mustflow 2.84.0 → 2.99.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (105) hide show
  1. package/README.md +11 -2
  2. package/dist/cli/commands/script-pack.js +14 -0
  3. package/dist/cli/i18n/en.js +262 -0
  4. package/dist/cli/i18n/es.js +262 -0
  5. package/dist/cli/i18n/fr.js +262 -0
  6. package/dist/cli/i18n/hi.js +262 -0
  7. package/dist/cli/i18n/ko.js +262 -0
  8. package/dist/cli/i18n/zh.js +262 -0
  9. package/dist/cli/lib/repo-map.js +27 -6
  10. package/dist/cli/lib/run-root-trust.js +15 -1
  11. package/dist/cli/lib/script-pack-registry.js +397 -0
  12. package/dist/cli/lib/validation/index.js +2 -2
  13. package/dist/cli/lib/validation/primitives.js +4 -1
  14. package/dist/cli/script-packs/code-change-impact.js +178 -0
  15. package/dist/cli/script-packs/code-dependency-graph.js +181 -0
  16. package/dist/cli/script-packs/code-import-cycle.js +193 -0
  17. package/dist/cli/script-packs/docs-link-integrity.js +145 -0
  18. package/dist/cli/script-packs/repo-approval-gate.js +100 -0
  19. package/dist/cli/script-packs/repo-env-contract.js +156 -0
  20. package/dist/cli/script-packs/repo-git-ignore-audit.js +119 -0
  21. package/dist/cli/script-packs/repo-manifest-lock-drift.js +122 -0
  22. package/dist/cli/script-packs/repo-merge-conflict-scan.js +123 -0
  23. package/dist/cli/script-packs/repo-secret-risk-scan.js +147 -0
  24. package/dist/cli/script-packs/repo-skill-route-audit.js +86 -0
  25. package/dist/cli/script-packs/repo-version-source.js +92 -0
  26. package/dist/cli/script-packs/test-performance-report.js +247 -0
  27. package/dist/cli/script-packs/test-regression-selector.js +167 -0
  28. package/dist/core/change-impact.js +355 -0
  29. package/dist/core/change-surface-classification.js +198 -0
  30. package/dist/core/change-verification.js +32 -5
  31. package/dist/core/config-loading.js +121 -4
  32. package/dist/core/dependency-graph.js +490 -0
  33. package/dist/core/docs-link-integrity.js +443 -0
  34. package/dist/core/env-contract.js +450 -0
  35. package/dist/core/import-cycle.js +152 -0
  36. package/dist/core/line-endings.js +26 -13
  37. package/dist/core/public-json-contracts.js +167 -0
  38. package/dist/core/repo-approval-gate.js +116 -0
  39. package/dist/core/repo-git-ignore-audit.js +302 -0
  40. package/dist/core/repo-manifest-lock-drift.js +321 -0
  41. package/dist/core/repo-merge-conflict-scan.js +335 -0
  42. package/dist/core/repo-version-source.js +82 -0
  43. package/dist/core/route-outline.js +57 -5
  44. package/dist/core/script-pack-suggestions.js +97 -1
  45. package/dist/core/secret-risk-scan.js +440 -0
  46. package/dist/core/skill-route-audit.js +354 -0
  47. package/dist/core/test-performance-report.js +697 -0
  48. package/dist/core/test-regression-selector.js +335 -0
  49. package/package.json +1 -1
  50. package/schemas/README.md +54 -0
  51. package/schemas/change-impact-report.schema.json +184 -0
  52. package/schemas/commands.schema.json +12 -0
  53. package/schemas/dependency-graph-report.schema.json +149 -0
  54. package/schemas/env-contract-report.schema.json +203 -0
  55. package/schemas/import-cycle-report.schema.json +157 -0
  56. package/schemas/link-integrity-report.schema.json +176 -0
  57. package/schemas/repo-approval-gate-report.schema.json +115 -0
  58. package/schemas/repo-git-ignore-audit-report.schema.json +201 -0
  59. package/schemas/repo-manifest-lock-drift-report.schema.json +202 -0
  60. package/schemas/repo-merge-conflict-scan-report.schema.json +169 -0
  61. package/schemas/repo-version-source-report.schema.json +127 -0
  62. package/schemas/secret-risk-scan-report.schema.json +152 -0
  63. package/schemas/skill-route-audit-report.schema.json +144 -0
  64. package/schemas/test-performance-report.schema.json +319 -0
  65. package/schemas/test-regression-selector-report.schema.json +187 -0
  66. package/templates/default/i18n.toml +80 -26
  67. package/templates/default/locales/en/.mustflow/skills/INDEX.md +51 -9
  68. package/templates/default/locales/en/.mustflow/skills/api-access-control-review/SKILL.md +48 -27
  69. package/templates/default/locales/en/.mustflow/skills/api-failure-triage/SKILL.md +270 -0
  70. package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +28 -11
  71. package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +71 -27
  72. package/templates/default/locales/en/.mustflow/skills/auth-flow-triage/SKILL.md +192 -0
  73. package/templates/default/locales/en/.mustflow/skills/auth-permission-change/SKILL.md +59 -13
  74. package/templates/default/locales/en/.mustflow/skills/backend-log-evidence-review/SKILL.md +14 -5
  75. package/templates/default/locales/en/.mustflow/skills/cache-integrity-review/SKILL.md +30 -15
  76. package/templates/default/locales/en/.mustflow/skills/change-blast-radius-review/SKILL.md +45 -32
  77. package/templates/default/locales/en/.mustflow/skills/ci-pipeline-triage/SKILL.md +200 -0
  78. package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +87 -13
  79. package/templates/default/locales/en/.mustflow/skills/cross-agent-session-reference/SKILL.md +23 -8
  80. package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +3 -1
  81. package/templates/default/locales/en/.mustflow/skills/docker-runtime-triage/SKILL.md +191 -0
  82. package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +48 -11
  83. package/templates/default/locales/en/.mustflow/skills/go-code-change/SKILL.md +18 -13
  84. package/templates/default/locales/en/.mustflow/skills/javascript-code-change/SKILL.md +15 -13
  85. package/templates/default/locales/en/.mustflow/skills/line-ending-hygiene/SKILL.md +18 -10
  86. package/templates/default/locales/en/.mustflow/skills/llm-hallucination-control-review/SKILL.md +4 -1
  87. package/templates/default/locales/en/.mustflow/skills/motion-system-contract-review/SKILL.md +155 -0
  88. package/templates/default/locales/en/.mustflow/skills/next-action-menu/SKILL.md +177 -0
  89. package/templates/default/locales/en/.mustflow/skills/node-code-change/SKILL.md +16 -14
  90. package/templates/default/locales/en/.mustflow/skills/observability-debuggability-review/SKILL.md +15 -7
  91. package/templates/default/locales/en/.mustflow/skills/payment-integrity-review/SKILL.md +59 -35
  92. package/templates/default/locales/en/.mustflow/skills/powershell-code-change/SKILL.md +16 -6
  93. package/templates/default/locales/en/.mustflow/skills/prompt-contract-quality-review/SKILL.md +4 -1
