mustflow 2.99.1 → 2.103.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/skill.js +76 -2
- package/dist/cli/lib/external-skill-import.js +391 -0
- package/dist/cli/lib/local-index/index.js +5 -1
- package/dist/core/public-json-contracts.js +16 -0
- package/dist/core/skill-route-resolution.js +54 -6
- package/package.json +1 -1
- package/schemas/README.md +3 -0
- package/schemas/skill-import-report.schema.json +97 -0
- package/templates/default/i18n.toml +44 -8
- package/templates/default/locales/en/.mustflow/docs/agent-workflow.md +11 -1
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +27 -2
- package/templates/default/locales/en/.mustflow/skills/c-code-change/SKILL.md +371 -0
- package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +53 -14
- package/templates/default/locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md +15 -3
- package/templates/default/locales/en/.mustflow/skills/complex-decision-analysis/SKILL.md +236 -0
- package/templates/default/locales/en/.mustflow/skills/css-code-change/SKILL.md +74 -24
- package/templates/default/locales/en/.mustflow/skills/docs-prose-review/SKILL.md +36 -10
- package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +27 -3
- package/templates/default/locales/en/.mustflow/skills/html-code-change/SKILL.md +37 -21
- package/templates/default/locales/en/.mustflow/skills/react-code-change/SKILL.md +278 -0
- package/templates/default/locales/en/.mustflow/skills/routes.toml +30 -0
- package/templates/default/locales/en/.mustflow/skills/shell-code-change/SKILL.md +279 -0
- package/templates/default/locales/en/.mustflow/skills/structured-config-change/SKILL.md +170 -0
- package/templates/default/manifest.toml +32 -1
package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
mustflow_doc: skill.github-contribution-quality-gate
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 3
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: github-contribution-quality-gate
|
|
@@ -55,6 +55,9 @@ The goal is not polished prose. The goal is verified, scoped, actionable informa
|
|
|
55
55
|
- Duplicate and context search evidence: searched terms, open and closed issues, open and closed pull requests, discussions when used by the repository, documentation, changelog, and related maintainer comments.
|
|
56
56
|
- User evidence: reproduction steps, minimal example, logs, screenshots, recordings, changed files, local test output, failing command, environment, version, linked issue, or maintainer question being answered.
|
|
57
57
|
- Draft structure evidence: proposed title, first-screen summary, section headings, Markdown tables, task lists, code blocks, details blocks, screenshots, links, review order, and unresolved questions.
|
|
58
|
+
- Pull request readiness evidence when relevant: whether the PR should be ready for review or draft,
|
|
59
|
+
whether the title follows repository style without agent/vendor prefixes, and whether any review
|
|
60
|
+
re-request is explicitly warranted.
|
|
58
61
|
- Verification level: personally reproduced, partially reproduced, inferred from code, inferred from logs, not reproduced, not searched, or not verified.
|
|
59
62
|
- Desired result: report a bug, propose a feature, submit a fix, ask for design approval, answer a maintainer, provide missing evidence, or close the loop.
|
|
60
63
|
|
|
@@ -97,13 +100,27 @@ The goal is not polished prose. The goal is verified, scoped, actionable informa
|
|
|
97
100
|
- `same problem here` without new evidence is not new value.
|
|
98
101
|
6. Plan the reading order before polishing prose.
|
|
99
102
|
- Title should name the observed result for issues or the guaranteed behavior after a PR, not labels such as `[BUG]`, `fix`, `WIP`, or implementation chores.
|
|
103
|
+
- Do not add agent, assistant, vendor, or tool prefixes such as `[codex]`, `[AI]`, or `[bot]`
|
|
104
|
+
unless the target repository explicitly requires them. Prefer the repository's conventional
|
|
105
|
+
commit or title style so the changed behavior stays first.
|
|
100
106
|
- First screen should contain conclusion, impact, and requested decision. Move long logs, full outputs, screenshots, and alternatives below or into `<details>`.
|
|
101
107
|
- Headings should answer one question each. Avoid dump headings such as `Details`, `Misc`, `Notes`, or `Context` unless the repository template requires them.
|
|
102
108
|
- Separate observed facts, current hypotheses, decisions, and unknowns. Use `Cause` only when the cause is confirmed.
|
|
103
109
|
7. For bug issues, require actual behavior, expected behavior, exact reproduction steps, smallest reasonable reproduction, version, environment, relevant logs or screenshots, regression status, attempted workarounds, concrete impact, and completion criteria.
|
|
104
110
|
8. For feature or enhancement issues, require user problem, affected users, current workflow, desired workflow, why existing behavior is insufficient, related discussions, compatibility impact, alternatives considered, and non-goals when the proposal can sprawl.
|
|
105
111
|
9. For documentation issues, require exact page, section, symbol, command, or example; current wording or behavior; expected wording or explanation; and evidence that the current documentation is stale or misleading when available.
|
|
106
|
-
10. For pull requests, require focused scope, linked issue or prior discussion when non-trivial, changed behavior, intentionally unchanged behavior, tests added or updated, exact verification results, compatibility notes for public surfaces, UI screenshots when relevant, and
|
|
112
|
+
10. For pull requests, require focused scope, linked issue or prior discussion when non-trivial, changed behavior, intentionally unchanged behavior, tests added or updated, exact verification results, compatibility notes for public surfaces, UI screenshots when relevant, and a readiness decision.
