mustflow 2.84.0 → 2.99.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (105) hide show
  1. package/README.md +11 -2
  2. package/dist/cli/commands/script-pack.js +14 -0
  3. package/dist/cli/i18n/en.js +262 -0
  4. package/dist/cli/i18n/es.js +262 -0
  5. package/dist/cli/i18n/fr.js +262 -0
  6. package/dist/cli/i18n/hi.js +262 -0
  7. package/dist/cli/i18n/ko.js +262 -0
  8. package/dist/cli/i18n/zh.js +262 -0
  9. package/dist/cli/lib/repo-map.js +27 -6
  10. package/dist/cli/lib/run-root-trust.js +15 -1
  11. package/dist/cli/lib/script-pack-registry.js +397 -0
  12. package/dist/cli/lib/validation/index.js +2 -2
  13. package/dist/cli/lib/validation/primitives.js +4 -1
  14. package/dist/cli/script-packs/code-change-impact.js +178 -0
  15. package/dist/cli/script-packs/code-dependency-graph.js +181 -0
  16. package/dist/cli/script-packs/code-import-cycle.js +193 -0
  17. package/dist/cli/script-packs/docs-link-integrity.js +145 -0
  18. package/dist/cli/script-packs/repo-approval-gate.js +100 -0
  19. package/dist/cli/script-packs/repo-env-contract.js +156 -0
  20. package/dist/cli/script-packs/repo-git-ignore-audit.js +119 -0
  21. package/dist/cli/script-packs/repo-manifest-lock-drift.js +122 -0
  22. package/dist/cli/script-packs/repo-merge-conflict-scan.js +123 -0
  23. package/dist/cli/script-packs/repo-secret-risk-scan.js +147 -0
  24. package/dist/cli/script-packs/repo-skill-route-audit.js +86 -0
  25. package/dist/cli/script-packs/repo-version-source.js +92 -0
  26. package/dist/cli/script-packs/test-performance-report.js +247 -0
  27. package/dist/cli/script-packs/test-regression-selector.js +167 -0
  28. package/dist/core/change-impact.js +355 -0
  29. package/dist/core/change-surface-classification.js +198 -0
  30. package/dist/core/change-verification.js +32 -5
  31. package/dist/core/config-loading.js +121 -4
  32. package/dist/core/dependency-graph.js +490 -0
  33. package/dist/core/docs-link-integrity.js +443 -0
  34. package/dist/core/env-contract.js +450 -0
  35. package/dist/core/import-cycle.js +152 -0
  36. package/dist/core/line-endings.js +26 -13
  37. package/dist/core/public-json-contracts.js +167 -0
  38. package/dist/core/repo-approval-gate.js +116 -0
  39. package/dist/core/repo-git-ignore-audit.js +302 -0
  40. package/dist/core/repo-manifest-lock-drift.js +321 -0
  41. package/dist/core/repo-merge-conflict-scan.js +335 -0
  42. package/dist/core/repo-version-source.js +82 -0
  43. package/dist/core/route-outline.js +57 -5
  44. package/dist/core/script-pack-suggestions.js +97 -1
  45. package/dist/core/secret-risk-scan.js +440 -0
  46. package/dist/core/skill-route-audit.js +354 -0
  47. package/dist/core/test-performance-report.js +697 -0
  48. package/dist/core/test-regression-selector.js +335 -0
  49. package/package.json +1 -1
  50. package/schemas/README.md +54 -0
  51. package/schemas/change-impact-report.schema.json +184 -0
  52. package/schemas/commands.schema.json +12 -0
  53. package/schemas/dependency-graph-report.schema.json +149 -0
  54. package/schemas/env-contract-report.schema.json +203 -0
  55. package/schemas/import-cycle-report.schema.json +157 -0
  56. package/schemas/link-integrity-report.schema.json +176 -0
  57. package/schemas/repo-approval-gate-report.schema.json +115 -0
  58. package/schemas/repo-git-ignore-audit-report.schema.json +201 -0
  59. package/schemas/repo-manifest-lock-drift-report.schema.json +202 -0
  60. package/schemas/repo-merge-conflict-scan-report.schema.json +169 -0
  61. package/schemas/repo-version-source-report.schema.json +127 -0
  62. package/schemas/secret-risk-scan-report.schema.json +152 -0
  63. package/schemas/skill-route-audit-report.schema.json +144 -0
  64. package/schemas/test-performance-report.schema.json +319 -0
  65. package/schemas/test-regression-selector-report.schema.json +187 -0
  66. package/templates/default/i18n.toml +80 -26
  67. package/templates/default/locales/en/.mustflow/skills/INDEX.md +51 -9
  68. package/templates/default/locales/en/.mustflow/skills/api-access-control-review/SKILL.md +48 -27
  69. package/templates/default/locales/en/.mustflow/skills/api-failure-triage/SKILL.md +270 -0
  70. package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +28 -11
  71. package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +71 -27
  72. package/templates/default/locales/en/.mustflow/skills/auth-flow-triage/SKILL.md +192 -0