  94. package/templates/default/locales/en/.mustflow/skills/python-code-change/SKILL.md +19 -10
  95. package/templates/default/locales/en/.mustflow/skills/rag-pipeline-triage/SKILL.md +206 -0
  96. package/templates/default/locales/en/.mustflow/skills/routes.toml +69 -9
  97. package/templates/default/locales/en/.mustflow/skills/rust-code-change/SKILL.md +10 -4
  98. package/templates/default/locales/en/.mustflow/skills/search-index-integrity-review/SKILL.md +181 -0
  99. package/templates/default/locales/en/.mustflow/skills/security-privacy-review/SKILL.md +3 -1
  100. package/templates/default/locales/en/.mustflow/skills/service-boundary-architecture/SKILL.md +37 -23
  101. package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +323 -0
  102. package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +18 -10
  103. package/templates/default/locales/en/.mustflow/skills/vector-search-integrity-review/SKILL.md +209 -0
  104. package/templates/default/locales/en/.mustflow/skills/version-freshness-check/SKILL.md +16 -14
  105. package/templates/default/manifest.toml +71 -1
@@ -2,11 +2,11 @@
2
2
  mustflow_doc: skill.service-boundary-architecture
3
3
  locale: en
4
4
  canonical: true
5
- revision: 1
5
+ revision: 2
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: service-boundary-architecture
9
- description: Apply this skill when service boundaries, modular-monolith boundaries, data ownership, queue/event boundaries, multi-tenant isolation, failure flow, operational recovery, or large-scale architecture split decisions are designed, reviewed, or changed.
9
+ description: Apply this skill when service boundaries, modular-monolith boundaries, data ownership, queue/event boundaries, multi-tenant isolation, failure flow, independent deployment, operational recovery, disaster recovery, service split evidence, team ownership, cost, toil, or large-scale architecture split decisions are designed, reviewed, or changed.
10
10
  metadata:
11
11
  mustflow_schema: "1"
12
12
  mustflow_kind: procedure
@@ -39,6 +39,7 @@ This skill protects against the common failure mode where a system is split by n
39
39
  - A task designs, reviews, documents, or changes service boundaries, modular-monolith boundaries, bounded contexts, team ownership, API ownership, event ownership, queue ownership, or data ownership.
40
40
  - A monolith is being prepared for future split, a microservice split is proposed, or a service/module boundary is causing deploy, data, incident, or team coordination pain.
41
41
  - The task touches cross-service transactions, outbox/inbox patterns, idempotency, retries, timeouts, caches, read models, search models, shared databases, operational tools, manual correction, observability, tenancy, hot keys, or failure recovery.
42
+ - A boundary claim needs proof from recent co-change history, independent deployability, dependency direction, database write ownership, synchronous call depth, queue backlog behavior, graceful shutdown, health probe correctness, version compatibility, restore or DR drills, least-privilege access, config blast radius, cost, toil, or team bottlenecks.
42
43
  - Architecture docs, decision records, onboarding docs, or skills need durable guidance for large-system design and operational readiness.
43
44
 
44
45
  <!-- mustflow-section: do-not-use-when -->
@@ -57,6 +58,7 @@ This skill protects against the common failure mode where a system is split by n
57
58
  - Data ownership map: which module or service is the source of truth for each core fact, identifier, status, ledger, permission, tenant record, event, and read projection.
58
59
  - Current or proposed communication paths: direct calls, APIs, events, queues, shared databases, shared caches, batch jobs, search indexes, analytics stores, files, and admin tools.
59
60
  - Failure flows: duplicate requests, partial success, timeout, retry, consumer crash, queue backlog, dead-letter handling, external provider uncertainty, reconciliation, and manual correction.
61
+ - Boundary proof ledger: last 3 months of PR co-change by repository, service, schema, deployment pipeline, and team; independent deploy test; dependency cycle map; table write ownership; synchronous call count; non-core dependency failure behavior; timeout and retry budget; queue oldest age; saturation curve; noisy-neighbor evidence; graceful shutdown; health probe split; old/new version compatibility; trace continuity; user-facing SLOs; local dev setup cost; ADR rationale; least-privilege access; config blast radius; restore and DR drill; cost per feature or customer; toil and approval bottlenecks.
60
62
  - Consistency expectations: strong consistency, eventual consistency, tolerated delay, stale reads, cache invalidation, read/write split, search delay, and deletion or retention rules.
61
63
  - Tenant, authorization, observability, deployment, migration, and operations requirements.
62
64
  - Configured verification intents and any existing architecture decision records or context files.
@@ -82,25 +84,32 @@ This skill protects against the common failure mode where a system is split by n
82
84
 
83
85
  1. Name the business capabilities and the facts each capability owns. For every core fact, identify exactly one source of truth and the owner responsible for correcting it.
84
86
  2. Split first by reason to change, not by noun. Keep code together when it changes together; split only when ownership, release cadence, scale, compliance, failure isolation, or team autonomy makes the boundary useful.
85
- 3. Prefer a modular monolith with hard internal boundaries when the team is still discovering the domain. Draw future split lines early, but do not pay distributed-system costs before the boundary pressure is real.
86
- 4. Reject shared database ownership. If another service or module needs data, choose an API, event, read projection, export, or explicitly owned query surface instead of direct table coupling.
87
- 5. Design failure flows before the happy path. Cover partial success, duplicated requests, timeout, unknown external outcome, consumer crash, queue backlog, dead-letter handling, replay, reconciliation, and manual recovery.
88
- 6. Require idempotency for commands that create, charge, reserve, approve, issue, grant, cancel, refund, redeem, or mutate durable state. Use stable request keys and return the previous result for duplicate keys.