|
|
113
|
+
- Use ready-for-review as the default for small, independent fixes or narrow improvements when
|
|
114
|
+
the relevant checks were run, known limitations can be stated in the PR body, and no
|
|
115
|
+
maintainer design decision is needed.
|
|
116
|
+
- Use draft only when the PR is intentionally discussion-first, changes public API shape, needs
|
|
117
|
+
design direction, has blocked or intentionally incomplete verification, or is likely to
|
|
118
|
+
conflict with other active work.
|
|
119
|
+
- If a draft PR becomes ready after verification, mark that transition in the PR body or update
|
|
120
|
+
comment instead of leaving the ready state implicit.
|
|
121
|
+
- Do not re-request review merely because a draft was marked ready. Re-request only when a
|
|
122
|
+
specific reviewer was already involved, the maintainer asked for it, or repository rules say
|
|
123
|
+
to request review after the ready transition.
|
|
107
124
|
11. For PR review guidance, provide a review order by reasoning path rather than dumping changed files. Name files or commits only when they help reviewers inspect behavior, generated output, tests, or mechanical-only changes in the right order.
|
|
108
125
|
12. For review replies, answer the maintainer's actual question first. Provide requested logs, reproduction, design tradeoff, tests, or blocker. Do not answer a different question because it is easier.
|
|
109
126
|
13. Use Markdown elements by job, not decoration.
|
|
@@ -134,7 +151,8 @@ The goal is not polished prose. The goal is verified, scoped, actionable informa
|
|
|
134
151
|
- do not submit AI output that the human contributor has not reviewed, cannot explain, or could have tested but did not.
|
|
135
152
|
18. Choose a gate decision before writing the final draft:
|
|
136
153
|
- `POST` when the content follows repository rules and has enough verified value;
|
|
137
|
-
- `POST_AS_DRAFT` when a PR direction is useful but not ready for final review
|
|
154
|
+
- `POST_AS_DRAFT` when a PR direction is useful but not ready for final review, such as
|
|
155
|
+
discussion-first work, public API shape changes, blocked verification, or design approval;
|
|
138
156
|
- `ASK_IN_EXISTING_THREAD` when the evidence belongs in a related issue or PR;
|
|
139
157
|
- `DO_NOT_POST` when the content lacks verified value, duplicates existing content, violates repository rules, or the human contributor cannot defend it;
|
|
140
158
|
- `PRIVATE_SECURITY_REPORT` when the content should not be public.
|
|
@@ -149,6 +167,8 @@ The goal is not polished prose. The goal is verified, scoped, actionable informa
|
|
|
149
167
|
- Duplicate search is summarized with confidence.
|
|
150
168
|
- Every technical claim in the draft is tied to evidence or marked uncertain.
|
|
151
169
|
- Title, first-screen summary, section order, Markdown elements, verification, and risk handling help maintainers decide what to do next.
|
|
170
|
+
- PR readiness, draft state, and review-request behavior are chosen from evidence instead of using
|
|
171
|
+
draft or re-request as generic defaults.
|
|
152
172
|
- Security-sensitive content is not prepared for public posting.
|
|
153
173
|
- AI assistance is disclosed when required or material.
|
|
154
174
|
- The draft helps maintainers act faster or the skill blocks posting.
|
|
@@ -185,10 +205,12 @@ Use `changes_status` and `changes_diff_summary` when drafting a PR description o
|
|
|
185
205
|
- Duplicate and context check
|
|
186
206
|
- Evidence checked
|
|
187
207
|
- Information-structure and Markdown checks
|
|
208
|
+
- PR title, readiness, and review-request decision when relevant
|
|
188
209
|
- Missing evidence
|
|
189
210
|
- Draft
|
|
190
211
|
- Final self-check:
|
|
191
212
|
- Does the title state the observed issue result or PR outcome instead of metadata?
|
|
213
|
+
- Does the PR title avoid agent, assistant, vendor, or tool prefixes unless the repository requires them?
|
|
192
214
|
- Can a maintainer understand the conclusion, impact, and requested action from the first screen?
|
|
193
215
|
- Do headings, tables, task lists, details blocks, code blocks, screenshots, and links each have one clear job?
|
|
194
216
|
- Can a maintainer reproduce or review this without guessing?
|
|
@@ -197,6 +219,8 @@ Use `changes_status` and `changes_diff_summary` when drafting a PR description o
|
|
|
197
219
|
- Is every technical claim backed by evidence?
|
|
198
220
|
- Are facts, hypotheses, decisions, and unknowns separated?
|
|
199
221
|
- Does a PR include review focus, verification results, unverified areas, and risk or rollback notes when relevant?
|
|
222
|
+
- Is a verified small PR ready for review instead of unnecessarily draft?
|
|
223
|
+
- If a draft PR became ready, is any review re-request justified by maintainer request, repository rules, or an already involved reviewer?
|
|
200
224
|
- Were feasible tests or verification checks run or honestly skipped?
|
|
201
225
|
- Is AI assistance disclosed when required or material?
|
|
202
226
|
- Can the human contributor explain and defend the content without AI?
|
|
@@ -2,11 +2,11 @@
|
|
|
2
2
|
mustflow_doc: skill.html-code-change
|
|
3
3
|
locale: en
|
|
4
4
|
canonical: true
|
|
5
|
-
revision:
|
|
5
|
+
revision: 4
|
|
6
6
|
lifecycle: mustflow-owned
|
|
7
7
|
authority: procedure
|
|
8
8
|
name: html-code-change
|
|
9
|
-
description: Apply this skill when HTML, templates, JSX or component markup, native forms, controls, popovers, dialogs, navigation, tables, media, metadata, SEO head content, or structured data are created or changed.