  73. package/templates/default/locales/en/.mustflow/skills/auth-permission-change/SKILL.md +59 -13
  74. package/templates/default/locales/en/.mustflow/skills/backend-log-evidence-review/SKILL.md +14 -5
  75. package/templates/default/locales/en/.mustflow/skills/cache-integrity-review/SKILL.md +30 -15
  76. package/templates/default/locales/en/.mustflow/skills/change-blast-radius-review/SKILL.md +45 -32
  77. package/templates/default/locales/en/.mustflow/skills/ci-pipeline-triage/SKILL.md +200 -0
  78. package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +87 -13
  79. package/templates/default/locales/en/.mustflow/skills/cross-agent-session-reference/SKILL.md +23 -8
  80. package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +3 -1
  81. package/templates/default/locales/en/.mustflow/skills/docker-runtime-triage/SKILL.md +191 -0
  82. package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +48 -11
  83. package/templates/default/locales/en/.mustflow/skills/go-code-change/SKILL.md +18 -13
  84. package/templates/default/locales/en/.mustflow/skills/javascript-code-change/SKILL.md +15 -13
  85. package/templates/default/locales/en/.mustflow/skills/line-ending-hygiene/SKILL.md +18 -10
  86. package/templates/default/locales/en/.mustflow/skills/llm-hallucination-control-review/SKILL.md +4 -1
  87. package/templates/default/locales/en/.mustflow/skills/motion-system-contract-review/SKILL.md +155 -0
  88. package/templates/default/locales/en/.mustflow/skills/next-action-menu/SKILL.md +177 -0
  89. package/templates/default/locales/en/.mustflow/skills/node-code-change/SKILL.md +16 -14
  90. package/templates/default/locales/en/.mustflow/skills/observability-debuggability-review/SKILL.md +15 -7
  91. package/templates/default/locales/en/.mustflow/skills/payment-integrity-review/SKILL.md +59 -35
  92. package/templates/default/locales/en/.mustflow/skills/powershell-code-change/SKILL.md +16 -6
  93. package/templates/default/locales/en/.mustflow/skills/prompt-contract-quality-review/SKILL.md +4 -1
  94. package/templates/default/locales/en/.mustflow/skills/python-code-change/SKILL.md +19 -10
  95. package/templates/default/locales/en/.mustflow/skills/rag-pipeline-triage/SKILL.md +206 -0
  96. package/templates/default/locales/en/.mustflow/skills/routes.toml +69 -9
  97. package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +10 -4
  98. package/templates/default/locales/en/.mustflow/skills/search-index-integrity-review/SKILL.md +181 -0
  99. package/templates/default/locales/en/.mustflow/skills/security-privacy-review/SKILL.md +3 -1
  100. package/templates/default/locales/en/.mustflow/skills/service-boundary-architecture/SKILL.md +37 -23
  101. package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +323 -0
  102. package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +18 -10
  103. package/templates/default/locales/en/.mustflow/skills/vector-search-integrity-review/SKILL.md +209 -0
  104. package/templates/default/locales/en/.mustflow/skills/version-freshness-check/SKILL.md +16 -14
  105. package/templates/default/manifest.toml +71 -1
package/README.md CHANGED
@@ -128,9 +128,12 @@ mustflow installs and validates an agent workflow for user projects.
128
128
  evidence, and dashboard exports so agents justify new dependencies, helper-style surfaces,
129
129
  config/schema churn, and broad structural changes before treating added complexity as free.
130
130
  - Lists, suggests, and runs bundled read-only utility scripts through `mf script-pack`, including
131
- `code/outline` for source symbol maps, `code/symbol-read` for focused source snippets,
131
+ `code/outline` for source symbol maps, `code/dependency-graph` for bounded relative import graphs,
132
+ `code/change-impact` for git-diff impact and verification hints, `code/symbol-read` for focused source snippets,
132
133
  `code/route-outline` for Hono, Elysia, Axum, and NestJS route maps, `docs/reference-drift` for stale
133
134
  documentation references, `repo/config-chain` for nearby config inheritance,
135
+ `repo/env-contract` for environment-variable contract drift,
136
+ `repo/secret-risk-scan` for plausible hardcoded-secret findings without printing values,
134
137
  `repo/generated-boundary` for candidate path safety checks, and `core/text-budget`
135
138
  for exact file and JSON-field length budgets, so future checks do not sprawl into top-level
136
139
  commands.
