mustflow 2.99.2 → 2.103.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/dist/cli/commands/run.js +11 -0
  2. package/dist/cli/commands/skill.js +76 -2
  3. package/dist/cli/i18n/en.js +2 -0
  4. package/dist/cli/i18n/es.js +2 -0
  5. package/dist/cli/i18n/fr.js +2 -0
  6. package/dist/cli/i18n/hi.js +2 -0
  7. package/dist/cli/i18n/ko.js +2 -0
  8. package/dist/cli/i18n/zh.js +2 -0
  9. package/dist/cli/lib/external-skill-import.js +455 -0
  10. package/dist/cli/lib/local-index/index.js +5 -1
  11. package/dist/cli/lib/local-index/sql.js +9 -1
  12. package/dist/cli/lib/run-plan.js +37 -0
  13. package/dist/core/change-impact.js +16 -0
  14. package/dist/core/code-outline.js +3 -13
  15. package/dist/core/config-chain.js +3 -13
  16. package/dist/core/dependency-graph.js +3 -13
  17. package/dist/core/docs-link-integrity.js +23 -4
  18. package/dist/core/env-contract.js +3 -13
  19. package/dist/core/export-diff.js +3 -3
  20. package/dist/core/ignored-directories.js +40 -0
  21. package/dist/core/public-json-contracts.js +16 -0
  22. package/dist/core/reference-drift.js +4 -2
  23. package/dist/core/related-files.js +3 -13
  24. package/dist/core/repo-merge-conflict-scan.js +3 -9
  25. package/dist/core/route-outline.js +3 -13
  26. package/dist/core/script-pack-suggestions.js +23 -12
  27. package/dist/core/secret-risk-scan.js +3 -13
  28. package/dist/core/skill-route-resolution.js +74 -6
  29. package/package.json +2 -2
  30. package/schemas/README.md +3 -0
  31. package/schemas/link-integrity-report.schema.json +1 -0
  32. package/schemas/reference-drift-report.schema.json +1 -0
  33. package/schemas/skill-import-report.schema.json +97 -0
  34. package/templates/default/i18n.toml +52 -10
  35. package/templates/default/locales/en/.mustflow/skills/INDEX.md +22 -2
  36. package/templates/default/locales/en/.mustflow/skills/ai-generated-code-hardening/SKILL.md +30 -7
  37. package/templates/default/locales/en/.mustflow/skills/api-request-performance-review/SKILL.md +12 -6
  38. package/templates/default/locales/en/.mustflow/skills/c-code-change/SKILL.md +371 -0
  39. package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +53 -14
  40. package/templates/default/locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md +26 -3
  41. package/templates/default/locales/en/.mustflow/skills/css-code-change/SKILL.md +74 -24
  42. package/templates/default/locales/en/.mustflow/skills/docs-prose-review/SKILL.md +36 -10
  43. package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +27 -3
  44. package/templates/default/locales/en/.mustflow/skills/hot-path-performance-review/SKILL.md +20 -15
  45. package/templates/default/locales/en/.mustflow/skills/html-code-change/SKILL.md +37 -21
  46. package/templates/default/locales/en/.mustflow/skills/next-action-menu/SKILL.md +22 -7
  47. package/templates/default/locales/en/.mustflow/skills/quadratic-scan-review/SKILL.md +21 -19
  48. package/templates/default/locales/en/.mustflow/skills/react-code-change/SKILL.md +324 -0
  49. package/templates/default/locales/en/.mustflow/skills/routes.toml +24 -0
  50. package/templates/default/locales/en/.mustflow/skills/shell-code-change/SKILL.md +279 -0
  51. package/templates/default/locales/en/.mustflow/skills/structured-config-change/SKILL.md +170 -0
  52. package/templates/default/locales/en/.mustflow/skills/vertical-slice-tdd/SKILL.md +22 -8
  53. package/templates/default/manifest.toml +29 -1
@@ -2,11 +2,11 @@
2
2
  mustflow_doc: skill.html-code-change
3
3
  locale: en
4
4
  canonical: true
5
- revision: 3
5
+ revision: 4
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: html-code-change
9
- description: Apply this skill when HTML, templates, JSX or component markup, native forms, controls, popovers, dialogs, navigation, tables, media, metadata, SEO head content, or structured data are created or changed.
9
+ description: Apply this skill when HTML, templates, JSX or component markup, semantic document structure, native forms, controls, popovers, dialogs, navigation, tables, media, metadata, SEO head content, or structured data are created or changed.
10
10
  metadata:
11
11
  mustflow_schema: "1"
12
12
  mustflow_kind: procedure
@@ -47,6 +47,7 @@ Preserve semantic structure, native controls, keyboard access, focus behavior, f
47
47
 
48
48
  - Existing page layout, document shell, head/SEO helpers, metadata builders, canonical URL helpers, sitemap or robots config, form components, interactive control components, and tests.
49
49
  - Target framework conventions for rendering, routing, hydration, and metadata.
50
+ - Semantic structure ledger: the intended `main`, landmark, heading, `section`, `article`, `nav`, `time`, `figure`, form group, table, media, and visible-label contracts.
50
51
  - Visible page content, H1 or primary title, main entity, locale, indexing intent, and data sources for title, description, image, author, date, price, rating, availability, and FAQ content when metadata changes.
51
52
  - Browser-native behavior expected from the markup: navigation, form submission, validation, autocomplete, input modality, popover behavior, dialog focus, inert background handling, media sizing, lazy loading, and history integration.
52
53
  - Accessibility and validation tooling declared in the command contract.
@@ -73,25 +74,37 @@ Preserve semantic structure, native controls, keyboard access, focus behavior, f
73
74
 
74
75
  1. Read the page shell, route layout, metadata helpers, component patterns, and tests before editing.
75
76
  2. Check document outline, landmarks, source order, and heading levels.
76
- 3. Classify each interactive element by intent. Navigation to a URL uses an anchor with `href`. Commands, toggles, submit actions, open/close actions, destructive actions, copy actions, disclosure triggers, and modal triggers use buttons.
77
- 4. Use native form controls for text entry, selection, checkbox, radio, and file input. Use grouped native radio or checkbox controls with fieldset and legend when the group label matters.
78
- 5. Treat composite widgets such as tabs, action menus, comboboxes, listboxes, trees, grids, and custom selects as high-risk. Prefer native HTML or an existing audited component; otherwise implement the complete role, state, focus, and keyboard pattern.