|
|
9
|
+
description: Apply this skill when HTML, templates, JSX or component markup, semantic document structure, native forms, controls, popovers, dialogs, navigation, tables, media, metadata, SEO head content, or structured data are created or changed.
|
|
10
10
|
metadata:
|
|
11
11
|
mustflow_schema: "1"
|
|
12
12
|
mustflow_kind: procedure
|
|
@@ -47,6 +47,7 @@ Preserve semantic structure, native controls, keyboard access, focus behavior, f
|
|
|
47
47
|
|
|
48
48
|
- Existing page layout, document shell, head/SEO helpers, metadata builders, canonical URL helpers, sitemap or robots config, form components, interactive control components, and tests.
|
|
49
49
|
- Target framework conventions for rendering, routing, hydration, and metadata.
|
|
50
|
+
- Semantic structure ledger: the intended `main`, landmark, heading, `section`, `article`, `nav`, `time`, `figure`, form group, table, media, and visible-label contracts.
|
|
50
51
|
- Visible page content, H1 or primary title, main entity, locale, indexing intent, and data sources for title, description, image, author, date, price, rating, availability, and FAQ content when metadata changes.
|
|
51
52
|
- Browser-native behavior expected from the markup: navigation, form submission, validation, autocomplete, input modality, popover behavior, dialog focus, inert background handling, media sizing, lazy loading, and history integration.
|
|
52
53
|
- Accessibility and validation tooling declared in the command contract.
|
|
@@ -73,25 +74,37 @@ Preserve semantic structure, native controls, keyboard access, focus behavior, f
|
|
|
73
74
|
|
|
74
75
|
1. Read the page shell, route layout, metadata helpers, component patterns, and tests before editing.
|
|
75
76
|
2. Check document outline, landmarks, source order, and heading levels.
|
|
76
|
-
3.
|
|
77
|
-
4. Use
|
|
78
|
-
5.
|
|
79
|
-
6.
|
|
80
|
-
7.
|
|
81
|
-
8.
|
|
82
|
-
9.
|
|
83
|
-
10.
|
|
84
|
-
11. Do not
|
|
85
|
-
12.
|
|
86
|
-
13.
|
|
87
|
-
14.
|
|
88
|
-
15.
|
|
89
|
-
16.
|
|
90
|
-
17. For
|
|
91
|
-
18.
|
|
92
|
-
19.
|
|
93
|
-
20.
|
|
94
|
-
21.
|
|
77
|
+
3. Treat semantic HTML as a machine-readable contract, not as styling decoration. Use `div` for pure wrappers and styling shells.
|
|
78
|
+
4. Use `section` only for a thematic group that has a heading or explicit accessible label. Do not use `section` as a card, spacing, or script wrapper.
|
|
79
|
+
5. Use `article` only for self-contained content that remains meaningful when syndicated, embedded, or moved out of the list, such as posts, articles, reviews, comments, or complete product entries.
|
|
80
|
+
6. Use `nav` only for major navigation or table-of-contents regions. Do not label every incidental link group as navigation.
|
|
81
|
+
7. Keep exactly one active visible `main` region for the page or current SPA view. Do not put repeated headers, footers, sidebars, or global navigation inside the main content unless that is the actual page task.
|
|
82
|
+
8. Treat heading elements as content outline, not font-size controls. Preserve hierarchy by meaning, and use CSS for visual scale.
|
|
83
|
+
9. Classify each interactive element by intent. Navigation to a URL uses an anchor with `href`. Commands, toggles, submit actions, open/close actions, destructive actions, copy actions, disclosure triggers, and modal triggers use buttons.
|
|
84
|
+
10. Use native form controls for text entry, selection, checkbox, radio, and file input. Use grouped native radio or checkbox controls with fieldset and legend when the group label matters.
|
|
85
|
+
11. Keep interactive elements out of labels. Do not place terms links, help buttons, or other controls inside a `label`; connect the label with `for` and `id`, then place related links or buttons outside the label.
|
|
86
|
+
12. Treat composite widgets such as tabs, action menus, comboboxes, listboxes, trees, grids, and custom selects as high-risk. Prefer native HTML or an existing audited component; otherwise implement the complete role, state, focus, and keyboard pattern.
|
|
87
|
+
13. Reject clickable `div` or `span` controls, clickable icons without buttons, anchors without `href`, links used as buttons, nested interactive controls, positive `tabindex`, focusable `aria-hidden` content, and focus outline removal without a replacement focus style.
|
|
88
|
+
14. Use ARIA only when native HTML cannot express the needed semantics. Validate the role is legal for the element, the accessible name exists, required states are present, visual and ARIA states stay synchronized, keyboard behavior matches the widget pattern, and focus behavior is explicit.
|
|
89
|
+
15. For custom legacy button-like elements that cannot be replaced, require `role`, focusability, Enter activation, Space activation, Space scroll prevention, pointer activation, duplicate-event prevention, and visible focus. Use native buttons instead whenever possible.
|
|
90
|
+
16. For popovers, prefer the native popover pattern for lightweight anchored disclosure, teaching UI, picker panels, or menus that do not need modal focus trapping. Verify trigger ownership, light-dismiss behavior, focus behavior, accessible name, and fallback or browser target.