89
- 7. Treat queues as storage and backpressure, not magic. Define retry policy, exponential backoff or jitter, max attempts, retention, dead-letter ownership, consumer scaling, ordering expectations, replay safety, and loss tolerance.
90
- 8. Every network call across the boundary needs a timeout, bounded retry policy, fallback or failure result, duplicate-safety story, and observability identifiers.
91
- 9. Treat caches as a consistency tradeoff. Declare which stale values are acceptable, max staleness, invalidation owner, tenant and permission visibility, and whether the cache is allowed to become authority.
92
- 10. Model authorization, tenant isolation, audit, and data visibility at the boundary. Tenant ID must travel through APIs, queues, caches, logs, files, reports, and admin tools when the system is multi-tenant.
93
- 11. For event-driven boundaries, use past-tense fact events such as `OrderCreated` or `PaymentApproved`. Do not disguise commands as events. Include event ID, version, occurred time, publisher, subject, causation or request ID, correlation or trace ID, and compatible schema evolution rules.
94
- 12. Separate transaction data from search, reporting, analytics, and screen-shaped read projections when their consistency, indexing, query, or retention needs diverge.
95
- 13. Define tolerated delay with numbers. Replace vague "real-time" claims with accepted latency or freshness windows such as seconds, minutes, or batch cadence.
96
- 14. Check hot keys and noisy neighbors. Define per-tenant, per-customer, per-room, per-campaign, or per-product limits, queue separation, worker pool separation, connection caps, and external API call caps when one key can dominate load.
97
- 15. Keep domain rules in the owning domain layer. Do not scatter refund windows, cancellation rules, entitlement checks, inventory reservations, or admin overrides across controllers, UI, workers, and jobs.
98
- 16. Plan migrations with expand, dual-write or compatibility, backfill, read switch, verification, and contract removal. Do not rename or remove shared fields in one deployment step.
99
- 17. Plan deletion and retention before data is created. Identify legal retention, anonymization, log masking, backup retention, search/read-model cleanup, and audit exceptions.
100
- 18. Make observability a product feature. Connect API, queue, worker, external provider, database, and admin operations with trace, request, correlation, causation, job, and tenant identifiers. Prefer p95, p99, error rate, queue age, backlog, dependency failure rate, and business success rate over averages.
101
- 19. Make deployment and rollback a boundary decision. Use feature flags, canaries, partial exposure, compatibility windows, and kill switches for risky boundary changes.
102
- 20. Provide operational tools for reality: reconcile external state, retry or quarantine failed messages, correct user/account/order state, revoke permissions, inspect provider responses, and undo manual changes with audit and approval when required.
103
- 21. Record the decision: selected boundary, rejected alternatives, reason, assumptions, failure modes, data owner, operational owner, verification, and revisit triggers.
87
+ 3. Prove whether the proposed boundary is real.
88
+ - Mine recent PRs or change records when available: count repositories, services, DB schemas, deployment pipelines, and teams touched by one small requirement.
89
+ - Try the independent-deploy thought experiment: if one boundary cannot ship without another service version, shared library, DB migration, frontend deploy, or meeting, it is not independent yet.
90
+ - Draw dependency direction and cycles. Cycles usually mean the responsibility and data boundary is wrong, not merely that imports need cleaning.
91
+ - Count how many synchronous services and stores must succeed for one user action. If the answer is "many, or humans fix the database," the consistency boundary may be split in the wrong place.
92
+ 4. Prefer a modular monolith with hard internal boundaries when the team is still discovering the domain. Draw future split lines early, but do not pay distributed-system costs before the boundary pressure is real.
93
+ 5. Reject shared database ownership. If another service or module needs data, choose an API, event, read projection, export, or explicitly owned query surface instead of direct table coupling. Table write ownership should be explicit for every core fact.
94
+ 6. Design failure flows before the happy path. Cover partial success, duplicated requests, timeout, unknown external outcome, consumer crash, queue backlog, dead-letter handling, replay, reconciliation, and manual recovery.
95
+ 7. Require idempotency for commands that create, charge, reserve, approve, issue, grant, cancel, refund, redeem, or mutate durable state. Use stable request keys and return the previous result for duplicate keys.
96
+ 8. Treat queues as storage and backpressure, not magic. Define retry policy, exponential backoff or jitter, max attempts, retention, dead-letter ownership, consumer scaling, ordering expectations, replay safety, loss tolerance, oldest-message age, and catch-up rate.
97
+ 9. Every network call across the boundary needs a timeout, bounded retry policy, fallback or failure result, duplicate-safety story, observability identifiers, and a request-level budget so retries do not multiply across layers.
98
+ 10. Treat caches as a consistency tradeoff. Declare which stale values are acceptable, max staleness, invalidation owner, tenant and permission visibility, and whether the cache is allowed to become authority.
99
+ 11. Model authorization, tenant isolation, audit, and data visibility at the boundary. Tenant ID must travel through APIs, queues, caches, logs, files, reports, and admin tools when the system is multi-tenant. Service accounts should have only the DB, queue, storage, and API permissions the boundary needs.
100
+ 12. For event-driven boundaries, use past-tense fact events such as `OrderCreated` or `PaymentApproved`. Do not disguise commands as events. Include event ID, version, occurred time, publisher, subject, causation or request ID, correlation or trace ID, and compatible schema evolution rules.
101
+ 13. Separate transaction data from search, reporting, analytics, and screen-shaped read projections when their consistency, indexing, query, or retention needs diverge.
102
+ 14. Define tolerated delay with numbers. Replace vague "real-time" claims with accepted latency or freshness windows such as seconds, minutes, or batch cadence.
103
+ 15. Check hot keys and noisy neighbors. Define per-tenant, per-customer, per-room, per-campaign, or per-product limits, queue separation, worker pool separation, connection caps, and external API call caps when one key can dominate load.
104
+ 16. Check saturation and graceful degradation. Drive load past normal capacity in a bounded test plan when available, and identify the first bottleneck: worker pool, DB pool, locks, thread pool, queue, disk, external quota, or cache stampede.
105
+ 17. Keep domain rules in the owning domain layer. Do not scatter refund windows, cancellation rules, entitlement checks, inventory reservations, or admin overrides across controllers, UI, workers, and jobs.