@@ -292,12 +295,16 @@ mf run mustflow_update_apply
292
295
  | `mf script-pack suggest --changed --json` | Rank optional read-only helpers for current changed files without running those helpers or granting command authority. |
293
296
  | `mf script-pack suggest --path <path> --phase before_change` | Rank helpers for an explicit path and workflow phase before deciding which script to run. |
294
297
  | `mf script-pack run code/outline scan <path...> --json` | Scan supported source files for symbol headers, line ranges, source anchors, return metadata, and content hashes. |
298
+ | `mf script-pack run code/dependency-graph scan <path...> --json` | Trace bounded relative import, export, require, and dynamic import edges for TypeScript and JavaScript source files. |
299
+ | `mf script-pack run code/change-impact analyze --base HEAD --json` | Analyze changed files and return bounded impact candidates, script-pack hints, and verification intent hints. |
295
300
  | `mf script-pack run code/symbol-read read <path> --start-line <line> --json` | Read the focused symbol range or bounded source snippet after `code/outline` identifies the relevant location. |
296
301
  | `mf script-pack run code/symbol-read read --anchor <id> --json` | Read the conservative target symbol for a structured `mf:anchor` source marker. |
297
302
  | `mf script-pack run code/route-outline scan <path...> --json` | Scan Hono, Elysia, Axum, and NestJS files for route methods, paths, handlers, lifecycle chains, line ranges, and content hashes. |
298
303
  | `mf script-pack run code/export-diff compare --base HEAD --json` | Compare exported TypeScript or JavaScript declarations, return metadata, and package surface hints against a git base. |
299
304
  | `mf script-pack run docs/reference-drift check [path...] --json` | Check documentation references to `mf` commands, script-pack refs, schema files, and repository paths against current local surfaces. |
300
305
  | `mf script-pack run repo/config-chain inspect <path...> --json` | Inspect nearby package, TypeScript, ESLint, Vite, Tailwind, test, and mustflow config files plus static inheritance edges without executing dynamic config code. |
306
+ | `mf script-pack run repo/env-contract scan [path...] --json` | Scan code, CI, docs, config, and env examples for environment-variable contract drift without reading or printing real secret env values. |
307
+ | `mf script-pack run repo/secret-risk-scan scan [path...] --json` | Scan code, docs, config, CI, and examples for plausible hardcoded secrets while reporting only redacted fingerprints. |
301
308
  | `mf script-pack run repo/generated-boundary check <path...> --json` | Check whether candidate paths cross generated, ignored, protected, vendor, or cache boundaries before or after edits. |
302
309
  | `mf script-pack run repo/related-files map <path...> --json` | Map direct imports, importers, same-basename siblings, and nearby config or package boundaries for source navigation. |
303
310
  | `mf script-pack run core/text-budget check <path...> --max <count>` | Check exact text length budgets for files using grapheme counts by default. |
@@ -330,7 +337,9 @@ Automation and agents should use `--json` output or `mf api serve --stdio` JSONL
330
337
  For script-pack helper selection, start with `mf script-pack suggest --changed --json` or an
331
338
  explicit `--path`. The suggestion report is only a ranking aid: it does not run scripts, prove
332
339
  verification, or bypass `.mustflow/config/commands.toml`. A common source-orientation flow is
333
- `code/outline` first, then `code/symbol-read` for the chosen symbol line or source anchor. After
340
+ `code/outline` first, `code/dependency-graph` for relative import impact, then `code/symbol-read`
341
+ for the chosen symbol line or source anchor. After a local diff exists, use `code/change-impact`
342
+ to summarize changed surfaces, likely related files, optional helper scripts, and verification hints. After
334
343
  public-ish TypeScript or JavaScript changes, use `code/export-diff` to review exported signatures
335
344
  and return metadata against a git base. After docs, schema, CLI, or script-pack surface changes, use
336
345
  `docs/reference-drift` to catch stale references before treating docs as synchronized. For
@@ -62,13 +62,27 @@ export function getScriptPackHelp(lang = 'en') {
62
62
  'mf script-pack suggest --path src/cli/index.ts --phase before_change',
63
63
  'mf script-pack suggest --changed --phase after_change --json',
64
64
  'mf script-pack run code/outline scan src --json',
65
+ 'mf script-pack run code/dependency-graph scan src/cli/index.ts --json',
66
+ 'mf script-pack run code/import-cycle check src --json',
67
+ 'mf script-pack run code/change-impact analyze --base HEAD --json',
65
68
  'mf script-pack run code/symbol-read read src/cli/index.ts --start-line 25 --json',
66
69
  'mf script-pack run code/route-outline scan src/cli/index.ts --json',
67
70
  'mf script-pack run code/export-diff compare --base HEAD~1 --head HEAD --json',
68
71
  'mf script-pack run core/text-budget check README.md --max 5000',
69
72
  'mf script-pack run docs/reference-drift check README.md schemas/README.md --json',
73
+ 'mf script-pack run docs/link-integrity check README.md docs-site/src/content/docs --json',