79
- 6. Reject clickable `div` or `span` controls, clickable icons without buttons, anchors without `href`, links used as buttons, nested interactive controls, positive `tabindex`, focusable `aria-hidden` content, and focus outline removal without a replacement focus style.
80
- 7. Use ARIA only when native HTML cannot express the needed semantics. Validate the role is legal for the element, the accessible name exists, required states are present, visual and ARIA states stay synchronized, keyboard behavior matches the widget pattern, and focus behavior is explicit.
81
- 8. For custom legacy button-like elements that cannot be replaced, require `role`, focusability, Enter activation, Space activation, Space scroll prevention, pointer activation, duplicate-event prevention, and visible focus. Use native buttons instead whenever possible.
82
- 9. For popovers, prefer the native popover pattern for lightweight anchored disclosure, teaching UI, picker panels, or menus that do not need modal focus trapping. Verify trigger ownership, light-dismiss behavior, focus behavior, accessible name, and fallback or browser target.
83
- 10. For dialogs, prefer native dialog when the project can support it. Otherwise implement focus entry, Tab and Shift+Tab containment, Escape behavior, inert or unreachable background content, visible close or cancel control, focus return, and an accessible name.
84
- 11. Do not use dialog for every overlay. Use popover for non-modal transient UI, details/summary for simple disclosure, and dialog for modal tasks or interruptions that require focus containment.
85
- 12. For tabs, use tablist, tab, and tabpanel semantics only for a real tabbed interface. Require one active tab, panel linkage, roving tabindex, arrow key movement, Home and End where expected, and Enter or Space activation when activation is manual.
86
- 13. For menus, do not use ARIA menu roles for ordinary site navigation. Site navigation is a nav landmark with links. Use ARIA menu patterns only for application-style action menus with a button trigger, expanded state, focus strategy, Escape close behavior, and focus return.
87
- 14. For forms, verify visible label association, help association, error association, required text, native required state, autocomplete, `inputmode`, `enterkeyhint`, validation timing, invalid state, error summary behavior, and submission behavior.
88
- 15. Prefer native constraint validation for simple required, type, length, pattern, range, and step rules. Add custom validation only for business rules, cross-field rules, async validation, or localized error ownership the native browser cannot express.
89
- 16. Use placeholder, title, aria-label, color, icon, or toast-only feedback only as supplementary affordances, not as the only label, required indicator, or error explanation.
90
- 17. For metadata, read visible content and the metadata generation path first. Keep title, description, canonical, Open Graph, Twitter or X card data, robots, hreflang, and JSON-LD aligned with visible content, locale, URL, and indexing intent.
91
- 18. Structured data must describe content visible on the same page. Do not invent ratings, reviews, FAQ items, authors, prices, availability, dates, organizations, product properties, or claims not backed by the page data source.
92
- 19. Ensure every HTML page has a valid non-empty language and responsive viewport that does not disable zoom. Mixed-language passages should identify their language when needed.
93
- 20. Keep inline script and style minimal; move behavior and styling to the existing project layers unless the framework requires an inline boundary.
94
- 21. Choose configured verification intents that cover markup validity, lint, build, accessibility, route rendering, metadata, and docs when available.
77
+ 3. Treat semantic HTML as a machine-readable contract, not as styling decoration. Use `div` for pure wrappers and styling shells.
78
+ 4. Use `section` only for a thematic group that has a heading or explicit accessible label. Do not use `section` as a card, spacing, or script wrapper.
79
+ 5. Use `article` only for self-contained content that remains meaningful when syndicated, embedded, or moved out of the list, such as posts, articles, reviews, comments, or complete product entries.
80
+ 6. Use `nav` only for major navigation or table-of-contents regions. Do not label every incidental link group as navigation.
81
+ 7. Keep exactly one active visible `main` region for the page or current SPA view. Do not put repeated headers, footers, sidebars, or global navigation inside the main content unless that is the actual page task.
82
+ 8. Treat heading elements as content outline, not font-size controls. Preserve hierarchy by meaning, and use CSS for visual scale.
83
+ 9. Classify each interactive element by intent. Navigation to a URL uses an anchor with `href`. Commands, toggles, submit actions, open/close actions, destructive actions, copy actions, disclosure triggers, and modal triggers use buttons.
84
+ 10. Use native form controls for text entry, selection, checkbox, radio, and file input. Use grouped native radio or checkbox controls with fieldset and legend when the group label matters.
85
+ 11. Keep interactive elements out of labels. Do not place terms links, help buttons, or other controls inside a `label`; connect the label with `for` and `id`, then place related links or buttons outside the label.
86
+ 12. Treat composite widgets such as tabs, action menus, comboboxes, listboxes, trees, grids, and custom selects as high-risk. Prefer native HTML or an existing audited component; otherwise implement the complete role, state, focus, and keyboard pattern.
87
+ 13. Reject clickable `div` or `span` controls, clickable icons without buttons, anchors without `href`, links used as buttons, nested interactive controls, positive `tabindex`, focusable `aria-hidden` content, and focus outline removal without a replacement focus style.
88
+ 14. Use ARIA only when native HTML cannot express the needed semantics. Validate the role is legal for the element, the accessible name exists, required states are present, visual and ARIA states stay synchronized, keyboard behavior matches the widget pattern, and focus behavior is explicit.
89
+ 15. For custom legacy button-like elements that cannot be replaced, require `role`, focusability, Enter activation, Space activation, Space scroll prevention, pointer activation, duplicate-event prevention, and visible focus. Use native buttons instead whenever possible.
90
+ 16. For popovers, prefer the native popover pattern for lightweight anchored disclosure, teaching UI, picker panels, or menus that do not need modal focus trapping. Verify trigger ownership, light-dismiss behavior, focus behavior, accessible name, and fallback or browser target.
91
+ 17. For dialogs, prefer native dialog when the project can support it. Otherwise implement focus entry, Tab and Shift+Tab containment, Escape behavior, inert or unreachable background content, visible close or cancel control, focus return, and an accessible name.
92
+ 18. Do not use dialog for every overlay. Use popover for non-modal transient UI, details/summary for simple disclosure, and dialog for modal tasks or interruptions that require focus containment.