|
|
91
|
+
17. For dialogs, prefer native dialog when the project can support it. Otherwise implement focus entry, Tab and Shift+Tab containment, Escape behavior, inert or unreachable background content, visible close or cancel control, focus return, and an accessible name.
|
|
92
|
+
18. Do not use dialog for every overlay. Use popover for non-modal transient UI, details/summary for simple disclosure, and dialog for modal tasks or interruptions that require focus containment.
|
|
93
|
+
19. For tabs, use tablist, tab, and tabpanel semantics only for a real tabbed interface. Require one active tab, panel linkage, roving tabindex, arrow key movement, Home and End where expected, and Enter or Space activation when activation is manual.
|
|
94
|
+
20. For menus, do not use ARIA menu roles for ordinary site navigation. Site navigation is a nav landmark with links. Use ARIA menu patterns only for application-style action menus with a button trigger, expanded state, focus strategy, Escape close behavior, and focus return.
|
|
95
|
+
21. For forms, verify visible label association, help association, error association, required text, native required state, autocomplete, `inputmode`, `enterkeyhint`, validation timing, invalid state, error summary behavior, and submission behavior.
|
|
96
|
+
22. Prefer native constraint validation for simple required, type, length, pattern, range, and step rules. Add custom validation only for business rules, cross-field rules, async validation, or localized error ownership the native browser cannot express.
|
|
97
|
+
23. Use placeholder, title, aria-label, color, icon, or toast-only feedback only as supplementary affordances, not as the only label, required indicator, or error explanation.
|
|
98
|
+
24. Use `time` with a machine-readable `datetime` when the content represents a precise date, time, duration, or time-like value that tests, crawlers, calendars, or automation may need to parse.
|
|
99
|
+
25. Use `figure` and `figcaption` only for self-contained referenced media, code, diagrams, charts, screenshots, or examples whose caption describes the figure. Do not use `figcaption` for ordinary card titles or unrelated image captions.
|
|
100
|
+
26. Use real tables for tabular data. Include a useful `caption` when the table needs a name, use `th` for row and column headers, and set `scope` when it clarifies the header relationship.
|
|
101
|
+
27. For meaningful media, prefer `img`, `picture`, `video`, or framework media components that preserve alt text, intrinsic dimensions, responsive candidate selection, and browser discovery. Keep decorative media out of the accessibility tree.
|
|
102
|
+
28. For responsive image markup, verify `width`, `height`, `srcset`, `sizes`, `picture` art direction, and lazy or eager loading reflect the rendered slot. Route LCP, preload, priority, CDN, or byte-size claims to `image-delivery-performance-review`.
|
|
103
|
+
29. For metadata, read visible content and the metadata generation path first. Keep title, description, canonical, Open Graph, Twitter or X card data, robots, hreflang, and JSON-LD aligned with visible content, locale, URL, and indexing intent.
|
|
104
|
+
30. Structured data must describe content visible on the same page. Do not invent ratings, reviews, FAQ items, authors, prices, availability, dates, organizations, product properties, or claims not backed by the page data source.
|
|
105
|
+
31. Ensure every HTML page has a valid non-empty language and responsive viewport that does not disable zoom. Mixed-language passages should identify their language when needed.
|
|
106
|
+
32. Keep inline script and style minimal; move behavior and styling to the existing project layers unless the framework requires an inline boundary.
|
|
107
|
+
33. Choose configured verification intents that cover markup validity, lint, build, accessibility, route rendering, metadata, and docs when available.
|
|
95
108
|
|
|
96
109
|
<!-- mustflow-section: form-accessibility -->
|
|
97
110
|
## Form Accessibility Rules
|
|
@@ -128,16 +141,19 @@ Reject or revise the patch when any of these appear without strong justification
|
|
|
128
141
|
|
|
129
142
|
- New `div` or `span` interaction where a native link, button, or form control would work.
|
|
130
143
|
- Anchors without `href`, buttons implemented as links, links implemented as buttons, nested interactive controls, clickable icons without native controls, or site navigation using ARIA menu roles.
|
|
144
|
+
- Decorative `section`, card-only `article`, incidental-link `nav`, multiple active `main` regions, headings chosen for visual size, labels containing nested interactive controls, or data tables rebuilt as non-table grids.
|
|
131
145
|
- Custom controls without complete accessible name, role, state, keyboard, focus, and hidden-content behavior.
|
|
132
146
|
- Popovers, dialogs, or overlays that replace native behavior without trigger, focus, light-dismiss, inert, or fallback review.
|
|
133
147
|
- Positive `tabindex`, hidden content that remains tabbable, focusable `aria-hidden` content, or invisible focus.
|
|
134
148
|
- Form controls without visible labels, placeholder-only labels, disconnected help or error text, color-only required or error state, premature `aria-invalid`, or autocomplete removed without reason.
|
|
149
|
+
- Meaningful dates without parseable `time datetime`, figures used for ordinary card content, tables without header relationships, or meaningful media that lacks alt, intrinsic dimensions, or responsive candidate review.
|
|
135
150
|
- Metadata or JSON-LD that contradicts visible content, fabricates facts, points canonical or social URL at the wrong page, disables zoom, omits page language, or accidentally noindexes a public page.
|
|
136
151
|
|
|
137
152
|
<!-- mustflow-section: postconditions -->
|
|
138
153
|
## Postconditions
|
|
139
154
|
|
|
140
155
|
- Markup communicates the intended structure without relying on visual styling alone.