74
+ 'mf script-pack run test/performance-report summarize --json',
75
+ 'mf script-pack run test/regression-selector select --base HEAD --json',
70
76
  'mf script-pack run repo/config-chain inspect src/cli/index.ts --json',
77
+ 'mf script-pack run repo/env-contract scan --json',
78
+ 'mf script-pack run repo/secret-risk-scan scan src README.md --json',
71
79
  'mf script-pack run repo/generated-boundary check src/cli/index.ts --json',
80
+ 'mf script-pack run repo/merge-conflict-scan check --json',
81
+ 'mf script-pack run repo/git-ignore-audit audit .env.local dist/app.js --json',
82
+ 'mf script-pack run repo/manifest-lock-drift check AGENTS.md --json',
83
+ 'mf script-pack run repo/skill-route-audit audit --json',
84
+ 'mf script-pack run repo/version-source inspect --json',
85
+ 'mf script-pack run repo/approval-gate check --action git_commit --json',
72
86
  'mf script-pack run repo/related-files map src/cli/index.ts --json',
73
87
  'mf script-pack run core/text-budget --help',
74
88
  ],
@@ -772,16 +772,23 @@ Read these files before working:
772
772
  "scriptPack.pack.code.summary": "Source-code orientation utility scripts",
773
773
  "scriptPack.pack.core.summary": "Core built-in utility scripts",
774
774
  "scriptPack.pack.docs.summary": "Documentation reference utility scripts",
775
+ "scriptPack.pack.test.summary": "Test evidence and performance utility scripts",
775
776
  "scriptPack.pack.repo.summary": "Repository-boundary utility scripts",
776
777
  "scriptPack.script.codeOutline.summary": "Scan TypeScript and JavaScript files for symbol headers and line ranges",
778
+ "scriptPack.script.codeDependencyGraph.summary": "Trace relative TypeScript and JavaScript dependency graph edges",
779
+ "scriptPack.script.codeImportCycle.summary": "Detect relative TypeScript and JavaScript import cycles with line evidence",
780
+ "scriptPack.script.codeChangeImpact.summary": "Analyze changed files for impact, script-pack, and verification hints",
777
781
  "scriptPack.script.codeSymbolRead.summary": "Read a bounded source snippet by source anchor, symbol line, or explicit line range",
778
782
  "scriptPack.script.codeRouteOutline.summary": "Scan Hono, Elysia, Axum, and NestJS route methods, paths, handlers, and lifecycle chains",
779
783
  "scriptPack.script.codeExportDiff.summary": "Compare exported source signatures and return metadata across git refs",
780
784
  "scriptPack.script.textBudget.summary": "Check exact text length budgets for files or JSON string fields",
781
785
  "scriptPack.script.referenceDrift.summary": "Check documented command, script-pack, schema, and path references for drift",
786
+ "scriptPack.script.linkIntegrity.summary": "Check Markdown links and anchors for local documentation drift",
782
787
  "scriptPack.script.configChain.summary": "Inspect nearby config files and static config inheritance",
783
788
  "scriptPack.script.generatedBoundary.summary": "Check whether candidate paths cross generated, ignored, protected, vendor, or cache boundaries",
784
789
  "scriptPack.script.relatedFiles.summary": "Map likely related files for source-oriented repository navigation",
790
+ "scriptPack.script.testPerformanceReport.summary": "Summarize retained mf run performance evidence and test-suite bottlenecks",
791
+ "scriptPack.script.testRegressionSelector.summary": "Select likely regression tests and conservative fallback verification",
785
792
  "scriptPack.label.script": "Script",
786
793
  "scriptPack.label.actions": "actions",
787
794
  "scriptPack.label.schema": "schema",
@@ -876,6 +883,20 @@ Read these files before working:
876
883
  "referenceDrift.error.missingAction": "Specify a reference-drift action: check",
877
884
  "referenceDrift.error.unknownAction": "Unknown reference-drift action: {action}",
878
885
  "referenceDrift.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
886
+ "linkIntegrity.help.summary": "Check Markdown and MDX links for missing local files and anchors without fetching external URLs.",
887
+ "linkIntegrity.help.option.maxFiles": "Maximum number of document files to inspect. Default: 200",
888
+ "linkIntegrity.help.option.maxFileBytes": "Maximum bytes to read from each document file. Default: 524288",
889
+ "linkIntegrity.help.exit.ok": "All checked local links and anchors resolved",
890
+ "linkIntegrity.help.exit.fail": "A local link or anchor was missing, unreadable, or over a configured limit",
891
+ "linkIntegrity.title": "mustflow link integrity",
892
+ "linkIntegrity.label.files": "Files",
893
+ "linkIntegrity.label.links": "Links",
894
+ "linkIntegrity.label.findings": "Findings",
895
+ "linkIntegrity.label.issues": "Issues",
896
+ "linkIntegrity.clean": "No documentation links were found.",
897
+ "linkIntegrity.error.missingAction": "Specify a link-integrity action: check",
898
+ "linkIntegrity.error.unknownAction": "Unknown link-integrity action: {action}",
899
+ "linkIntegrity.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
879
900
  "textBudget.help.summary": "Check exact text length budgets for files or JSON string fields using grapheme counts by default.",
880
901
  "textBudget.help.option.min": "Require at least this many units",
881
902
  "textBudget.help.option.max": "Require at most this many units",
@@ -912,6 +933,71 @@ Read these files before working:
912
933
  "generatedBoundary.error.missingAction": "Specify a generated-boundary action: check",
913
934
  "generatedBoundary.error.unknownAction": "Unknown generated-boundary action: {action}",
914
935
  "generatedBoundary.error.missingPath": "Provide at least one path to check",
936
+ "dependencyGraph.help.summary": "Trace bounded relative import, export, require, and dynamic import edges for TypeScript and JavaScript source files.",
937
+ "dependencyGraph.help.option.maxDepth": "Maximum dependency depth from target files. Default: 2",
938
+ "dependencyGraph.help.option.maxFiles": "Maximum number of source files to scan. Default: 1000",
939
+ "dependencyGraph.help.option.maxFileBytes": "Maximum bytes to read from each source file. Default: 262144",
940
+ "dependencyGraph.help.option.maxNodes": "Maximum number of graph nodes to report. Default: 300",
941
+ "dependencyGraph.help.option.maxEdges": "Maximum number of graph edges to report. Default: 800",
942
+ "dependencyGraph.help.exit.ok": "The dependency graph completed without input or scan-limit findings",
943
+ "dependencyGraph.help.exit.fail": "The dependency graph found invalid input, unreadable paths, or scan limits",
944
+ "dependencyGraph.title": "mustflow dependency graph",
945
+ "dependencyGraph.label.targets": "Targets",
946
+ "dependencyGraph.label.nodes": "Nodes",
947
+ "dependencyGraph.label.edges": "Edges",
948
+ "dependencyGraph.label.cycles": "Cycles",
949
+ "dependencyGraph.label.truncated": "Truncated",
950
+ "dependencyGraph.label.cycleList": "Cycle hints",
951
+ "dependencyGraph.label.findings": "Findings",
952
+ "dependencyGraph.label.issues": "Issues",
953
+ "dependencyGraph.clean": "No relative dependency edges were found.",
954
+ "dependencyGraph.error.missingAction": "Specify a dependency-graph action: scan",
955
+ "dependencyGraph.error.unknownAction": "Unknown dependency-graph action: {action}",
956
+ "dependencyGraph.error.missingPath": "Provide at least one path to scan",
957
+ "dependencyGraph.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
958
+ "importCycle.help.summary": "Detect bounded relative TypeScript and JavaScript import cycles with exact path and line evidence.",
959
+ "importCycle.help.option.maxDepth": "Maximum dependency depth from target files. Default: 20",
960
+ "importCycle.help.option.maxFiles": "Maximum number of source files to scan. Default: 1000",
961
+ "importCycle.help.option.maxFileBytes": "Maximum bytes to read from each source file. Default: 262144",
962
+ "importCycle.help.option.maxNodes": "Maximum number of graph nodes to inspect. Default: 300",
963
+ "importCycle.help.option.maxEdges": "Maximum number of graph edges to inspect. Default: 800",
964
+ "importCycle.help.option.maxCycles": "Maximum number of import cycles to report. Default: 50",
965
+ "importCycle.help.exit.ok": "No import cycles were detected",
966
+ "importCycle.help.exit.fail": "Import cycles, invalid input, unreadable paths, or scan limits were found",
967
+ "importCycle.title": "mustflow import cycle",
968
+ "importCycle.label.targets": "Targets",
969
+ "importCycle.label.nodes": "Nodes",
970
+ "importCycle.label.edges": "Edges",
971
+ "importCycle.label.cycles": "Cycles",
972
+ "importCycle.label.truncated": "Truncated",
973
+ "importCycle.label.cycleList": "Import cycles",
974
+ "importCycle.label.findings": "Findings",
975
+ "importCycle.label.issues": "Issues",
976
+ "importCycle.clean": "No import cycles were found.",
977
+ "importCycle.error.missingAction": "Specify an import-cycle action: check",
978
+ "importCycle.error.unknownAction": "Unknown import-cycle action: {action}",
979
+ "importCycle.error.missingPath": "Provide at least one path to check",
980
+ "importCycle.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
981
+ "changeImpact.help.summary": "Analyze git changes and return bounded file-impact, script-pack, and verification hints.",
982
+ "changeImpact.help.option.base": "Git base ref to compare from. Default: HEAD",
983
+ "changeImpact.help.option.head": "Git head ref to compare to. Omit to compare the base with the working tree.",
984
+ "changeImpact.help.option.maxFiles": "Maximum number of changed files to inspect. Default: 200",
985
+ "changeImpact.help.option.maxImpacts": "Maximum number of impact candidates to report. Default: 300",
986
+ "changeImpact.help.option.maxFileBytes": "Maximum bytes to read from each source file while tracing dependencies. Default: 262144",
987
+ "changeImpact.help.exit.ok": "The change-impact analysis completed without input or scan-limit findings",
988
+ "changeImpact.help.exit.fail": "The change-impact analysis found invalid git input or scan limits",
989
+ "changeImpact.title": "mustflow change impact",
990
+ "changeImpact.label.changedFiles": "Changed files",
991
+ "changeImpact.label.impacts": "Impacts",
992
+ "changeImpact.label.truncated": "Truncated",
993
+ "changeImpact.label.scriptHints": "Script hints",
994
+ "changeImpact.label.verificationHints": "Verification hints",
995
+ "changeImpact.label.findings": "Findings",
996
+ "changeImpact.label.issues": "Issues",
997
+ "changeImpact.clean": "No changed files were found for the selected git range.",
998
+ "changeImpact.error.missingAction": "Specify a change-impact action: analyze",
999