106
+ 18. Plan migrations with expand, dual-write or compatibility, backfill, read switch, verification, and contract removal. Do not rename or remove shared fields in one deployment step. Old and new versions should tolerate unknown fields, missing fields, old messages, and new schema during rollout.
107
+ 19. Plan deletion and retention before data is created. Identify legal retention, anonymization, log masking, backup retention, search/read-model cleanup, and audit exceptions.
108
+ 20. Make observability a product feature. Connect API, queue, worker, external provider, database, and admin operations with trace, request, correlation, causation, job, and tenant identifiers. Prefer p95, p99, error rate, queue age, backlog, dependency failure rate, and business success rate over averages.
109
+ 21. Make deployment, rollback, shutdown, and health checks boundary decisions. Use feature flags, canaries, partial exposure, compatibility windows, kill switches, readiness/liveness/startup separation, graceful drain, and rollback-forward plans for risky boundary changes.
110
+ 22. Provide operational tools for reality: reconcile external state, retry or quarantine failed messages, correct user/account/order state, revoke permissions, inspect provider responses, and undo manual changes with audit and approval when required.
111
+ 23. Prove recovery, cost, and toil. A backup is not a boundary guarantee until it is restored in a clean environment. DR, config rollback, secret or certificate recovery, per-feature cost, repeated manual work, and single-team or single-person approval bottlenecks should be measured or reported.
112
+ 24. Record the decision: selected boundary, rejected alternatives, reason, assumptions, failure modes, data owner, operational owner, verification, cost, toil, and revisit triggers.
104
113
 
105
114
  <!-- mustflow-section: review-rejection-criteria -->
106
115
  ## Review Rejection Criteria
@@ -110,6 +119,9 @@ Reject or revise the design when:
110
119
  - A service or module boundary has no named data owner.
111
120
  - Two owners write the same core fact without a conflict rule.
112
121
  - A service reads another service's tables or cache as normal behavior.
122
+ - A small requirement routinely changes many repositories, services, schemas, pipelines, or teams.
123
+ - A service cannot be deployed, rolled back, or tested without synchronized changes in another boundary.
124
+ - Dependency graphs contain cycles with no explicit ownership decision.
113
125
  - The design shows only the happy path.
114
126
  - Retries lack timeout, backoff, jitter, max attempts, idempotency, or failure ownership.
115
127
  - A queue has no dead-letter, retention, replay, ordering, or backlog policy.
@@ -117,6 +129,8 @@ Reject or revise the design when:
117
129
  - Events are imperative commands instead of past-tense facts.
118
130
  - Event schemas lack version, event ID, occurred time, publisher, and correlation or causation identifiers.
119
131
  - Tenant, permission, audit, or data-retention boundaries are added after the fact.
132
+ - Health checks only prove process liveness, graceful shutdown is untested, or old and new versions cannot run together.
133
+ - Backup, restore, DR, least privilege, config rollback, cost, or toil claims have no proof path.
120
134
  - Architecture choice is justified by tooling fashion instead of ownership, failure, scale, compliance, or team autonomy.
121
135
  - Manual operations can mutate critical state without audit, approval, and reversal or reconciliation path.
122
136
 
@@ -126,7 +140,7 @@ Reject or revise the design when:
126
140
  - Data ownership and source-of-truth boundaries are explicit.
127
141
  - Boundary split is justified by change reason, ownership, scale, compliance, failure isolation, or team autonomy.
128
142
  - Failure handling, idempotency, retry, queue, cache, event, and observability contracts are defined or explicitly deferred.
129
- - Tenant, authorization, deletion, retention, migration, deployment, and operational recovery risks are checked or reported.
143
+ - Tenant, authorization, deletion, retention, migration, deployment, graceful shutdown, health checks, version compatibility, restore, DR, cost, toil, and operational recovery risks are checked or reported.
130
144
  - Decision records explain why this boundary was chosen, what alternatives were rejected, and when to revisit.
131
145
 
132
146
  <!-- mustflow-section: verification -->
@@ -160,7 +174,7 @@ Use broader configured checks when the boundary change affects templates, public
160
174
  - Boundary checked
161
175
  - Data owners and source-of-truth notes
162
176
  - Failure, idempotency, queue, cache, and event notes
163
- - Tenant, auth, retention, observability, deployment, and operations notes
177
+ - Co-change, independent deploy, dependency, data ownership, sync-call, saturation, noisy-neighbor, tenant, auth, retention, observability, deployment, health, shutdown, version compatibility, restore, DR, cost, toil, and operations notes
164
178
  - Files changed
165
179
  - Command intents run
166
180
  - Skipped checks and reasons
@@ -0,0 +1,323 @@
1
+ ---
2
+ mustflow_doc: skill.test-suite-performance-review
3
+ locale: en
4
+ canonical: true
5
+ revision: 1
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: test-suite-performance-review
9
+ description: Apply this skill when test-suite runtime, CI feedback latency, test selection, shard balance, worker scheduling, retry policy, flaky-test handling, fixture setup, database or container test lifecycle, coverage or artifact overhead, test-result caching, test discovery, or test performance claims are planned, edited, reviewed, or reported.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.test-suite-performance-review
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - build
19
+ - test_related
20
+ - test
21
+ - test_audit
22
+ - docs_validate_fast
23
+ - test_release
24
+ - mustflow_check
25
+ ---
26
+
27
+ # Test Suite Performance Review
28
+
29
+ <!-- mustflow-section: purpose -->
30
+ ## Purpose
31
+
32
+ Make test suites faster without turning the default verification path into wishful thinking.
33
+
34
+ The review question is not "can the suite run in parallel?" It is "where is the wall-clock time
35
+ actually spent, which tests are safe to skip or run later, which workers are waiting, which shared
36
+ resources are saturated, and what evidence keeps a faster path trustworthy?"
37
+
38
+ <!-- mustflow-section: use-when -->
39
+ ## Use When
40
+
41
+ - Test or CI runtime, developer-loop feedback time, shard balance, worker count, test discovery,
42
+ coverage collection, trace or artifact generation, retry policy, flaky-test handling, or test
43
+ result caching is created, changed, reviewed, or reported.
44
+ - A task changes command contracts, CI workflows, test runner configuration, test grouping, test
45
+ selection, test scheduling, package scripts, fixture setup, database setup, container lifecycle,
46
+ browser test behavior, or coverage and report defaults for performance reasons.
47
+ - A report claims tests are faster, optimized, selected, cached, parallelized, sharded, hermetic,
48
+ stable, less flaky, or safer to run on every PR.