|
|
156
|
+
- Sections, articles, navigation, main regions, headings, forms, figures, tables, time values, and media expose truthful document semantics.
|
|
141
157
|
- Keyboard and focus behavior are preserved.
|
|
142
158
|
- Forms have labels and errors connected.
|
|
143
159
|
- Metadata and structured data reflect visible content.
|
|
@@ -0,0 +1,278 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.react-code-change
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 1
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: react-code-change
|
|
9
|
+
description: Apply this skill when React, React DOM, React Server Components, Server Actions, React Compiler, Hooks, Suspense, Actions, forms, refs, context, concurrent rendering, SSR streaming, resource hints, package metadata, or React-related tests are created, changed, reviewed, or upgraded.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.react-code-change
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- test_release
|
|
24
|
+
- mustflow_check
|
|
25
|
+
---
|
|
26
|
+
|
|
27
|
+
# React Code Change
|
|
28
|
+
|
|
29
|
+
<!-- mustflow-section: purpose -->
|
|
30
|
+
## Purpose
|
|
31
|
+
|
|
32
|
+
Preserve React runtime, rendering, state, effect, compiler, server/client,
|
|
33
|
+
form, resource, accessibility, and package-version contracts when changing
|
|
34
|
+
React projects, especially open-source contribution patches where maintainers
|
|
35
|
+
expect current React guidance and small, compatible changes.
|
|
36
|
+
|
|
37
|
+
<!-- mustflow-section: use-when -->
|
|
38
|
+
## Use When
|
|
39
|
+
|
|
40
|
+
- React components, Hooks, context, refs, Suspense boundaries, transitions,
|
|
41
|
+
deferred values, forms, Actions, optimistic UI, React DOM metadata, resource
|
|
42
|
+
hints, SSR streaming, React Server Components, Server Actions, or tests change.
|
|
43
|
+
- `react`, `react-dom`, `react-server-dom-*`, `eslint-plugin-react-hooks`,
|
|
44
|
+
React Compiler, framework adapters, bundlers, JSX transforms, or React package
|
|
45
|
+
metadata changes.
|
|
46
|
+
- A contribution proposes React performance, memoization, effect-dependency,
|
|
47
|
+
hydration, server/client boundary, form mutation, or React version support
|
|
48
|
+
changes.
|
|
49
|
+
|
|
50
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
51
|
+
## Do Not Use When
|
|
52
|
+
|
|
53
|
+
- The change is framework-free JavaScript or TypeScript with no React boundary;
|
|
54
|
+
use the language-specific skill.
|
|
55
|
+
- The change is only visual CSS, HTML semantics, accessibility tree review, or
|
|
56
|
+
layout resilience with no React behavior; use the narrower frontend or UI skill.
|
|
57
|
+
- Svelte, Astro, Flutter, Tauri, or another framework owns the changed component
|
|
58
|
+
boundary.
|
|
59
|
+
- The task is only a dependency upgrade across many packages; use the dependency
|
|
60
|
+
and freshness skills first, then this skill for React-specific code changes.
|
|
61
|
+
|
|
62
|
+
<!-- mustflow-section: required-inputs -->
|
|
63
|
+
## Required Inputs
|
|
64
|
+
|
|
65
|
+
- React package evidence: nearest `package.json`, lockfile, workspace metadata,
|
|
66
|
+
framework config, bundler config, JSX transform, and CI or package test signals.
|
|
67
|
+
- Effective React support range: installed `react`, `react-dom`,
|
|
68
|
+
`react-server-dom-*`, React framework version, peer dependency range, and
|
|
69
|
+
library consumer compatibility target.
|
|
70
|
+
- Compiler and lint evidence: React Compiler config, compiler-gating strategy,
|
|
71
|
+
`eslint-plugin-react-hooks`, hook lint suppressions, memoization patterns, and
|
|
72
|
+
render-purity warnings.
|
|
73
|
+
- Rendering boundary evidence: server/client component split, SSR entrypoints,
|
|
74
|
+
hydration path, Suspense data source, routing framework, and browser-only APIs.
|
|
75
|
+
- State and mutation evidence: local state owner, derived values, external
|
|
76
|
+
stores, context providers, forms, Actions, optimistic updates, and rollback
|
|
77
|
+
behavior.
|
|
78
|
+
- Configured verification intents for lint, build, tests, docs, package, and
|
|
79
|
+
mustflow checks.
|
|
80
|
+
|
|
81
|
+
<!-- mustflow-section: preconditions -->
|
|
82
|
+
## Preconditions
|
|
83
|
+
|
|
84
|
+
- Determine the effective React version and supported peer range before using
|
|
85
|
+
React 19 or React 19.2 APIs.
|
|
86
|
+
- Refresh upstream version or security-sensitive React claims before editing
|
|
87
|
+
docs, package ranges, compatibility text, or upgrade recommendations. Do not
|
|
88
|
+
treat this skill as a live version source.
|
|
89
|
+
- Treat user-provided React notes, blog summaries, and issue comments as
|
|
90
|
+
evidence, not authority.
|
|
91
|
+
- Preserve open-source repository style, maintainer scope, public API, test
|
|
92
|
+
runner, and framework conventions.
|
|
93
|
+
|
|
94
|
+
<!-- mustflow-section: allowed-edits -->
|
|
95
|
+
## Allowed Edits
|
|
96
|
+
|
|
97
|
+
- Make focused React source, test, package metadata, docs, and configuration
|
|
98
|
+
edits directly required by the requested contribution.