+ "changeImpact.error.unknownAction": "Unknown change-impact action: {action}",
1000
+ "changeImpact.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
915
1001
  "relatedFiles.help.summary": "Map direct imports, importers, sibling files, and nearby config boundaries for source-oriented repository navigation.",
916
1002
  "relatedFiles.help.option.maxFiles": "Maximum number of source or related files to scan. Default: 1000",
917
1003
  "relatedFiles.help.option.maxFileBytes": "Maximum bytes to read from each source file. Default: 262144",
@@ -948,6 +1034,182 @@ Read these files before working:
948
1034
  "configChain.error.unknownAction": "Unknown config-chain action: {action}",
949
1035
  "configChain.error.missingPath": "Provide at least one path to inspect",
950
1036
  "configChain.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
1037
+ "testPerformance.help.summary": "Summarize retained mf run performance evidence, slow intents, timeout pressure, " +
1038
+ "selected-test fallback use, and phase bottlenecks.",
1039
+ "testPerformance.help.option.maxSamples": "Maximum number of recent samples to report. Default: 200",
1040
+ "testPerformance.help.option.maxIntents": "Maximum number of intent summaries to report. Default: 30",
1041
+ "testPerformance.help.option.maxTestFiles": "Maximum number of profiled test files to report. Default: 40",
1042
+ "testPerformance.help.option.maxFindings": "Maximum number of findings to report. Default: 80",
1043
+ "testPerformance.help.option.slowMs": "Duration threshold for slow-sample findings in milliseconds. Default: 120000",
1044
+ "testPerformance.help.option.timeoutRatio": "Timeout budget ratio for timeout-pressure findings, from 0 to 1. Default: 0.75",
1045
+ "testPerformance.help.option.phaseMs": "Phase p95 threshold for phase-bottleneck findings in milliseconds. Default: 30000",
1046
+ "testPerformance.help.exit.ok": "The performance report was generated",
1047
+ "testPerformance.help.exit.fail": "Performance evidence could not be read or the input was invalid",
1048
+ "testPerformance.title": "mustflow test performance report",
1049
+ "testPerformance.label.samples": "Samples",
1050
+ "testPerformance.label.intents": "Intents",
1051
+ "testPerformance.label.testFiles": "Test files",
1052
+ "testPerformance.label.findings": "Findings",
1053
+ "testPerformance.label.truncated": "Truncated",
1054
+ "testPerformance.label.slowestIntents": "Slowest intents",
1055
+ "testPerformance.label.slowestTestFiles": "Slowest test files",
1056
+ "testPerformance.label.slowestPhases": "Slowest phases",
1057
+ "testPerformance.label.failures": "failures",
1058
+ "testPerformance.label.profileEvidence": "Profile evidence",
1059
+ "testPerformance.label.profileGeneratedAt": "Generated at",
1060
+ "testPerformance.label.profileAge": "Age",
1061
+ "testPerformance.label.profileFilesShown": "Files shown",
1062
+ "testPerformance.label.profileCoverage": "Coverage",
1063
+ "testPerformance.label.profileFilesTruncated": "Profile files truncated",
1064
+ "testPerformance.label.nextActions": "Next actions",
1065
+ "testPerformance.label.issues": "Issues",
1066
+ "testPerformance.clean": "No run performance evidence was found under .mustflow/state.",
1067
+ "testPerformance.error.missingAction": "Specify a performance-report action: summarize",
1068
+ "testPerformance.error.unknownAction": "Unknown performance-report action: {action}",
1069
+ "testPerformance.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
1070
+ "testPerformance.error.invalidRatio": "{option} must be a number greater than 0 and less than or equal to 1: {value}",
1071
+ "testRegressionSelector.help.summary": "Select likely regression tests from changed files while reporting unsafe fallback surfaces.",
1072
+ "testRegressionSelector.help.option.base": "Git base ref to compare from. Default: HEAD",
1073
+ "testRegressionSelector.help.option.head": "Git head ref to compare to. Omit to compare the worktree",
1074
+ "testRegressionSelector.help.option.maxFiles": "Maximum number of changed files to inspect. Default: 200",
1075
+ "testRegressionSelector.help.option.maxTests": "Maximum number of selected or missing test candidates to report. Default: 100",
1076
+ "testRegressionSelector.help.exit.ok": "The regression selection report was generated",
1077
+ "testRegressionSelector.help.exit.fail": "Regression selection could not inspect the input",
1078
+ "testRegressionSelector.title": "mustflow test regression selector",
1079
+ "testRegressionSelector.label.selectionStatus": "Selection",
1080
+ "testRegressionSelector.label.changedFiles": "Changed files",
1081
+ "testRegressionSelector.label.selectedTests": "Selected tests",
1082
+ "testRegressionSelector.label.fallbacks": "Fallbacks",
1083
+ "testRegressionSelector.label.recommendedIntent": "Recommended intent",
1084
+ "testRegressionSelector.label.runHint": "Run hint",
1085
+ "testRegressionSelector.label.findings": "Findings",
1086
+ "testRegressionSelector.label.issues": "Issues",
1087
+ "testRegressionSelector.clean": "No changed files were found for regression selection.",
1088
+ "testRegressionSelector.error.missingAction": "Specify a regression-selector action: select",
1089
+ "testRegressionSelector.error.unknownAction": "Unknown regression-selector action: {action}",
1090