49
+ - A test suite is slow because of repeated process startup, full-directory discovery, repeated
50
+ migration or seed work, per-test containers, sleeps, external internet calls, huge artifacts,
51
+ tail shards, or over-broad full-suite execution.
52
+
53
+ <!-- mustflow-section: do-not-use-when -->
54
+ ## Do Not Use When
55
+
56
+ - The task only adds or updates behavior tests; use `test-design-guard` or `test-maintenance`.
57
+ - The task only reviews whether production code is testable; use `testability-boundary-review`.
58
+ - The task is ordinary application hot-path performance with no test runner, fixture, CI, or
59
+ verification-loop behavior; use `performance-budget-check`.
60
+ - The user only wants a one-time local command result and no persistent test or CI behavior changes.
61
+ - The proposed change weakens verification by deleting tests, skipping failed tests, removing
62
+ assertions, disabling coverage gates, or hiding flaky tests without an evidence-based policy.
63
+
64
+ <!-- mustflow-section: required-inputs -->
65
+ ## Required Inputs
66
+
67
+ - Suite surface: local command, CI job, package script, test runner, shard system, coverage job,
68
+ browser test job, database-backed test job, or release gate.
69
+ - Timing ledger: discovery, process startup, shared setup, fixture creation, test body, database or
70
+ container setup, cleanup, coverage, report generation, artifact upload, queue wait, shard tail,
71
+ and idle-worker time when available.
72
+ - Test timing evidence: p50 and p95 per test or file, longest tests, previous failures, flaky
73
+ history, shard start and finish times, worker utilization, retry count, and timeout outliers.
74
+ - Selection ledger: changed files, dependency graph, runtime coverage or touched-file evidence,
75
+ newly added tests, previous failed tests, unsafe-change fallback rules, and scheduled full-suite
76
+ safety net.
77
+ - Isolation ledger: time, randomness, UUIDs, locale, timezone, environment variables, home
78
+ directory, filesystem paths, network, database, containers, queues, browser profiles, caches,
79
+ module state, and runner process reuse.
80
+ - Resource ledger: CPU, memory, DB connections, browser processes, containers, network, filesystem,
81
+ GPU, SQLite or PostgreSQL locks, port allocation, and any scarce resource that needs a token or
82
+ affinity rule.
83
+ - Cache ledger: declared inputs, cache keys, volatile values, hit rate, miss reasons, runner-local
84
+ cache, remote cache, result-cache eligibility, and invalidation behavior.
85
+ - Relevant command-intent entries for tests, builds, docs, release checks, and mustflow validation.
86
+
87
+ <!-- mustflow-section: preconditions -->
88
+ ## Preconditions
89
+
90
+ - The task matches the Use When conditions and does not match the Do Not Use When exclusions.
91
+ - Higher-priority instructions and `.mustflow/config/commands.toml` have been checked for the
92
+ current scope.
93
+ - Required inputs are available, or missing timing, selection, cache, isolation, or resource
94
+ evidence can be reported without guessing.
95
+ - If a change touches production behavior or test coverage meaning, use the matching behavior,
96
+ test-design, security, data, or release skill before accepting the performance change.
97
+ - If test result caching or selected-test execution is introduced, the full-suite fallback and
98
+ scheduled full-suite safety net are defined first.
99
+
100
+ <!-- mustflow-section: allowed-edits -->
101
+ ## Allowed Edits
102
+
103
+ - Add or refine test timing collection, historical duration stores, selected-test manifests,
104
+ dependency-to-test maps, runner scheduling, shard assignment, worker limits, retry classification,
105
+ fixture lifecycle, local stubs, fake timers, cache keys, coverage defaults, and CI report policy.
106
+ - Add or adjust tests, fixtures, docs, command contracts, release checks, and template surfaces
107
+ directly tied to the test-suite performance behavior.
108
+ - Move expensive setup from per-test to per-worker, per-module, or per-session scope only when
109
+ mutable state still has a cheap isolation layer.
110
+ - Do not remove tests, weaken assertions, disable failure artifacts, or mark flaky tests as normal
111
+ success to make a suite look faster.
112
+ - Do not add unbounded parallelism, shared database schemas, cross-test mutable fixtures, or result
113
+ caches when hidden inputs are not declared.
114
+
115
+ <!-- mustflow-section: procedure -->
116
+ ## Procedure
117
+
118
+ 1. Measure before optimizing.
119
+ - Split elapsed time into discovery, process startup, shared setup, fixture creation, test body,
120
+ database or container setup, cleanup, coverage, report generation, artifact upload, queue wait,
121
+ shard tail, and idle-worker time.
122
+ - Report p50 and p95 per test or file when available. Average-only timing hides the last slow
123
+ shard, and the last slow shard decides CI wall time.
124
+ - When the command contract exposes `test_related_profile`, run it before policy changes that
125
+ depend on local verification timing. Then read the retained evidence with
126
+ `mf script-pack run test/performance-report summarize --json` before changing scheduling,
127
+ caching, timeout, worker, fixture, or selected-test behavior.
128
+ 2. Classify the bottleneck.
129
+ - Discovery bottleneck: full tree scans, broad classpath scans, fixtures and generated files in
130
+ search paths, or missing precomputed test manifests.
131
+ - Startup bottleneck: one process, JVM, Python, Node, browser, container, or dependency-injection
132
+ graph per test instead of a safe persistent worker.
133
+ - Fixture bottleneck: repeated migrations, seed data, model loads, browser profile setup, or
134
+ container creation.
135
+ - Scheduling bottleneck: file-count sharding, no historical duration data, no work stealing,
136
+ huge test files, or worker count beyond the resource optimum.
137
+ - Artifact bottleneck: coverage, screenshots, videos, traces, full logs, HTML reports, or upload
138
+ work paid on every PR path instead of only failure, retry, nightly, or release paths.
139
+ 3. Replace blanket full-suite execution with selected execution only when fallback is explicit.
140
+ - Include affected tests from changed files, new tests, and previous failed tests.
141
+ - Fall back to the full suite for changes to lockfiles, compiler or runtime settings, test runner
142
+ configuration, shared fixtures, migrations, database schema, generated contracts, package
143
+ metadata that affects runtime, or any change the selector cannot understand.
144
+ - Keep a scheduled full-suite path for nightly, release, or pre-merge confidence.