93
+ 19. For tabs, use tablist, tab, and tabpanel semantics only for a real tabbed interface. Require one active tab, panel linkage, roving tabindex, arrow key movement, Home and End where expected, and Enter or Space activation when activation is manual.
94
+ 20. For menus, do not use ARIA menu roles for ordinary site navigation. Site navigation is a nav landmark with links. Use ARIA menu patterns only for application-style action menus with a button trigger, expanded state, focus strategy, Escape close behavior, and focus return.
95
+ 21. For forms, verify visible label association, help association, error association, required text, native required state, autocomplete, `inputmode`, `enterkeyhint`, validation timing, invalid state, error summary behavior, and submission behavior.
96
+ 22. Prefer native constraint validation for simple required, type, length, pattern, range, and step rules. Add custom validation only for business rules, cross-field rules, async validation, or localized error ownership the native browser cannot express.
97
+ 23. Use placeholder, title, aria-label, color, icon, or toast-only feedback only as supplementary affordances, not as the only label, required indicator, or error explanation.
98
+ 24. Use `time` with a machine-readable `datetime` when the content represents a precise date, time, duration, or time-like value that tests, crawlers, calendars, or automation may need to parse.
99
+ 25. Use `figure` and `figcaption` only for self-contained referenced media, code, diagrams, charts, screenshots, or examples whose caption describes the figure. Do not use `figcaption` for ordinary card titles or unrelated image captions.
100
+ 26. Use real tables for tabular data. Include a useful `caption` when the table needs a name, use `th` for row and column headers, and set `scope` when it clarifies the header relationship.
101
+ 27. For meaningful media, prefer `img`, `picture`, `video`, or framework media components that preserve alt text, intrinsic dimensions, responsive candidate selection, and browser discovery. Keep decorative media out of the accessibility tree.
102
+ 28. For responsive image markup, verify `width`, `height`, `srcset`, `sizes`, `picture` art direction, and lazy or eager loading reflect the rendered slot. Route LCP, preload, priority, CDN, or byte-size claims to `image-delivery-performance-review`.
103
+ 29. For metadata, read visible content and the metadata generation path first. Keep title, description, canonical, Open Graph, Twitter or X card data, robots, hreflang, and JSON-LD aligned with visible content, locale, URL, and indexing intent.
104
+ 30. Structured data must describe content visible on the same page. Do not invent ratings, reviews, FAQ items, authors, prices, availability, dates, organizations, product properties, or claims not backed by the page data source.
105
+ 31. Ensure every HTML page has a valid non-empty language and responsive viewport that does not disable zoom. Mixed-language passages should identify their language when needed.
106
+ 32. Keep inline script and style minimal; move behavior and styling to the existing project layers unless the framework requires an inline boundary.
107
+ 33. Choose configured verification intents that cover markup validity, lint, build, accessibility, route rendering, metadata, and docs when available.
95
108
 
96
109
  <!-- mustflow-section: form-accessibility -->
97
110
  ## Form Accessibility Rules
@@ -128,16 +141,19 @@ Reject or revise the patch when any of these appear without strong justification
128
141
 
129
142
  - New `div` or `span` interaction where a native link, button, or form control would work.
130
143
  - Anchors without `href`, buttons implemented as links, links implemented as buttons, nested interactive controls, clickable icons without native controls, or site navigation using ARIA menu roles.
144
+ - Decorative `section`, card-only `article`, incidental-link `nav`, multiple active `main` regions, headings chosen for visual size, labels containing nested interactive controls, or data tables rebuilt as non-table grids.
131
145
  - Custom controls without complete accessible name, role, state, keyboard, focus, and hidden-content behavior.
132
146
  - Popovers, dialogs, or overlays that replace native behavior without trigger, focus, light-dismiss, inert, or fallback review.
133
147
  - Positive `tabindex`, hidden content that remains tabbable, focusable `aria-hidden` content, or invisible focus.
134
148
  - Form controls without visible labels, placeholder-only labels, disconnected help or error text, color-only required or error state, premature `aria-invalid`, or autocomplete removed without reason.
149
+ - Meaningful dates without parseable `time datetime`, figures used for ordinary card content, tables without header relationships, or meaningful media that lacks alt, intrinsic dimensions, or responsive candidate review.
135
150
  - Metadata or JSON-LD that contradicts visible content, fabricates facts, points canonical or social URL at the wrong page, disables zoom, omits page language, or accidentally noindexes a public page.
136
151
 
137
152
  <!-- mustflow-section: postconditions -->
138
153
  ## Postconditions
139
154
 
140
155
  - Markup communicates the intended structure without relying on visual styling alone.
156
+ - Sections, articles, navigation, main regions, headings, forms, figures, tables, time values, and media expose truthful document semantics.
141
157
  - Keyboard and focus behavior are preserved.
142
158
  - Forms have labels and errors connected.
143
159
  - Metadata and structured data reflect visible content.
@@ -2,11 +2,11 @@
2
2
  mustflow_doc: skill.next-action-menu
3
3
  locale: en
4
4
  canonical: true
5
- revision: 1
5
+ revision: 3
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: next-action-menu
9
- description: Apply this skill when a final report, completion note, repository improvement loop, or follow-up workflow should offer a bounded numbered next-action menu that a user can select with a single digit in the next turn.
9
+ description: Apply this skill when a final report, completion note, repository improvement loop, or follow-up workflow should offer a bounded numbered next-action menu that a user can select with a single digit in the next turn. Use especially after non-trivial completed or paused work, commits, pushes, release or deploy preparation, verification, or remaining approval gates when concrete follow-up actions exist.
10
10
  metadata:
11
11
  mustflow_schema: "1"
12
12
  mustflow_kind: procedure
@@ -36,6 +36,8 @@ scope, approval, verification, command contracts, release gates, or safety rules
36
36
 
37
37
  - A final report, completion note, handoff, or repository improvement cycle has one or more useful
38
38
  follow-up tasks.
39
+ - A non-trivial task is being reported after changed files, a created commit, completed verification,
40
+ push readiness, release or deploy preparation, paused work, or another concrete approval gate.
39
41
  - The user repeatedly asks for "next recommended work", "continue", "proceed", or selects follow-up
40
42
  items after previous completion reports.
41
43
  - The agent needs to present a bounded backlog that can be selected by a single digit in the next
@@ -48,9 +50,10 @@ scope, approval, verification, command contracts, release gates, or safety rules
48
50
  - The current answer is a tiny direct response with no meaningful follow-up.