+ "testRegressionSelector.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
1091
+ "scriptPack.script.envContract.summary": "Scan repository environment-variable contracts without reading secret values",
1092
+ "envContract.help.summary": "Scan code, CI, docs, config, and env examples for environment variable contract drift without printing env values.",
1093
+ "envContract.help.option.maxFiles": "Maximum number of files to inspect. Default: 1000",
1094
+ "envContract.help.option.maxFileBytes": "Maximum bytes to read from each inspected file. Default: 262144",
1095
+ "envContract.help.option.maxKeys": "Maximum number of env keys to report. Default: 300",
1096
+ "envContract.help.exit.ok": "The env contract scan completed without blocking findings",
1097
+ "envContract.help.exit.fail": "The env contract scan found invalid input, unreadable files, or contract findings",
1098
+ "envContract.title": "mustflow env contract",
1099
+ "envContract.label.files": "Files",
1100
+ "envContract.label.keys": "Keys",
1101
+ "envContract.label.findings": "Findings",
1102
+ "envContract.label.truncated": "Truncated",
1103
+ "envContract.label.issues": "Issues",
1104
+ "envContract.clean": "No environment variable references were found.",
1105
+ "envContract.error.missingAction": "Specify an env-contract action: scan",
1106
+ "envContract.error.unknownAction": "Unknown env-contract action: {action}",
1107
+ "envContract.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
1108
+ "scriptPack.script.secretRiskScan.summary": "Scan repository files for plausible secrets without printing secret values",
1109
+ "secretRiskScan.help.summary": "Scan code, docs, config, CI, and examples for plausible hardcoded secrets without printing secret values.",
1110
+ "secretRiskScan.help.option.maxFiles": "Maximum number of files to inspect. Default: 1000",
1111
+ "secretRiskScan.help.option.maxFileBytes": "Maximum bytes to read from each inspected file. Default: 262144",
1112
+ "secretRiskScan.help.option.maxFindings": "Maximum number of findings to report. Default: 200",
1113
+ "secretRiskScan.help.exit.ok": "The secret-risk scan completed without blocking findings",
1114
+ "secretRiskScan.help.exit.fail": "The secret-risk scan found invalid input, unreadable files, or secret-risk findings",
1115
+ "secretRiskScan.title": "mustflow secret risk scan",
1116
+ "secretRiskScan.label.files": "Files",
1117
+ "secretRiskScan.label.findings": "Findings",
1118
+ "secretRiskScan.label.highOrCritical": "High or critical",
1119
+ "secretRiskScan.label.skippedSecretFiles": "Skipped secret files",
1120
+ "secretRiskScan.label.truncated": "Truncated",
1121
+ "secretRiskScan.label.issues": "Issues",
1122
+ "secretRiskScan.clean": "No plausible hardcoded secrets were found.",
1123
+ "secretRiskScan.error.missingAction": "Specify a secret-risk-scan action: scan",
1124
+ "secretRiskScan.error.unknownAction": "Unknown secret-risk-scan action: {action}",
1125
+ "secretRiskScan.error.invalidPositiveInteger": "{option} must be a positive safe integer: {value}",
1126
+ "scriptPack.script.skillRouteAudit.summary": "Audit skill routes, template skill copies, manifest profiles, and i18n metadata for drift",
1127
+ "scriptPack.script.versionSource.summary": "Inspect repository version sources before release metadata changes",
1128
+ "scriptPack.script.approvalGate.summary": "Check planned actions against repository approval policy gates",
1129
+ "scriptPack.script.mergeConflictScan.summary": "Scan repository files for unresolved Git merge conflict markers",
1130
+ "scriptPack.script.gitIgnoreAudit.summary": "Audit Git ignore rules and path visibility evidence",
1131
+ "scriptPack.script.manifestLockDrift.summary": "Check manifest-lock file hashes against current repository files",
1132
+ "skillRouteAudit.help.summary": "Audit mustflow skill route metadata, source skill files, default template skill copies, manifest profiles, and i18n metadata.",
1133
+ "skillRouteAudit.help.exit.ok": "The skill-route audit report was generated",
1134
+ "skillRouteAudit.help.exit.fail": "The skill-route audit command received invalid input or could not read required metadata",
1135
+ "skillRouteAudit.title": "mustflow skill route audit",
1136
+ "skillRouteAudit.label.sourceSkills": "Source skills",
1137
+ "skillRouteAudit.label.routeMetadata": "Route metadata",
1138
+ "skillRouteAudit.label.indexRoutes": "Index routes",
1139
+ "skillRouteAudit.label.templateSkills": "Template skills",
1140
+ "skillRouteAudit.label.findings": "Findings",
1141
+ "skillRouteAudit.clean": "Skill routes, template skill copies, manifest profiles, and i18n metadata are aligned.",
1142
+ "skillRouteAudit.error.missingAction": "Specify a skill-route-audit action: audit",
1143
+ "skillRouteAudit.error.unknownAction": "Unknown skill-route-audit action: {action}",
1144
+ "versionSource.help.summary": "Inspect detected version source files and release versioning preference alignment.",
1145
+ "versionSource.help.exit.ok": "The version-source report was generated without blocking findings",
1146
+ "versionSource.help.exit.fail": "The version-source report found invalid input, unreadable metadata, or missing version sources",
1147
+ "versionSource.title": "mustflow version source",
1148
+ "versionSource.label.versioning": "Versioning preferences",
1149