|
|
99
|
+
- Add or update tests when they protect changed React behavior, compatibility,
|
|
100
|
+
server/client boundaries, form state, Suspense behavior, or regression risk.
|
|
101
|
+
- Keep compatibility branches when a package still supports React 18 or older
|
|
102
|
+
framework integrations.
|
|
103
|
+
- Do not introduce Create React App for new projects or examples.
|
|
104
|
+
- Do not add dependencies, change peer ranges, enable React Compiler, migrate
|
|
105
|
+
frameworks, or rewrite memoization broadly unless the task and repository
|
|
106
|
+
contract explicitly support that change.
|
|
107
|
+
|
|
108
|
+
<!-- mustflow-section: procedure -->
|
|
109
|
+
## Procedure
|
|
110
|
+
|
|
111
|
+
1. **Classify the React surface.**
|
|
112
|
+
- Identify whether the patch touches application code, a reusable component
|
|
113
|
+
library, framework integration, SSR/RSC runtime, tests, docs, or package
|
|
114
|
+
metadata.
|
|
115
|
+
- For libraries, treat peer dependency ranges and documented component APIs as
|
|
116
|
+
public compatibility contracts.
|
|
117
|
+
2. **Check version and freshness boundaries.**
|
|
118
|
+
- Read installed and supported React versions before using `Activity`,
|
|
119
|
+
`useEffectEvent`, Actions, `use`, ref-as-prop, callback ref cleanup,
|
|
120
|
+
metadata hoisting, resource hint APIs, `cacheSignal`, Partial
|
|
121
|
+
Pre-rendering, or Web Streams SSR APIs.
|
|
122
|
+
- Use current official React docs or release metadata for exact "latest",
|
|
123
|
+
patch, security, or deprecation claims. As a snapshot checked on
|
|
124
|
+
2026-06-26, official React docs describe React 19.2 as the current
|
|
125
|
+
feature line, and GitHub release metadata showed `v19.2.7` released on
|
|
126
|
+
2026-06-01; re-check before relying on those values in future work.
|
|
127
|
+
- For RSC packages, check patched `react-server-dom-webpack`,
|
|
128
|
+
`react-server-dom-parcel`, and `react-server-dom-turbopack` versions when
|
|
129
|
+
security advisories or framework updates are part of the task.
|
|
130
|
+
3. **Keep app setup modern and local.**
|
|
131
|
+
- Do not propose Create React App for new projects. Follow the repository's
|
|
132
|
+
existing framework or build tool; for new React app examples, prefer the
|
|
133
|
+
project's chosen framework or modern build-tool pattern.
|
|
134
|
+
- Do not migrate an existing stack to Next.js, Vite, Parcel, Rsbuild, or a
|
|
135
|
+
React framework merely because React documentation recommends frameworks
|
|
136
|
+
for new apps.
|
|
137
|
+
4. **Repair effects by responsibility.**
|
|
138
|
+
- Use Effects for synchronization with external systems such as timers,
|
|
139
|
+
subscriptions, DOM or browser APIs, third-party widgets, network
|
|
140
|
+
connections, and cleanup.
|
|
141
|
+
- Do not use Effects to copy props/state into derived state, send event-owned
|
|
142
|
+
mutations, or paper over rendering data flow.
|
|
143
|
+
- Do not silence `react-hooks/exhaustive-deps` as a default fix. If effect
|
|
144
|
+
logic contains non-reactive event behavior and React 19.2 is supported, use
|
|
145
|
+
`useEffectEvent` for that event-like logic only.
|
|
146
|
+
5. **Preserve state ownership.**
|
|
147
|
+
- Derive renderable values during render when they are computed from current
|
|
148
|
+
props or state.
|
|
149
|
+
- Use updater functions for repeated state updates based on the previous
|
|
150
|
+
value.
|
|
151
|
+
- Normalize state that can otherwise contradict itself. Avoid duplicated,
|
|
152
|
+
deeply nested, or derived state unless the repository has a clear owner.
|
|
153
|
+
- Use `key` for intentional component state reset, and keep component
|
|
154
|
+
functions at top level so React does not recreate component types on every
|
|
155
|
+
render.
|
|
156
|
+
6. **Treat memoization and the compiler as contracts, not decoration.**
|
|
157
|
+
- Do not blanket-add `memo`, `useMemo`, or `useCallback` to look faster.
|
|
158
|
+
Require profiler, dependency, identity, or compiler evidence.
|
|
159
|
+
- Do not blanket-remove existing memoization in legacy code without tests;
|
|
160
|
+
removal can change identity, effect dependencies, and compiler output.
|
|
161
|
+
- If React Compiler is enabled or proposed, keep components and Hooks pure,
|
|
162
|
+
keep compiler-powered `eslint-plugin-react-hooks` findings visible, and
|
|
163
|
+
report when compiler verification is missing.
|
|
164
|
+
7. **Handle context, refs, and external stores deliberately.**
|
|
165
|
+
- Split frequently changing context values from stable actions or identities;
|
|
166
|
+
`memo` does not block re-renders caused by context updates.
|
|
167
|
+
- Use React 19 ref-as-prop and callback-ref cleanup only when the support
|
|
168
|
+
range allows it. Preserve `forwardRef` where React 18 compatibility matters.