49
51
  - There are no evidence-backed next actions, or all plausible next actions are speculative.
50
52
  - The user asked not to include recommendations, menus, or follow-up prompts.
51
- - The next action requires a blocking product, security, privacy, legal, release, migration,
52
- destructive, dependency, credential, deployment, or payment decision that has not been authorized.
53
- Report the decision gate instead of offering it as a one-digit action.
53
+ - The only possible next action requires a blocking product, security, privacy, legal, release,
54
+ migration, destructive, dependency, credential, deployment, or payment decision that has not been
55
+ authorized and there is no safe bounded action to describe. Report the decision gate instead of
56
+ offering it as a one-digit action.
54
57
  - Another interface already owns selection state and has a stricter picker, ticket, or work-order
55
58
  contract.
56
59
 
@@ -89,8 +92,11 @@ scope, approval, verification, command contracts, release gates, or safety rules
89
92
  <!-- mustflow-section: procedure -->
90
93
  ## Procedure
91
94
 
92
- 1. Decide whether a menu is useful.
93
- - Include a menu only when at least one concrete follow-up task is valuable.
95
+ 1. Decide whether a menu is useful or required.
96
+ - Include a menu when at least one concrete follow-up task is valuable.
97
+ - For non-trivial completion reports, commits, completed verification, push readiness, release or
98
+ deploy preparation, paused work, or unresolved approval gates, treat the menu as required when
99
+ any concrete next action exists.
94
100
  - Do not fabricate filler items to reach a fixed row count.
95
101
  2. Build at most nine items.
96
102
  - Use digits `1` through `9`.
@@ -108,6 +114,13 @@ scope, approval, verification, command contracts, release gates, or safety rules
108
114
  the host format allows it.
109
115
  - Use four columns: number, next task title, description, and recommendation score.
110
116
  - In Korean final reports, use `추천도` for the recommendation-score column label.
117
+ - Use non-breaking padding in short header cells so narrow renderers do not wrap Korean headers
118
+ vertically. Prefer this template:
119
+ `| 번호&nbsp;&nbsp; | 다음 작업 | 설명 | 추천도&nbsp;&nbsp; |`
120
+ `|---:|---|---|:---:|`
121
+ For English, prefer:
122
+ `| No.&nbsp;&nbsp; | Next task | Description | Score&nbsp;&nbsp; |`
123
+ `|---:|---|---|:---:|`
111
124
  - Keep descriptions short enough to scan but specific enough to execute.
112
125
  - Localize column labels to the report language when appropriate.
113
126
  6. Mark gated items plainly.
@@ -116,6 +129,8 @@ scope, approval, verification, command contracts, release gates, or safety rules
116
129
  genuinely plausible follow-ups.
117
130
  - The description must state the gate, such as explicit user approval, configured command intent,
118
131
  owner decision, or manual verification.
132
+ - A gated item in the table is only a visible next-action option; it is not approval to perform
133
+ that action.
119
134
  7. Interpret a single-digit next user message as a menu selection only when all conditions hold:
120
135
  - the immediately relevant previous assistant final report contained a next-action menu;
121
136
  - the digit maps to an item in that menu;
@@ -2,7 +2,7 @@
2
2
  mustflow_doc: skill.quadratic-scan-review
3
3
  locale: en
4
4
  canonical: true
5
- revision: 1
5
+ revision: 2
6
6
  lifecycle: mustflow-owned
7
7
  authority: procedure
8
8
  name: quadratic-scan-review
@@ -84,33 +84,35 @@ The review question is not "is there a loop inside a loop?" That catches only th
84
84
  ## Procedure
85
85
 
86
86
  1. Name the repeated path and multiply call count by inner scan length. Review the product `outer_count * inner_count`, not the apparent number of loops.
87
- 2. Search for the obvious collection-combinator shapes: `map` plus `filter`, `map` plus `find`, `forEach` plus `includes`, `filter` plus `indexOf`, `reduce` plus spread, and chained `filter().map().sort()` inside a repeated path.
87
+ 2. Search for the obvious collection-combinator shapes: `map` plus `filter`, `map` plus `find`, `forEach` plus `includes`, `filter` plus `indexOf`, `filter` plus `findIndex`, `reduce` plus spread, and chained `filter().map().sort()` inside a repeated path.
88
88
  3. Search for membership checks over arrays. `includes`, `indexOf`, `contains`, `find`, `some`, and list membership inside a loop usually want `Set.has` or `Map.has` unless the searched list is tiny and hard-capped.
89
89
  4. Search for code joins by ID. `posts.map(post => users.find(...))`, `users.map(user => orders.filter(...))`, permission lookups, likes, bookmarks, read state, tags, and relation lists usually need a `Map` or grouped `Map` keyed by ID or composite key.
90
90
  5. Check duplicate removal. `filter((x, i) => arr.indexOf(x) === i)` is O(N^2). Prefer `Set` for scalar values and `Map` keyed by stable identity for objects.
91
91
  6. Check sorted arrays. Sorting does not make `find` fast. If code repeatedly searches a sorted array, use a prebuilt map, binary search with a proven comparator, or a single sorted merge.
92
92
  7. Check repeated sorting. Sorting inside a per-item loop is usually worse than scanning once, keeping a top candidate, using a heap, or sorting once before the loop.
93
- 8. Check copy-accumulation patterns. `reduce` with `[...acc, item]`, repeated object spread over a growing object, repeated string `+=`, and repeated concatenation can become quadratic copy work. Prefer push, builders, buffers, or one final copy at the boundary.
94
- 9. Check JSON and serialization comparisons. Repeated `JSON.stringify` inside search, equality, sort, dedupe, or render logic multiplies object size by item count. Use explicit keys and precomputed normalized keys.
95
- 10. Open helper bodies called from loops or render paths. Harmless helper names can hide full-list scans, database calls, resolver calls, serialization, sorting, or permission checks.
96
- 11. Check ORM and lazy relations. A single visible loop can become one query per entity. Replace per-entity relation access with eager loading, joins, `WHERE id IN (...)`, batch loading, or DataLoader-style batching.
97
- 12. Check GraphQL and nested resolvers. Parent-list resolvers plus per-field DB or API calls create hidden pairwise fan-out. Batch by parent IDs and preserve field-level authorization semantics.