+ "versionSource.label.sources": "Sources",
1150
+ "versionSource.label.sourceAuthorities": "Source authorities",
1151
+ "versionSource.label.findings": "Findings",
1152
+ "versionSource.label.issues": "Issues",
1153
+ "versionSource.error.missingAction": "Specify a version-source action: inspect",
1154
+ "versionSource.error.unknownAction": "Unknown version-source action: {action}",
1155
+ "approvalGate.help.summary": "Check planned action types against .mustflow/config/mustflow.toml approval gates.",
1156
+ "approvalGate.help.option.action": "Action type to check. May be repeated.",
1157
+ "approvalGate.help.exit.ok": "No requested action requires approval",
1158
+ "approvalGate.help.exit.fail": "A requested action requires approval, metadata was unreadable, or input was invalid",
1159
+ "approvalGate.title": "mustflow approval gate",
1160
+ "approvalGate.label.approvalRequired": "Approval required",
1161
+ "approvalGate.label.configuredRequiredActions": "Configured required actions",
1162
+ "approvalGate.label.decisions": "Decisions",
1163
+ "approvalGate.label.findings": "Findings",
1164
+ "approvalGate.label.issues": "Issues",
1165
+ "approvalGate.error.missingAction": "Specify an approval-gate action: check",
1166
+ "approvalGate.error.unknownAction": "Unknown approval-gate action: {action}",
1167
+ "approvalGate.error.missingActionType": "Specify at least one --action <type>",
1168
+ "mergeConflictScan.help.summary": "Scan changed files or explicit paths for unresolved Git merge conflict markers without printing file content.",
1169
+ "mergeConflictScan.help.option.maxFiles": "Maximum files to scan. Default: 1000",
1170
+ "mergeConflictScan.help.option.maxFileBytes": "Maximum bytes to read from each file. Default: 524288",
1171
+ "mergeConflictScan.help.exit.ok": "No merge conflict markers were detected",
1172
+ "mergeConflictScan.help.exit.fail": "Merge conflict markers were detected, input was invalid, or files could not be scanned",
1173
+ "mergeConflictScan.title": "mustflow merge conflict scan",
1174
+ "mergeConflictScan.label.filesChecked": "Files checked",
1175
+ "mergeConflictScan.label.markersFound": "Markers found",
1176
+ "mergeConflictScan.label.markers": "Markers",
1177
+ "mergeConflictScan.label.findings": "Findings",
1178
+ "mergeConflictScan.label.issues": "Issues",
1179
+ "mergeConflictScan.clean": "No merge conflict markers detected.",
1180
+ "mergeConflictScan.error.missingAction": "Specify a merge-conflict-scan action: check",
1181
+ "mergeConflictScan.error.unknownAction": "Unknown merge-conflict-scan action: {action}",
1182
+ "mergeConflictScan.error.invalidPositiveInteger": "{option} must be a positive integer",
1183
+ "gitIgnoreAudit.help.summary": "Audit explicit paths or changed files against Git ignore rules without reading ignored file content.",
1184
+ "gitIgnoreAudit.help.option.maxPaths": "Maximum paths to audit. Default: 200",
1185
+ "gitIgnoreAudit.help.exit.ok": "No ignored path findings were detected",
1186
+ "gitIgnoreAudit.help.exit.fail": "Ignored paths, invalid input, or Git ignore audit issues were detected",
1187
+ "gitIgnoreAudit.title": "mustflow Git ignore audit",
1188
+ "gitIgnoreAudit.label.pathsChecked": "Paths checked",
1189
+ "gitIgnoreAudit.label.ignoredPaths": "Ignored paths",
1190
+ "gitIgnoreAudit.label.ignoreSources": "Ignore sources",
1191
+ "gitIgnoreAudit.label.paths": "Paths",
1192
+ "gitIgnoreAudit.label.findings": "Findings",
1193
+ "gitIgnoreAudit.label.issues": "Issues",
1194
+ "gitIgnoreAudit.clean": "No Git ignore audit findings detected.",
1195
+ "gitIgnoreAudit.error.missingAction": "Specify a git-ignore-audit action: audit",
1196
+ "gitIgnoreAudit.error.unknownAction": "Unknown git-ignore-audit action: {action}",
1197
+ "gitIgnoreAudit.error.invalidPositiveInteger": "{option} must be a positive integer",
1198
+ "manifestLockDrift.help.summary": "Check .mustflow/config/manifest.lock.toml entries against current file hashes without rewriting the lock.",
1199
+ "manifestLockDrift.help.option.maxEntries": "Maximum lock entries to check. Default: 500",
1200
+ "manifestLockDrift.help.exit.ok": "No manifest-lock drift was detected",
1201
+ "manifestLockDrift.help.exit.fail": "Manifest-lock drift, invalid input, or unreadable lock metadata was detected",
1202
+ "manifestLockDrift.title": "mustflow manifest-lock drift",
1203
+ "manifestLockDrift.label.entriesChecked": "Entries checked",
1204
+ "manifestLockDrift.label.hashMismatches": "Hash mismatches",
1205
+ "manifestLockDrift.label.missingEntries": "Missing entries",
1206
+ "manifestLockDrift.label.entries": "Entries",
1207
+ "manifestLockDrift.label.findings": "Findings",
1208
+ "manifestLockDrift.label.issues": "Issues",
1209
+ "manifestLockDrift.clean": "No manifest-lock drift detected.",
1210
+ "manifestLockDrift.error.missingAction": "Specify a manifest-lock-drift action: check",
1211
+ "manifestLockDrift.error.unknownAction": "Unknown manifest-lock-drift action: {action}",
1212
+ "manifestLockDrift.error.invalidPositiveInteger": "{option} must be a positive integer",
951
1213
  "run.help.summary": "Run a configured oneshot command from .mustflow/config/commands.toml.",
952
1214
  "run.help.option.dryRun": "Print a non-executing command plan",
953
1215
  "run.help.option.planOnly": "Alias for --dry-run",