145
+ 4. Do not build impact analysis from imports alone.
146
+ - Combine static dependency evidence with previous runtime evidence such as touched files,
147
+ classes, schemas, config keys, fixtures, resources, and test-to-source mappings.
148
+ - Prefer file or class granularity when method-level tracing costs more than it saves.
149
+ - Treat dynamic imports, reflection, generated code, config-driven branches, and framework magic
150
+ as reasons to widen selection or fall back.
151
+ 5. Run likely failures early.
152
+ - Order previous failed tests, recently changed tests, tests near the changed code, historically
153
+ flaky tests, and long tests before low-risk tests.
154
+ - Use early-fail jobs for fast developer feedback, but keep a separate full-data job that
155
+ continues collecting remaining failures when the workflow needs all failures.
156
+ 6. Cache only hermetic test results.
157
+ - A successful test result can be reused only when the test binary, test code, affected product
158
+ code, fixtures, environment, toolchain, locale, timezone, and declared resources match.
159
+ - Do not include volatile values such as commit SHA, build number, wall-clock time, random temp
160
+ roots, or runner-specific paths in cache keys unless they truly affect output.
161
+ - Do include language version, compiler flags, runtime flags, timezone, locale, dependency lock
162
+ content, fixture versions, and DB schema version when they affect behavior.
163
+ - Track cache hit rate and miss reasons after adding a cache; a cache with invisible misses is
164
+ performance theater.
165
+ 7. Preserve warm local and remote caches.
166
+ - Avoid clearing dependency caches, transformed source caches, test discovery indexes, compiled
167
+ output, and package caches at the start of every CI job.
168
+ - Prefer runner-local SSD caches or content-hash restore over slow network-volume scans.
169
+ 8. Avoid full discovery on every run.
170
+ - Generate or maintain package-level test manifests when the project can do so safely.
171
+ - Exclude fixtures, snapshots, generated output, archived tests, vendored code, and build output
172
+ from discovery paths.
173
+ - For JVM and similar ecosystems, prefer explicit include patterns over broad classpath scanning
174
+ when the runner supports it.
175
+ 9. Reuse workers before increasing worker count.
176
+ - Keep interpreters, JIT, dependency injection, ASTs, browser engines, and database clients warm
177
+ across multiple tests when isolation allows it.
178
+ - Reset static state, module caches, timers, environment, and global fixtures between tests.
179
+ - Replace workers only after measured memory leaks, not by default after every test.
180
+ 10. Size work units for the scheduler.
181
+ - Do not send thousands of tiny remote jobs where queue setup, sandbox setup, input transfer,
182
+ and result collection cost more than the test body.
183
+ - Bundle micro-tests by package, runtime, or fixture affinity while preserving per-test result
184
+ reporting.
185
+ 11. Shard by historical duration, not file count.
186
+ - Use recent successful durations, trimmed means, or exponential moving averages.
187
+ - Assign longest tests first to the currently lightest shard.
188
+ - Give new tests a directory or type median, and cap timeout outliers so one historic failure
189
+ does not poison future placement.
190
+ 12. Add work stealing when static shards still leave idle workers.
191
+ - Let early workers take not-yet-started work from overloaded shards.
192
+ - Keep tests that share expensive setup together unless the tail cost is worse than duplicated
193
+ setup.
194
+ 13. Split huge files below the file level when supported.
195
+ - File-level sharding is fake parallelism when one file contains most of the runtime.
196
+ - Confirm that the runner actually honors case-level sharding; unsupported sharding can cause
197
+ every shard to run the whole suite.
198
+ 14. Schedule by resource tokens and affinity.
199
+ - Tag tests by CPU, memory, DB connections, browser processes, containers, GPU, filesystem, and
200
+ network pressure.
201
+ - Use resource tokens or locks for scarce shared resources instead of disabling all parallelism.
202
+ - Keep expensive fixture groups together when setup reuse beats perfect load balance.
203
+ 15. Tune worker count empirically.
204
+ - Compare worker counts such as 1, 2, 4, and 8 on the same commit.
205
+ - Stop increasing workers when wall time stops improving, memory peaks rise sharply, DB waits
206
+ increase, browser tests swap, or flaky rate rises.
207
+ 16. Make database and container setup worker-scoped.
208
+ - Prefer one DB server or service container per worker, with per-test schemas, databases,
209
+ transactions, savepoints, namespaces, ports, or fixture copies.
210
+ - Do not let all workers share the same mutable schema unless the suite is intentionally
211
+ serialized.
212
+ - Build a migrated and seeded template DB or snapshot once, then clone it per worker when
213
+ migrations or seed data dominate.
214
+ 17. Reset mutable state cheaply.
215
+ - Prefer transaction rollback or savepoints for tests whose side effects stay inside one DB
216
+ connection.
217
+ - Use DB clone, schema clone, or container snapshot for tests that cross processes, queues,
218
+ external workers, sequence assertions, or asynchronous effects.
219
+ - Use tmpfs only for non-persistent state with explicit size limits.
220
+ 18. Replace sleeps with readiness and fake time.
221
+ - Treat fixed sleeps as performance bugs.
222
+ - Wait for real readiness: health endpoints, logs, successful queries, event receipt, or port
223
+ plus protocol-level checks.
224
+ - For timers, retries, expiry, and scheduled work, inject clocks or use fake timers instead of
225
+ waiting in real time.
226
+ 19. Remove external internet from the default CI path.
227
+ - Use local stubs, fixtures, mocks, recorded responses, or contract-specific jobs.
228
+ - Block unrelated images, fonts, analytics, and third-party requests in UI tests unless the test
229
+ is specifically about that delivery behavior.
230
+ 20. Control hidden inputs.
231
+ - Inject time, random seeds, UUID generation, locale, timezone, environment, and current user.
232
+ - Report seed values on failure so a failed run can be reproduced.
233
+ 21. Move expensive evidence off the default path.
234
+ - Collect full coverage, videos, traces, screenshots, full logs, and HTML reports only where
235
+ they pay for themselves: failures, first retry, nightly, release, or dedicated coverage jobs.
236
+ - Merge shard reports after tests finish rather than blocking each shard on heavy reporting.
237
+ 22. Retry narrowly and honestly.
238
+ - Retry only the failed test or case, once, in a fresh worker when possible.
239
+ - Preserve first-failure logs and artifacts.
240
+ - Classify retry success as flaky success, not normal success.