98
- 13. Check render-time lookup. `rows.map(row => columns.find(...))`, `items.map(item => selectedIds.includes(item.id))`, derived data recomputed on every render, and per-row helper scans should move to memoized sets or maps when inputs are large or stable.
99
- 14. Check all-data-in-app joins. Fetching `allUsers`, `allOrders`, or `allLogs` and joining in application arrays is often a database join without an index. Push join, filter, sort, and pagination to the data store when the data store owns the index and semantics allow it.
100
- 15. Check tree and graph construction. `nodes.map(node => nodes.filter(child => child.parentId === node.id))` should usually become `childrenByParentId` plus one assembly pass. `visited.includes(id)` in traversal should be a `Set`.
101
- 16. Check event-log and time-window scans. Repeatedly scanning all previous events per event should usually become grouping, sorting once, and one pointer or rolling aggregate per key.
102
- 17. Check interval overlap. All-pairs range checks are sometimes necessary, but overlap detection often only needs sorting by start and comparing adjacent or active intervals.
103
- 18. Check incremental updates. Adding one item should not recompute a full ranking, group map, unread count, cart total, or dashboard aggregate unless the collection is fixed and tiny.
104
- 19. Separate index from cache. A `Map` built from current input is an index. A cache stores results across calls or time. Use an index for repeated lookup over already-owned data before introducing cache invalidation.
105
- 20. Require a hard cap for "small list" exceptions. Countries, enum options, or fixed config lists may stay arrays if the cap is real. User data, logs, orders, comments, permissions, tags, events, and uploaded rows need scalable lookup.
106
- 21. Preserve behavior while changing shape. Before replacing scans with indexes, state how order, duplicates, first or last match, missing references, authorization filtering, and stable keys are preserved.
107
- 22. Add growth evidence when feasible. If configured tests or fixtures can scale input size, prefer a small growth test that compares behavior at larger counts. If benchmarking is not configured, report complexity-only evidence instead of a speedup claim.
93
+ 8. Check queue and deletion patterns. JavaScript `shift()` in a large BFS or queue loop moves the remaining array repeatedly; use a head index or real queue. `findIndex` plus `splice` while matching requests to available items can scan and move the same growing array repeatedly; bucket by key and advance a consumption pointer instead.
94
+ 9. Check copy-accumulation patterns. `reduce` with `[...acc, item]`, repeated object spread over a growing object, repeated string `+=`, repeated `concat`, and repeated array spread over a growing result can become quadratic copy work. Prefer push, builders, buffers, or one final copy at the boundary.
95
+ 10. Check JSON and serialization comparisons. Repeated `JSON.stringify` inside search, equality, sort, dedupe, or render logic multiplies object size by item count. Use explicit keys and precomputed normalized keys.
96
+ 11. Open helper bodies called from loops or render paths. Harmless helper names can hide full-list scans, database calls, resolver calls, serialization, sorting, or permission checks.
97
+ 12. Check ORM and lazy relations. A single visible loop can become one query per entity. Replace per-entity relation access with eager loading, joins, `WHERE id IN (...)`, batch loading, or DataLoader-style batching.
98
+ 13. Check GraphQL and nested resolvers. Parent-list resolvers plus per-field DB or API calls create hidden pairwise fan-out. Batch by parent IDs and preserve field-level authorization semantics.
99
+ 14. Check render-time lookup. `rows.map(row => columns.find(...))`, `items.map(item => selectedIds.includes(item.id))`, derived data recomputed on every render, and per-row helper scans should move to memoized sets or maps when inputs are large or stable.
100
+ 15. Check all-data-in-app joins. Fetching `allUsers`, `allOrders`, or `allLogs` and joining in application arrays is often a database join without an index. Push join, filter, sort, and pagination to the data store when the data store owns the index and semantics allow it.
101
+ 16. Check tree and graph construction. `nodes.map(node => nodes.filter(child => child.parentId === node.id))` should usually become `childrenByParentId` plus one assembly pass. `visited.includes(id)` in traversal should be a `Set`. Very deep trees may also need an explicit stack to avoid call-stack failure.
102
+ 17. Check event-log and time-window scans. Repeatedly scanning all previous events per event should usually become grouping, sorting once, and one pointer or rolling aggregate per key.
103
+ 18. Check interval overlap. All-pairs range checks are sometimes necessary, but overlap detection often only needs sorting by start and comparing adjacent or active intervals.
104
+ 19. Check true all-pairs similarity separately. If every item must be compared with every other item, do not promise a linear rewrite. First narrow candidates with stable keys, categories, buckets, hashes, n-grams, ranges, or database indexes, then compare only within the candidate set.
105
+ 20. Check incremental updates. Adding one item should not recompute a full ranking, group map, unread count, cart total, or dashboard aggregate unless the collection is fixed and tiny.
106
+ 21. Separate index from cache. A `Map` built from current input is an index. A cache stores results across calls or time. Use an index for repeated lookup over already-owned data before introducing cache invalidation.
107
+ 22. Require a hard cap for "small list" exceptions. Countries, enum options, or fixed config lists may stay arrays if the cap is real. User data, logs, orders, comments, permissions, tags, events, and uploaded rows need scalable lookup.
108
+ 23. Preserve behavior while changing shape. Before replacing scans with indexes, state how order, duplicates, first or last match, missing references, authorization filtering, and stable keys are preserved.
109
+ 24. Add growth evidence when feasible. If configured tests or fixtures can scale input size, prefer a small growth test that compares behavior at larger counts. If benchmarking is not configured, report complexity-only evidence instead of a speedup claim.
108
110
 
109
111
  <!-- mustflow-section: postconditions -->
110
112
  ## Postconditions
111
113
 
112
114
  - Each suspected O(N^2) path has an outer count, inner count, and data-growth classification.
113
- - Repeated membership checks, code joins, duplicate removal, tree building, resolver fan-out, render-time lookup, helper-hidden scans, repeated sort, copy accumulation, and JSON comparison are fixed or reported.
115
+ - Repeated membership checks, code joins, duplicate removal, tree building, resolver fan-out, render-time lookup, helper-hidden scans, repeated sort, queue `shift()`, `findIndex` plus `splice`, copy accumulation, interval scans, all-pairs candidate narrowing, and JSON comparison are fixed or reported.