|
|
169
|
+
- Expose narrow imperative handles with `useImperativeHandle` instead of
|
|
170
|
+
leaking whole DOM nodes or child internals.
|
|
171
|
+
- Use `useSyncExternalStore` for external mutable stores or subscriptions
|
|
172
|
+
instead of ad hoc Effect plus state mirroring.
|
|
173
|
+
8. **Use concurrent and async primitives for the right boundary.**
|
|
174
|
+
- Use `startTransition` or `useTransition` for non-urgent updates, but do not
|
|
175
|
+
control text input values through a transition.
|
|
176
|
+
- Use `useDeferredValue` when stale-but-responsive derived UI is acceptable;
|
|
177
|
+
use the `initialValue` form only when the React version supports it.
|
|
178
|
+
- Do not expect Suspense to catch ordinary Effect fetches. Suspense needs
|
|
179
|
+
lazy code, framework data, or cached Promise reads.
|
|
180
|
+
- Treat `use` as render-time Promise or context reading, not a normal Hook
|
|
181
|
+
with the ordinary top-level-only mental model. Do not create fresh Promises
|
|
182
|
+
in render and pass them to `use`.
|
|
183
|
+
9. **Use React 19 form and Action APIs only when supported.**
|
|
184
|
+
- Prefer `useActionState`, `useFormStatus`, `useOptimistic`, `<form action>`,
|
|
185
|
+
and `formAction` for supported React 19 mutation flows with pending,
|
|
186
|
+
errors, resets, progressive enhancement, and rollback.
|
|
187
|
+
- Keep explicit error handling, authorization, validation, idempotency, and
|
|
188
|
+
rollback behavior. Do not hide server failures behind optimistic UI.
|
|
189
|
+
10. **Respect React 19.2 rendering and performance APIs.**
|
|
190
|
+
- Treat `<Activity>` as hidden UI with preserved state, unmounted effects,
|
|
191
|
+
and lower-priority hidden updates, not as `display: none` or ordinary
|
|
192
|
+
conditional rendering.
|
|
193
|
+
- Use React Performance Tracks, React DevTools, or existing profiler evidence
|
|
194
|
+
when claiming render, effect, Scheduler, transition, or component
|
|
195
|
+
performance improvements.
|
|
196
|
+
11. **Keep server rendering and RSC boundaries exact.**
|
|
197
|
+
- Distinguish Server Components from Server Actions. `"use server"` marks
|
|
198
|
+
server functions or modules for actions; it is not a Server Component tag.
|
|
199
|
+
- Keep browser APIs, client state, and event handlers out of Server
|
|
200
|
+
Components; keep secrets and server-only imports out of Client Components.
|
|
201
|
+
- Use `cacheSignal` only for RSC cached work where abort or cleanup is
|
|
202
|
+
meaningful.
|
|
203
|
+
- For Partial Pre-rendering, `prerender`, `resume`, `resumeAndPrerender`,
|
|
204
|
+
and streaming APIs, verify the framework/runtime owns those APIs before
|
|
205
|
+
changing lower-level React DOM server code.
|
|
206
|
+
- In Node environments, do not assume Web Streams are faster than Node
|
|
207
|
+
streams; preserve the existing SSR stream API unless the task proves the
|
|
208
|
+
runtime benefit and compression behavior.
|
|
209
|
+
12. **Use React DOM document and resource APIs close to the owner.**
|
|
210
|
+
- Metadata, stylesheets with `precedence`, async scripts, `preinit`,
|
|
211
|
+
`preload`, `preconnect`, and `prefetchDNS` may belong near the component
|
|
212
|
+
that needs them when React and the framework support that behavior.
|
|
213
|
+
- Avoid duplicate head managers, resource hint spam, and hints for assets
|
|
214
|
+
whose timing or priority is unproven.
|
|
215
|
+
13. **Verify through the repository contract.**
|
|
216
|
+
- Run the smallest configured checks that cover changed React code, package
|
|
217
|
+
metadata, build output, docs, and tests.
|
|
218
|
+
- Report missing browser, hydration, SSR, RSC, compiler, profiler, or
|
|
219
|
+
cross-version React verification when those surfaces changed.
|
|
220
|
+
|
|
221
|
+
<!-- mustflow-section: postconditions -->
|
|
222
|
+
## Postconditions
|
|
223
|
+
|
|
224
|
+
- Effective React version, peer range, framework ownership, and compiler/lint
|
|
225
|
+
status are known or explicitly reported as unknown.
|
|
226
|
+
- Effects, state, memoization, context, refs, forms, Suspense, and async
|
|
227
|
+
boundaries follow React's current model for the supported version.
|
|
228
|
+
- React 19 and React 19.2 APIs are not introduced into code that still promises
|
|
229
|
+
older React compatibility.
|
|
230
|
+
- SSR, RSC, Server Action, browser-only, and resource-hint boundaries are
|
|
231
|
+
preserved.
|
|
232
|
+
- Performance claims have profiler or benchmark evidence, or are reported as
|
|
233
|
+
unverified.
|
|
234
|
+
|
|
235
|
+
<!-- mustflow-section: verification -->
|
|
236
|
+
## Verification
|
|
237
|
+
|
|
238
|
+
Use configured oneshot command intents when available:
|
|
239
|
+
|
|
240
|
+
- `lint`
|
|
241
|
+
- `build`
|
|
242
|
+
- `test_related`
|
|
243
|
+
- `test`
|
|
244
|
+
- `docs_validate_fast`
|
|
245
|
+
- `test_release`
|
|
246
|
+
- `mustflow_check`
|
|
247
|
+
|
|
248
|
+
Report missing React-version matrix, browser automation, hydration, SSR/RSC,
|
|
249
|
+
Compiler, performance profiling, or package-consumer verification when those
|
|
250
|
+
surfaces changed.