241
+ 23. Use speculative tail duplication only for hermetic shards.
242
+ - If the last shard exceeds its historical p95 while workers are idle, a scheduler may duplicate
243
+ that shard and accept the first result.
244
+ - Do not duplicate non-hermetic tests, tests with side effects, or tests that consume scarce
245
+ external resources.
246
+ 24. Garbage-collect the test portfolio.
247
+ - Track duration, unique behavior coverage, defect-finding history, flaky rate, owner, and last
248
+ meaningful update.
249
+ - Move low-value duplicates from PR paths to nightly paths before deleting them.
250
+ - Quarantine flaky tests with owner and expiry; do not let quarantine become permanent silence.
251
+ 25. Verify the faster path and the fallback path.
252
+ - A selector, cache, shard rule, retry policy, or fixture reuse change is not complete until the
253
+ default fast path and the fallback or full path both have evidence or a reported missing
254
+ command intent.
255
+
256
+ <!-- mustflow-section: postconditions -->
257
+ ## Postconditions
258
+
259
+ - The test-suite bottleneck is classified by timing, selection, scheduling, cache, fixture, DB,
260
+ container, artifact, retry, or resource evidence.
261
+ - The optimization goal is explicit: faster first failure, shorter PR wall time, lower CI cost,
262
+ lower flaky rate, smaller artifact overhead, or faster local feedback.
263
+ - Selected-test execution has a full-suite fallback for unsafe or unknown changes.
264
+ - Caches declare inputs, omit irrelevant volatile values, and report hit rate or miss reasons when
265
+ evidence exists.
266
+ - Worker count, resource tokens, shard placement, fixture affinity, and retry behavior preserve
267
+ test isolation and failure evidence.
268
+ - Any speed claim is measured, complexity-only, or explicitly unverified.
269
+
270
+ <!-- mustflow-section: verification -->
271
+ ## Verification
272
+
273
+ Use configured oneshot command intents when available:
274
+
275
+ - `changes_status`
276
+ - `changes_diff_summary`
277
+ - `build`
278
+ - `test_related`
279
+ - `test`
280
+ - `test_audit`
281
+ - `docs_validate_fast`
282
+ - `test_release`
283
+ - `mustflow_check`
284
+
285
+ Use the narrowest configured test, build, docs, release, or mustflow intent that proves the changed
286
+ test-suite behavior. If the repository exposes a profiling or cached-test intent, use it only when
287
+ the command contract marks it configured, oneshot, and agent-allowed.
288
+
289
+ When a profiling intent has run, prefer the read-only `test/performance-report` script-pack as the
290
+ first report surface. Its `next_actions` field should guide whether the next safe step is collecting
291
+ profile evidence, resolving previous failures, inspecting slow intents or phases, reviewing timeout
292
+ pressure, or investigating selected-test fallback behavior.
293
+
294
+ <!-- mustflow-section: failure-handling -->
295
+ ## Failure Handling
296
+
297
+ - If timing evidence is missing, add bounded measurement or report the missing evidence before
298
+ changing scheduling, caching, or selection policy.
299
+ - If selection cannot understand a change, fall back to the full suite.
300
+ - If a cache key is uncertain, prefer a cache miss over a false hit.
301
+ - If worker reuse causes order dependence, leaked state, or flaky failures, isolate the leaked
302
+ resource before widening reuse.
303
+ - If parallelism makes tests slower, check shared DB, browser, memory, filesystem, and container
304
+ contention before increasing workers again.
305
+ - If a retry hides a real failure, preserve first-failure evidence and classify the result as flaky.
306
+ - If configured verification is missing, report the missing intent instead of inventing raw runner
307
+ commands.
308
+
309
+ <!-- mustflow-section: output-format -->
310
+ ## Output Format
311
+
312
+ - Suite surface and feedback goal
313
+ - Timing breakdown and bottleneck class
314
+ - Selection policy and full-suite fallback
315
+ - Scheduling, sharding, worker, and resource-token decisions
316
+ - Fixture, DB, container, filesystem, time, randomness, network, and isolation notes
317
+ - Cache key, hit-rate, and miss-reason notes
318
+ - Retry and flaky-test policy
319
+ - Coverage, trace, log, screenshot, video, report, and artifact policy
320
+ - Speed evidence: measured, complexity-only, or unverified
321
+ - Command intents run
322
+ - Skipped command intents and reasons
323
+ - Remaining test-suite performance risk
@@ -2,7 +2,7 @@
2
2
  mustflow_doc: skill.typescript-code-change
3
3
  locale: en
4
4
  canonical: true
5
- revision: 4
5
+ revision: 6
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: typescript-code-change
@@ -91,19 +91,26 @@ Preserve TypeScript's type, runtime validation, module, build, and public API bo
91
91
  11. For type tests, prefer `@ts-expect-error` with a short reason. Do not use `@ts-ignore` in implementation code. Implementation `@ts-expect-error` needs an owner, removal condition, and risk report.
92
92
  12. If a public API changes, trace every consumer-visible import specifier, runtime export, type export, declaration output, docs example, type-only export, overload, generic default, interface field, enum or literal member, class member, and package entry condition.
93
93
  13. Treat `exports`, `types`, `typings`, `typesVersions`, package `type`, file extensions, path aliases, declaration import paths, and barrel exports as public API surfaces. Adding or tightening `exports` can break existing deep imports.
94
- 14. If ESM/CJS behavior changes, verify package `type`, `main`, `module`, `browser`, `exports`, condition order, extension rules, generated JS, and generated declaration files together.
95
- 15. Inspect generated declarations when package surfaces change. Declaration files must not leak source-only aliases, private paths, workspace-only package names, unpublished internal paths, or accidental public re-exports.
96
- 16. For TypeScript 6 migration work, treat deprecation warnings as future TypeScript 7 removal risk. `ignoreDeprecations` is a temporary compatibility valve, not proof that the project is ready for 7.0. Prefer removing deprecated options and updating resolver or module choices to match the project runtime.
97
- 17. Treat TypeScript 6 `--stableTypeOrdering` as a migration comparison tool for declaration and error-order differences, not as a permanent performance-neutral default. If it changes errors or declaration output, look for inference or declaration-stability issues instead of snapshotting noise.