114
116
  - Array-to-set or array-to-map changes preserve order, duplicates, missing records, first or last winner, authorization, and stable key behavior.
115
117
  - Small-list exceptions have an explicit hard cap or are reported as residual risk.
116
118
  - Performance claims are backed by configured evidence or labeled as static complexity risk.
@@ -146,7 +148,7 @@ Use the narrowest configured test, build, docs, release, or mustflow intent that
146
148
  - Repeated path reviewed
147
149
  - Outer count, inner count, and data-growth classification
148
150
  - Hidden scan patterns found or ruled out
149
- - Membership, join, dedupe, helper, ORM, resolver, render, tree, graph, event, interval, sort, copy, string, and JSON checks where relevant
151
+ - Membership, join, dedupe, helper, ORM, resolver, render, tree, graph, event, interval, all-pairs, queue, deletion, sort, copy, string, and JSON checks where relevant
150
152
  - Index, grouping, sorted merge, database join, or intentional all-pairs decision
151
153
  - Semantics preserved: order, duplicates, first or last winner, missing IDs, authorization, and stable keys
152
154
  - Evidence level: configured test, static complexity risk, manual-only, missing, or not applicable
@@ -0,0 +1,324 @@
1
+ ---
2
+ mustflow_doc: skill.react-code-change
3
+ locale: en
4
+ canonical: true
5
+ revision: 2
6
+ lifecycle: mustflow-owned
7
+ authority: procedure
8
+ name: react-code-change
9
+ description: Apply this skill when React, React DOM, React Server Components, Server Actions, React Compiler, Hooks, Suspense, Actions, forms, refs, context, render performance, concurrent rendering, SSR streaming, resource hints, package metadata, or React-related tests are created, changed, reviewed, or upgraded.
10
+ metadata:
11
+ mustflow_schema: "1"
12
+ mustflow_kind: procedure
13
+ pack_id: mustflow.core
14
+ skill_id: mustflow.core.react-code-change
15
+ command_intents:
16
+ - changes_status
17
+ - changes_diff_summary
18
+ - lint
19
+ - build
20
+ - test_related
21
+ - test
22
+ - docs_validate_fast
23
+ - test_release
24
+ - mustflow_check
25
+ ---
26
+
27
+ # React Code Change
28
+
29
+ <!-- mustflow-section: purpose -->
30
+ ## Purpose
31
+
32
+ Preserve React runtime, rendering, state, effect, compiler, server/client,
33
+ form, resource, accessibility, and package-version contracts when changing
34
+ React projects, especially open-source contribution patches where maintainers
35
+ expect current React guidance and small, compatible changes.
36
+
37
+ <!-- mustflow-section: use-when -->
38
+ ## Use When
39
+
40
+ - React components, Hooks, context, refs, Suspense boundaries, transitions,
41
+ deferred values, forms, Actions, optimistic UI, React DOM metadata, resource
42
+ hints, SSR streaming, React Server Components, Server Actions, or tests change.
43
+ - `react`, `react-dom`, `react-server-dom-*`, `eslint-plugin-react-hooks`,
44
+ React Compiler, framework adapters, bundlers, JSX transforms, or React package
45
+ metadata changes.
46
+ - A contribution proposes React performance, memoization, effect-dependency,
47
+ hydration, server/client boundary, form mutation, or React version support
48
+ changes.
49
+
50
+ <!-- mustflow-section: do-not-use-when -->
51
+ ## Do Not Use When
52
+
53
+ - The change is framework-free JavaScript or TypeScript with no React boundary;
54
+ use the language-specific skill.
55
+ - The change is only visual CSS, HTML semantics, accessibility tree review, or
56
+ layout resilience with no React behavior; use the narrower frontend or UI skill.
57
+ - Svelte, Astro, Flutter, Tauri, or another framework owns the changed component
58
+ boundary.
59
+ - The task is only a dependency upgrade across many packages; use the dependency
60
+ and freshness skills first, then this skill for React-specific code changes.
61
+
62
+ <!-- mustflow-section: required-inputs -->
63
+ ## Required Inputs
64
+
65
+ - React package evidence: nearest `package.json`, lockfile, workspace metadata,
66
+ framework config, bundler config, JSX transform, and CI or package test signals.
67
+ - Effective React support range: installed `react`, `react-dom`,
68
+ `react-server-dom-*`, React framework version, peer dependency range, and
69
+ library consumer compatibility target.
70
+ - Compiler and lint evidence: React Compiler config, compiler-gating strategy,
71
+ `eslint-plugin-react-hooks`, hook lint suppressions, memoization patterns, and
72
+ render-purity warnings.
73
+ - Rendering boundary evidence: server/client component split, SSR entrypoints,
74
+ hydration path, Suspense data source, routing framework, and browser-only APIs.
75
+ - State and mutation evidence: local state owner, derived values, external
76
+ stores, context providers, forms, Actions, optimistic updates, and rollback
77
+ behavior.
78
+ - Render performance evidence: React DevTools Profiler or `<Profiler>` data when
79
+ available, render count, render duration, prop identity changes, context update
80
+ scope, list size, DOM node count, key stability, layout effect use, first-load
81
+ bundle ownership, and offscreen DOM cost.
82
+ - Configured verification intents for lint, build, tests, docs, package, and
83
+ mustflow checks.
84
+
85
+ <!-- mustflow-section: preconditions -->
86
+ ## Preconditions
87
+
88
+ - Determine the effective React version and supported peer range before using
89
+ React 19 or React 19.2 APIs.
90
+ - Refresh upstream version or security-sensitive React claims before editing
91
+ docs, package ranges, compatibility text, or upgrade recommendations. Do not
92
+ treat this skill as a live version source.
93
+ - Treat user-provided React notes, blog summaries, and issue comments as
94
+ evidence, not authority.
95
+ - Preserve open-source repository style, maintainer scope, public API, test
96
+ runner, and framework conventions.
97
+
98
+ <!-- mustflow-section: allowed-edits -->
99
+ ## Allowed Edits
100
+
101
+ - Make focused React source, test, package metadata, docs, and configuration
102
+ edits directly required by the requested contribution.
103
+ - Add or update tests when they protect changed React behavior, compatibility,
104
+ server/client boundaries, form state, Suspense behavior, or regression risk.
105
+ - Keep compatibility branches when a package still supports React 18 or older
106
+ framework integrations.