|
|
251
|
+
|
|
252
|
+
<!-- mustflow-section: failure-handling -->
|
|
253
|
+
## Failure Handling
|
|
254
|
+
|
|
255
|
+
- If React version evidence conflicts, do not assume the newest API is
|
|
256
|
+
available. Preserve the older-compatible path or report the compatibility
|
|
257
|
+
decision.
|
|
258
|
+
- If an effect dependency fix causes reconnects, stale closures, or event logic
|
|
259
|
+
churn, separate reactive synchronization from event-like behavior instead of
|
|
260
|
+
disabling lint.
|
|
261
|
+
- If a compiler or memoization change shifts behavior, restore the previous
|
|
262
|
+
identity boundary or add focused evidence before continuing.
|
|
263
|
+
- If Suspense, `use`, Actions, or RSC behavior is framework-owned, read the
|
|
264
|
+
framework boundary before editing raw React assumptions.
|
|
265
|
+
- If freshness checks are unavailable for a React release, security patch, or
|
|
266
|
+
deprecation claim, avoid embedding exact "latest" wording and report the gap.
|
|
267
|
+
|
|
268
|
+
<!-- mustflow-section: output-format -->
|
|
269
|
+
## Output Format
|
|
270
|
+
|
|
271
|
+
- React surface and supported version checked
|
|
272
|
+
- Compiler, lint, effect, state, memoization, context, ref, form, Suspense, SSR,
|
|
273
|
+
RSC, and resource-boundary notes
|
|
274
|
+
- Freshness-sensitive React claims checked or left conservative
|
|
275
|
+
- Files changed
|
|
276
|
+
- Command intents run
|
|
277
|
+
- Skipped checks and reasons
|
|
278
|
+
- Remaining React compatibility or verification risk
|
|
@@ -150,6 +150,12 @@ route_type = "primary"
|
|
|
150
150
|
priority = 50
|
|
151
151
|
applies_to_reasons = ["unknown_change", "docs_change", "mustflow_docs_change", "workflow_change", "product_change"]
|
|
152
152
|
|
|
153
|
+
[routes."complex-decision-analysis"]
|
|
154
|
+
category = "workflow_contracts"
|
|
155
|
+
route_type = "primary"
|
|
156
|
+
priority = 45
|
|
157
|
+
applies_to_reasons = ["unknown_change", "product_change", "cross_cutting_code_change"]
|
|
158
|
+
|
|
153
159
|
[routes."codebase-orientation"]
|
|
154
160
|
category = "general_code"
|
|
155
161
|
route_type = "primary"
|
|
@@ -426,6 +432,24 @@ route_type = "primary"
|
|
|
426
432
|
priority = 85
|
|
427
433
|
applies_to_reasons = ["code_change", "public_api_change", "test_change", "package_metadata_change"]
|
|
428
434
|
|
|
435
|
+
[routes."c-code-change"]
|
|
436
|
+
category = "general_code"
|
|
437
|
+
route_type = "primary"
|
|
438
|
+
priority = 85
|
|
439
|
+
applies_to_reasons = ["code_change", "behavior_change", "public_api_change", "test_change", "performance_change", "security_change", "package_metadata_change", "release_risk"]
|
|
440
|
+
|
|
441
|
+
[routes."shell-code-change"]
|
|
442
|
+
category = "general_code"
|
|
443
|
+
route_type = "primary"
|
|
444
|
+
priority = 85
|
|
445
|
+
applies_to_reasons = ["code_change", "behavior_change", "public_api_change", "test_change", "docs_change", "workflow_change", "security_change", "package_metadata_change", "release_risk"]
|
|
446
|
+
|
|
447
|
+
[routes."structured-config-change"]
|
|
448
|
+
category = "workflow_contracts"
|
|
449
|
+
route_type = "primary"
|
|
450
|
+
priority = 84
|
|
451
|
+
applies_to_reasons = ["code_change", "docs_change", "workflow_change", "mustflow_config_change", "package_metadata_change", "test_change", "security_change", "release_risk"]
|
|
452
|
+
|
|
429
453
|
[routes."node-code-change"]
|
|
430
454
|
category = "general_code"
|
|
431
455
|
route_type = "primary"
|
|
@@ -960,6 +984,12 @@ route_type = "primary"
|
|
|
960
984
|
priority = 85
|
|
961
985
|
applies_to_reasons = ["ui_change", "docs_change", "code_change", "behavior_change", "migration_change", "package_metadata_change"]
|
|
962
986
|
|
|
987
|
+
[routes."react-code-change"]
|
|
988
|
+
category = "ui_assets"
|
|
989
|
+
route_type = "primary"
|
|
990
|
+
priority = 85
|
|
991
|
+
applies_to_reasons = ["ui_change", "code_change", "behavior_change", "public_api_change", "data_change", "security_change", "privacy_change", "performance_change", "test_change", "package_metadata_change", "release_risk"]
|
|
992
|
+
|
|
963
993
|
[routes."svelte-code-change"]
|
|
964
994
|
category = "ui_assets"
|
|
965
995
|
route_type = "primary"
|