98
- 18. For TypeScript 7 migration work, keep the tracks separate:
94
+ 14. For TypeScript that emits code for native Node ESM, prefer `.ts` source plus package `"type": "module"` and `module`/`moduleResolution` set to `NodeNext` or the repository's fixed Node mode. Do not rename every source file to `.mts` just to mean ESM; reserve `.mts` and `.cts` for explicit per-file module overrides or mixed-package boundaries.
95
+ 15. In TypeScript source that targets native Node ESM, write relative imports using the emitted runtime specifier, usually `.js`, such as `import { createApp } from "./app.js"` from `app.ts`. Do not write extensionless relative imports or `.ts` runtime specifiers unless a declared loader, bundler, or runtime explicitly owns that behavior.
96
+ 16. Use `moduleResolution: "Bundler"` only when a bundler such as Vite, esbuild, Rollup, or a framework build system owns final module resolution. Do not use bundler resolution to model code that Node will execute directly without that bundler.
97
+ 17. If ESM/CJS behavior changes, verify package `type`, `main`, `module`, `browser`, `exports`, condition order, extension rules, generated JS, and generated declaration files together.
98
+ 18. For `tsconfig` updates, make defaults explicit when they affect emitted shape, ambient types, or module semantics. Check `rootDir`, `include`, `exclude`, `types`, `lib`, `target`, `module`, `moduleResolution`, `verbatimModuleSyntax`, `noUncheckedSideEffectImports`, declaration output, and framework wrapper defaults together instead of relying on a compiler-major default.
99
+ 19. Treat `types` as an ambient-global allowlist. Add only the runtime or test environment globals the project actually uses, such as Node, Bun, DOM, Vitest, Jest, or Playwright. Do not restore broad ambient discovery just to hide missing imports or environment drift.
100
+ 20. Use import attributes, subpath imports, and deferred module evaluation only when the runtime, bundler, and compiler track all support the exact syntax. `import defer` is a side-effect and startup-order choice, not a generic lazy-loading trick; use it only for namespace imports whose module evaluation can safely wait until first export access.
101
+ 21. Use `using` or `await using` only when the target runtime or transform path supports explicit resource management and the object really owns a disposable resource. Do not replace visible `try/finally`, context-manager, or framework cleanup contracts with `using` if the surrounding lifecycle, error propagation, or generated JS cannot be verified.
102
+ 22. Inspect generated declarations when package surfaces change. Declaration files must not leak source-only aliases, private paths, workspace-only package names, unpublished internal paths, or accidental public re-exports.
103
+ 23. For TypeScript 6 migration work, treat deprecation warnings as future TypeScript 7 removal risk. `ignoreDeprecations` is a temporary compatibility valve, not proof that the project is ready for 7.0. Prefer removing deprecated options and updating resolver or module choices to match the project runtime.
104
+ 24. Treat TypeScript 6 `--stableTypeOrdering` as a migration comparison tool for declaration and error-order differences, not as a permanent performance-neutral default. If it changes errors or declaration output, look for inference or declaration-stability issues instead of snapshotting noise.
105
+ 25. For TypeScript 7 migration work, keep the tracks separate:
99
106
  - TS6 stable API track: `@typescript/typescript6` and `tsc6` for compiler API, transformer, ESLint, framework wrapper, and peer-dependency compatibility.
100
107
  - TS7 RC compiler track: `typescript@rc` and `tsc` for RC compiler verification.
101
108
  - TS7 nightly track: `@typescript/native-preview` and `tsgo` for nightly diagnostics only.
102
109
  - Future TS7 stable track: stable `typescript` once upstream publishes TypeScript 7 on the normal stable path.
103
- 19. Keep compiler API consumers, language-service plugins, custom transformers, and framework typecheck wrappers on the TS6 API track until their owners explicitly support the TS7 API surface. Treat TS7 RC `tsc` as compiler verification, not proof that JavaScript compiler API consumers can migrate.
104
- 20. When comparing TS6 `tsc6`, TS7 RC `tsc`, and optional TS7 nightly `tsgo`, classify differences before editing code: real type error, declaration emit order or printback noise, unsupported option, unsupported API, watch or incremental behavior gap, language-service gap, generated-output drift, or framework wrapper mismatch.
105
- 21. Do not treat faster TS7 RC or nightly results as sufficient verification. Keep the repository's existing `tsc`, `tsc6`, or framework typecheck as the compatibility baseline until repository policy explicitly adopts a different compiler track.
106
- 22. Choose the narrowest configured verification intents that cover typecheck, lint, tests, build output, declarations, package contract risk, and downstream-style consumer risk.
110
+ 26. Keep compiler API consumers, language-service plugins, custom transformers, and framework typecheck wrappers on the TS6 API track until their owners explicitly support the TS7 API surface. Treat TS7 RC `tsc` as compiler verification, not proof that JavaScript compiler API consumers can migrate.
111
+ 27. When comparing TS6 `tsc6`, TS7 RC `tsc`, and optional TS7 nightly `tsgo`, classify differences before editing code: real type error, declaration emit order or printback noise, unsupported option, unsupported API, watch or incremental behavior gap, language-service gap, generated-output drift, or framework wrapper mismatch.
112
+ 28. Do not treat faster TS7 RC or nightly results as sufficient verification. Keep the repository's existing `tsc`, `tsc6`, or framework typecheck as the compatibility baseline until repository policy explicitly adopts a different compiler track.
113
+ 29. Choose the narrowest configured verification intents that cover typecheck, lint, tests, build output, declarations, package contract risk, and downstream-style consumer risk.
107
114
 
108
115
  <!-- mustflow-section: assertion-policy -->
109
116
  ## Assertion Policy
@@ -151,6 +158,7 @@ Reject or revise the patch when any of these appear without explicit evidence an
151
158
  - Validator schemas and exported types are duplicated without a single source of truth.
152
159
  - Generated declarations expose source-only aliases, internal module paths, workspace-only packages, or accidental barrel exports.
153
160
  - Package entry metadata changes without checking runtime entry, type entry, declaration output, and supported resolver modes.
161
+ - `tsconfig` defaults, ambient `types`, import attributes, `import defer`, or explicit resource management syntax are adopted without runtime, bundler, compiler-track, and generated-output evidence.
154
162
  - `skipLibCheck` or weakened strictness is used as release validation for a library/package.
155
163
  - TypeScript 6-to-7 migration warnings are silenced instead of classified and either fixed or reported.
156
164
  - TS7 RC or nightly output differences are accepted as harmless without classification.