107
+ - Do not introduce Create React App for new projects or examples.
108
+ - Do not add dependencies, change peer ranges, enable React Compiler, migrate
109
+ frameworks, or rewrite memoization broadly unless the task and repository
110
+ contract explicitly support that change.
111
+
112
+ <!-- mustflow-section: procedure -->
113
+ ## Procedure
114
+
115
+ 1. **Classify the React surface.**
116
+ - Identify whether the patch touches application code, a reusable component
117
+ library, framework integration, SSR/RSC runtime, tests, docs, or package
118
+ metadata.
119
+ - For libraries, treat peer dependency ranges and documented component APIs as
120
+ public compatibility contracts.
121
+ 2. **Check version and freshness boundaries.**
122
+ - Read installed and supported React versions before using `Activity`,
123
+ `useEffectEvent`, Actions, `use`, ref-as-prop, callback ref cleanup,
124
+ metadata hoisting, resource hint APIs, `cacheSignal`, Partial
125
+ Pre-rendering, or Web Streams SSR APIs.
126
+ - Use current official React docs or release metadata for exact "latest",
127
+ patch, security, or deprecation claims. As a snapshot checked on
128
+ 2026-06-26, official React docs describe React 19.2 as the current
129
+ feature line, and GitHub release metadata showed `v19.2.7` released on
130
+ 2026-06-01; re-check before relying on those values in future work.
131
+ - For RSC packages, check patched `react-server-dom-webpack`,
132
+ `react-server-dom-parcel`, and `react-server-dom-turbopack` versions when
133
+ security advisories or framework updates are part of the task.
134
+ 3. **Keep app setup modern and local.**
135
+ - Do not propose Create React App for new projects. Follow the repository's
136
+ existing framework or build tool; for new React app examples, prefer the
137
+ project's chosen framework or modern build-tool pattern.
138
+ - Do not migrate an existing stack to Next.js, Vite, Parcel, Rsbuild, or a
139
+ React framework merely because React documentation recommends frameworks
140
+ for new apps.
141
+ 4. **Repair effects by responsibility.**
142
+ - Use Effects for synchronization with external systems such as timers,
143
+ subscriptions, DOM or browser APIs, third-party widgets, network
144
+ connections, and cleanup.
145
+ - Do not use Effects to copy props/state into derived state, send event-owned
146
+ mutations, or paper over rendering data flow.
147
+ - Do not silence `react-hooks/exhaustive-deps` as a default fix. If effect
148
+ logic contains non-reactive event behavior and React 19.2 is supported, use
149
+ `useEffectEvent` for that event-like logic only.
150
+ 5. **Preserve state ownership.**
151
+ - Derive renderable values during render when they are computed from current
152
+ props or state.
153
+ - Use updater functions for repeated state updates based on the previous
154
+ value.
155
+ - Normalize state that can otherwise contradict itself. Avoid duplicated,
156
+ deeply nested, or derived state unless the repository has a clear owner.
157
+ - Use `key` for intentional component state reset, and keep component
158
+ functions at top level so React does not recreate component types on every
159
+ render.
160
+ 6. **Treat memoization and the compiler as contracts, not decoration.**
161
+ - Do not blanket-add `memo`, `useMemo`, or `useCallback` to look faster.
162
+ Require profiler, dependency, identity, or compiler evidence.
163
+ - Do not blanket-remove existing memoization in legacy code without tests;
164
+ removal can change identity, effect dependencies, and compiler output.
165
+ - If React Compiler is enabled or proposed, keep components and Hooks pure,
166
+ keep compiler-powered `eslint-plugin-react-hooks` findings visible, and
167
+ report when compiler verification is missing.
168
+ 7. **Handle context, refs, and external stores deliberately.**
169
+ - Split frequently changing context values from stable actions or identities;
170
+ `memo` does not block re-renders caused by context updates.
171
+ - Use React 19 ref-as-prop and callback-ref cleanup only when the support
172
+ range allows it. Preserve `forwardRef` where React 18 compatibility matters.
173
+ - Expose narrow imperative handles with `useImperativeHandle` instead of
174
+ leaking whole DOM nodes or child internals.
175
+ - Use `useSyncExternalStore` for external mutable stores or subscriptions
176
+ instead of ad hoc Effect plus state mirroring.
177
+ 8. **Use concurrent and async primitives for the right boundary.**
178
+ - Use `startTransition` or `useTransition` for non-urgent updates, but do not
179
+ control text input values through a transition.
180
+ - Use `useDeferredValue` when stale-but-responsive derived UI is acceptable;
181
+ use the `initialValue` form only when the React version supports it.
182
+ - Do not expect Suspense to catch ordinary Effect fetches. Suspense needs
183
+ lazy code, framework data, or cached Promise reads.
184
+ - Treat `use` as render-time Promise or context reading, not a normal Hook
185
+ with the ordinary top-level-only mental model. Do not create fresh Promises
186
+ in render and pass them to `use`.
187
+ 9. **Use React 19 form and Action APIs only when supported.**
188
+ - Prefer `useActionState`, `useFormStatus`, `useOptimistic`, `<form action>`,
189
+ and `formAction` for supported React 19 mutation flows with pending,
190
+ errors, resets, progressive enhancement, and rollback.
191
+ - Keep explicit error handling, authorization, validation, idempotency, and
192
+ rollback behavior. Do not hide server failures behind optimistic UI.
193
+ 10. **Review React render hot paths with evidence.**
194
+ - Use React DevTools Profiler, `<Profiler>`, framework traces, or existing
195
+ render-count evidence before claiming a render-performance fix. If none is
196
+ configured, report static render risk instead of measured speedup.
197
+ - Check whether state is owned too high in the tree. Search inputs, tabs,
198
+ modal flags, hover state, and local drafts should not rerender a whole page
199
+ unless that page truly owns the state.
200
+ - Check `memo` failures from unstable props. Inline objects, arrays, functions,
201
+ and selector results can make `React.memo` ineffective; prefer primitive
202
+ props, stable callbacks, or moving object creation behind a real dependency.
203
+ - Move expensive render-time `filter`, `sort`, `map`, grouping, and lookup work
204
+ behind `useMemo`, server-side pagination, route loaders, or pre-indexed data
205
+ when input size can grow.
