test_related`, `test`, `lint`, `build`, `docs_validate_fast`, `test_release`, `mustflow_check` | Boundary classification, change-isolation ledger, preserved consumer contract, delivery adapter responsibility, internal port, provider containment, core-state ownership, vendor portability, validation and mapping, API response mapping, observability identifier flow, timeout/retry/circuit-breaker/bulkhead/idempotency handling, reconciliation behavior, security notes, verification, and remaining provider risk |
495
495
  | Tauri frontend invokes, Rust commands, capabilities, permissions, scopes, plugins, filesystem, dialog, shell, opener, updater, sidecar, or mobile native permissions are created or changed | `.mustflow/skills/tauri-code-change/SKILL.md` | Frontend call sites, Tauri config, Rust commands, capability and permission files, plugin config, changed files, and command contract entries | Tauri frontend, Rust commands, capabilities, permissions, scopes, plugins, tests, and docs | broad native permission, untrusted IPC input, filesystem escape, shell or updater risk, or WebView/native boundary drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `mustflow_check` | IPC, permission, scope, filesystem, shell, updater, and native boundary checked, verification, and remaining Tauri risk |
496
496
  | File path handling, cross-platform path behavior, path helpers, safe filesystem wrappers, clone or checkout destinations, scaffold roots, temp or cache paths, atomic writes, locks, archive extraction, uploads, downloads, scanners, CLI/API/schema path contracts, snapshots, generated outputs, or package artifact paths are created, changed, reviewed, or reported | `.mustflow/skills/file-path-cross-platform-change/SKILL.md` | Path ledger, trust classes, accepted path representation, base root, path helpers, safe filesystem wrappers, clone/checkout/scaffold/install/extract outputs, staging and promotion policy, temp/cache helpers, lock policy, archive policy, upload/download policy, scanner policy, CLI/API/schema/snapshot/generated/package surfaces, platform expectations, failure taxonomy, and command contract entries | Path validators, helpers, wrappers, schemas, CLI/API parsing, snapshots, fixtures, docs, tests, generated-output paths, package artifact paths, clone or scaffold destinations, archive extraction, scanner bounds, temp/cache handling, locks, and cleanup code | path traversal, base containment bypass, drive-relative path bug, reserved-name bug, case-collision bug, Unicode-collision bug, Git checkout path-length failure misreported as network or auth, unsafe archive extraction, non-atomic write claim, stale lock, scanner loop, partial-output cleanup data loss, user-selected destination deletion, path contract drift, or package artifact path drift | `changes_status`, `changes_diff_summary`, `lint`, `build`, `test_related`, `test`, `docs_validate_fast`, `test_release`, `mustflow_check` | Path contract, path ledger, trust classes, root policy, preflight/staging/promotion decisions, Windows/macOS/Linux/archive/upload/download/scanner/lock/temp/cache/atomic/cleanup decisions, failure taxonomy, synchronized contract surfaces, verification, and remaining path risk |
@@ -2,7 +2,7 @@
2
2
  mustflow_doc: skill.astro-code-change
3
3
  locale: en
4
4
  canonical: true
5
- revision: 2
5
+ revision: 3
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: astro-code-change
@@ -57,6 +57,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
57
57
  ## Preconditions
58
58
 
59
59
  - Read Astro config, content config, and the affected route tree before changing routing, content, canonical, RSS, sitemap, or hydration behavior.
60
+ - Identify the Astro major version before applying migration rules. Astro v6 changes must be checked against the v6 upgrade guide instead of inferred from older routing or adapter habits.
60
61
  - Identify build-time versus request-time data before adding data access.
61
62
  - Identify which UI truly needs browser JavaScript and which UI truly needs framework state before adding a framework island.
62
63
  - Treat file movement under `src/pages`, route parameter changes, and content slug changes as URL contract changes.
@@ -73,6 +74,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
73
74
  ## Procedure
74
75
 
75
76
  1. Read package metadata and Astro config first. Record Astro version, framework integrations, `site`, `base`, `trailingSlash`, `output`, adapter, sitemap integration, MDX integration, and any framework integration.
77
+ - For Astro v6 migrations, check removed or changed surfaces before editing call sites: `Astro.glob()` replacement with `import.meta.glob()` or content collections, `.cjs` and `.cts` config removal, `astro:ssr-manifest`, `RouteData.generate()`, old adapter hooks, old `NodeApp` paths, Zod 4 schema effects, and numeric dynamic route params.
76
78
  2. Read `src/content.config.*` when content, docs, blog, RSS, sitemap, canonical, or route generation is involved. Record each collection name, loader base, schema fields, slug/id policy, draft field, and date fields.
77
79
  3. Build a route ledger from `src/pages`: static pages, dynamic pages, rest routes, endpoints, prerendered routes, on-demand routes, and possible route-priority collisions.
78
80
  4. Classify the change: static route, dynamic route, endpoint, content collection, integration, adapter, SSR/on-demand, island, script, asset, RSS, sitemap, canonical, or docs/content.
@@ -100,7 +102,7 @@ The default is no-hydration. Add browser JavaScript only after proving that nati
100
102
 
101
103
  - In static output, every dynamic route must have `getStaticPaths`.
102
104
  - In on-demand or SSR dynamic routes, do not use `getStaticPaths`; read `Astro.params`, perform the request-time lookup, and handle missing entries with an explicit 404 or redirect path.
103
- - `getStaticPaths` params must match bracket parameter names exactly and must be strings.
105
+ - `getStaticPaths` params must match bracket parameter names exactly. Param values must be strings, except rest parameters may use `undefined`; numeric params are invalid in Astro 6.
104
106
  - Custom slugs containing `/` require a rest route such as a catch-all route. Do not force slash-containing slugs into a single named parameter route.
105
107
  - Treat changes under `src/pages` as public URL changes, including endpoint names and extension-bearing endpoint paths.
106
108
  - Check route priority when adding static routes, named parameters, rest parameters, catch-all routes, and endpoints that could claim the same URL.
@@ -132,7 +134,7 @@ Reject or revise a change when:
132
134
  - `client:only` is used because SSR broke, instead of isolating the browser-only dependency.
133
135
  - Static output dynamic routes lack `getStaticPaths`.
134
136
  - On-demand or SSR dynamic routes use `getStaticPaths`.
135
- - Route params do not match bracket names or are not strings.
137
+ - Route params do not match bracket names, non-rest params are not strings, rest params use values other than strings or `undefined`, or Astro 6 routes still rely on numeric params.
136
138
  - A content slug with `/` is mapped through a non-rest route.
137
139
  - Draft filtering differs between lists, detail pages, RSS, sitemap, or pagination.
138
140
  - Canonical URLs are built by ad hoc string concatenation.