206
+ - Large lists need pagination, infinite query boundaries, virtualization, or a
207
+ documented hard cap. Do not render thousands of rows because the sample data
208
+ has twenty.
209
+ - Reject unstable keys such as array index for reorderable data and
210
+ `Math.random()` for any list. Use stable item identity so React preserves
211
+ row state and avoids forced remounts.
212
+ - Split oversized context values by change frequency and ownership. `memo`
213
+ does not stop rerenders caused by a fresh context value.
214
+ - Do not use `useEffect` plus `setState` for values derived from current props
215
+ or state. Compute during render or memoize the calculation to avoid the
216
+ extra render pass.
217
+ - For search and filtering, keep the controlled input urgent and move heavy
218
+ result updates behind `useDeferredValue`, `useTransition`, server filtering,
219
+ or pagination when the supported React version and UX allow it.
220
+ - Use `useLayoutEffect` only when pre-paint measurement is required. Avoid
221
+ DOM read/write interleaving that causes layout thrashing.
222
+ - Lazy-load heavy charts, editors, maps, markdown renderers, syntax
223
+ highlighters, and modal-only widgets when they are not needed for the first
224
+ interaction path.
225
+ - For large offscreen sections, consider `content-visibility` plus
226
+ `contain-intrinsic-size`, framework lazy boundaries, or route splitting when
227
+ browser support and layout stability are acceptable.
228
+ 11. **Respect React 19.2 rendering and performance APIs.**
229
+ - Treat `<Activity>` as hidden UI with preserved state, unmounted effects,
230
+ and lower-priority hidden updates, not as `display: none` or ordinary
231
+ conditional rendering.
232
+ - Use React Performance Tracks, React DevTools, or existing profiler evidence
233
+ when claiming render, effect, Scheduler, transition, or component
234
+ performance improvements.
235
+ 12. **Keep server rendering and RSC boundaries exact.**
236
+ - Distinguish Server Components from Server Actions. `"use server"` marks
237
+ server functions or modules for actions; it is not a Server Component tag.
238
+ - Keep browser APIs, client state, and event handlers out of Server
239
+ Components; keep secrets and server-only imports out of Client Components.
240
+ - Use `cacheSignal` only for RSC cached work where abort or cleanup is
241
+ meaningful.
242
+ - For Partial Pre-rendering, `prerender`, `resume`, `resumeAndPrerender`,
243
+ and streaming APIs, verify the framework/runtime owns those APIs before
244
+ changing lower-level React DOM server code.
245
+ - In Node environments, do not assume Web Streams are faster than Node
246
+ streams; preserve the existing SSR stream API unless the task proves the
247
+ runtime benefit and compression behavior.
248
+ 13. **Use React DOM document and resource APIs close to the owner.**
249
+ - Metadata, stylesheets with `precedence`, async scripts, `preinit`,
250
+ `preload`, `preconnect`, and `prefetchDNS` may belong near the component
251
+ that needs them when React and the framework support that behavior.
252
+ - Avoid duplicate head managers, resource hint spam, and hints for assets
253
+ whose timing or priority is unproven.
254
+ 14. **Verify through the repository contract.**
255
+ - Run the smallest configured checks that cover changed React code, package
256
+ metadata, build output, docs, and tests.
257
+ - Report missing browser, hydration, SSR, RSC, compiler, profiler, or
258
+ cross-version React verification when those surfaces changed.
259
+
260
+ <!-- mustflow-section: postconditions -->
261
+ ## Postconditions
262
+
263
+ - Effective React version, peer range, framework ownership, and compiler/lint
264
+ status are known or explicitly reported as unknown.
265
+ - Effects, state, memoization, context, refs, forms, Suspense, and async
266
+ boundaries follow React's current model for the supported version.
267
+ - Render performance claims are backed by profiler or render-count evidence, or
268
+ static risks such as state too high, unstable props, render-time transforms,
269
+ huge lists, unstable keys, oversized context, derived-state effects, layout
270
+ thrashing, eager heavy widgets, and offscreen DOM cost are reported honestly.
271
+ - React 19 and React 19.2 APIs are not introduced into code that still promises
272
+ older React compatibility.
273
+ - SSR, RSC, Server Action, browser-only, and resource-hint boundaries are
274
+ preserved.
275
+ - Performance claims have profiler, benchmark, render-count, or configured
276
+ evidence, or are reported as unverified.
277
+
278
+ <!-- mustflow-section: verification -->
279
+ ## Verification
280
+
281
+ Use configured oneshot command intents when available:
282
+
283
+ - `lint`
284
+ - `build`
285
+ - `test_related`
286
+ - `test`
287
+ - `docs_validate_fast`
288
+ - `test_release`
289
+ - `mustflow_check`
290
+
291
+ Report missing React-version matrix, browser automation, hydration, SSR/RSC,
292
+ Compiler, performance profiling, or package-consumer verification when those
293
+ surfaces changed.
294
+
295
+ <!-- mustflow-section: failure-handling -->
296
+ ## Failure Handling
297
+
298
+ - If React version evidence conflicts, do not assume the newest API is
299
+ available. Preserve the older-compatible path or report the compatibility
300
+ decision.
301
+ - If an effect dependency fix causes reconnects, stale closures, or event logic
302
+ churn, separate reactive synchronization from event-like behavior instead of
303
+ disabling lint.
304
+ - If a compiler or memoization change shifts behavior, restore the previous
305
+ identity boundary or add focused evidence before continuing.
306
+ - If Suspense, `use`, Actions, or RSC behavior is framework-owned, read the
307
+ framework boundary before editing raw React assumptions.
308
+ - If freshness checks are unavailable for a React release, security patch, or
309
+ deprecation claim, avoid embedding exact "latest" wording and report the gap.
310
+
311
+ <!-- mustflow-section: output-format -->
312
+ ## Output Format
313
+
314
+ - React surface and supported version checked
315
+ - Compiler, lint, effect, state, memoization, context, ref, form, Suspense, SSR,
316
+ RSC, and resource-boundary notes
317
+ - Render performance notes: profiler evidence, state ownership, prop identity,
318
+ render-time work, list size, key stability, context scope, derived state,
319
+ layout effects, lazy loading, and offscreen DOM
320
+ - Freshness-sensitive React claims checked or left conservative
321
+ - Files changed
322
+ - Command intents run
323
+ - Skipped checks and reasons
324
+ - Remaining React compatibility or verification risk