mustflow 2.99.2 → 2.103.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/skill.js +76 -2
- package/dist/cli/lib/external-skill-import.js +391 -0
- package/dist/cli/lib/local-index/index.js +5 -1
- package/dist/core/public-json-contracts.js +16 -0
- package/dist/core/skill-route-resolution.js +54 -6
- package/package.json +1 -1
- package/schemas/README.md +3 -0
- package/schemas/skill-import-report.schema.json +97 -0
- package/templates/default/i18n.toml +36 -6
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +22 -2
- package/templates/default/locales/en/.mustflow/skills/c-code-change/SKILL.md +371 -0
- package/templates/default/locales/en/.mustflow/skills/clarifying-question-gate/SKILL.md +53 -14
- package/templates/default/locales/en/.mustflow/skills/completion-evidence-gate/SKILL.md +15 -3
- package/templates/default/locales/en/.mustflow/skills/css-code-change/SKILL.md +74 -24
- package/templates/default/locales/en/.mustflow/skills/docs-prose-review/SKILL.md +36 -10
- package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +27 -3
- package/templates/default/locales/en/.mustflow/skills/html-code-change/SKILL.md +37 -21
- package/templates/default/locales/en/.mustflow/skills/react-code-change/SKILL.md +278 -0
- package/templates/default/locales/en/.mustflow/skills/routes.toml +24 -0
- package/templates/default/locales/en/.mustflow/skills/shell-code-change/SKILL.md +279 -0
- package/templates/default/locales/en/.mustflow/skills/structured-config-change/SKILL.md +170 -0
- package/templates/default/manifest.toml +29 -1
|
@@ -0,0 +1,278 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.react-code-change
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 1
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: react-code-change
|
|
9
|
+
description: Apply this skill when React, React DOM, React Server Components, Server Actions, React Compiler, Hooks, Suspense, Actions, forms, refs, context, concurrent rendering, SSR streaming, resource hints, package metadata, or React-related tests are created, changed, reviewed, or upgraded.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.react-code-change
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- test_release
|
|
24
|
+
- mustflow_check
|
|
25
|
+
---
|
|
26
|
+
|
|
27
|
+
# React Code Change
|
|
28
|
+
|
|
29
|
+
<!-- mustflow-section: purpose -->
|
|
30
|
+
## Purpose
|
|
31
|
+
|
|
32
|
+
Preserve React runtime, rendering, state, effect, compiler, server/client,
|
|
33
|
+
form, resource, accessibility, and package-version contracts when changing
|
|
34
|
+
React projects, especially open-source contribution patches where maintainers
|
|
35
|
+
expect current React guidance and small, compatible changes.
|
|
36
|
+
|
|
37
|
+
<!-- mustflow-section: use-when -->
|
|
38
|
+
## Use When
|
|
39
|
+
|
|
40
|
+
- React components, Hooks, context, refs, Suspense boundaries, transitions,
|
|
41
|
+
deferred values, forms, Actions, optimistic UI, React DOM metadata, resource
|
|
42
|
+
hints, SSR streaming, React Server Components, Server Actions, or tests change.
|
|
43
|
+
- `react`, `react-dom`, `react-server-dom-*`, `eslint-plugin-react-hooks`,
|
|
44
|
+
React Compiler, framework adapters, bundlers, JSX transforms, or React package
|
|
45
|
+
metadata changes.
|
|
46
|
+
- A contribution proposes React performance, memoization, effect-dependency,
|
|
47
|
+
hydration, server/client boundary, form mutation, or React version support
|
|
48
|
+
changes.
|
|
49
|
+
|
|
50
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
51
|
+
## Do Not Use When
|
|
52
|
+
|
|
53
|
+
- The change is framework-free JavaScript or TypeScript with no React boundary;
|
|
54
|
+
use the language-specific skill.
|
|
55
|
+
- The change is only visual CSS, HTML semantics, accessibility tree review, or
|
|
56
|
+
layout resilience with no React behavior; use the narrower frontend or UI skill.
|
|
57
|
+
- Svelte, Astro, Flutter, Tauri, or another framework owns the changed component
|
|
58
|
+
boundary.
|
|
59
|
+
- The task is only a dependency upgrade across many packages; use the dependency
|
|
60
|
+
and freshness skills first, then this skill for React-specific code changes.
|
|
61
|
+
|
|
62
|
+
<!-- mustflow-section: required-inputs -->
|
|
63
|
+
## Required Inputs
|
|
64
|
+
|
|
65
|
+
- React package evidence: nearest `package.json`, lockfile, workspace metadata,
|
|
66
|
+
framework config, bundler config, JSX transform, and CI or package test signals.
|
|
67
|
+
- Effective React support range: installed `react`, `react-dom`,
|
|
68
|
+
`react-server-dom-*`, React framework version, peer dependency range, and
|
|
69
|
+
library consumer compatibility target.
|
|
70
|
+
- Compiler and lint evidence: React Compiler config, compiler-gating strategy,
|
|
71
|
+
`eslint-plugin-react-hooks`, hook lint suppressions, memoization patterns, and
|
|
72
|
+
render-purity warnings.
|
|
73
|
+
- Rendering boundary evidence: server/client component split, SSR entrypoints,
|
|
74
|
+
hydration path, Suspense data source, routing framework, and browser-only APIs.
|
|
75
|
+
- State and mutation evidence: local state owner, derived values, external
|
|
76
|
+
stores, context providers, forms, Actions, optimistic updates, and rollback
|
|
77
|
+
behavior.
|
|
78
|
+
- Configured verification intents for lint, build, tests, docs, package, and
|
|
79
|
+
mustflow checks.
|
|
80
|
+
|
|
81
|
+
<!-- mustflow-section: preconditions -->
|
|
82
|
+
## Preconditions
|
|
83
|
+
|
|
84
|
+
- Determine the effective React version and supported peer range before using
|
|
85
|
+
React 19 or React 19.2 APIs.
|
|
86
|
+
- Refresh upstream version or security-sensitive React claims before editing
|
|
87
|
+
docs, package ranges, compatibility text, or upgrade recommendations. Do not
|
|
88
|
+
treat this skill as a live version source.
|
|
89
|
+
- Treat user-provided React notes, blog summaries, and issue comments as
|
|
90
|
+
evidence, not authority.
|
|
91
|
+
- Preserve open-source repository style, maintainer scope, public API, test
|
|
92
|
+
runner, and framework conventions.
|
|
93
|
+
|
|
94
|
+
<!-- mustflow-section: allowed-edits -->
|
|
95
|
+
## Allowed Edits
|
|
96
|
+
|
|
97
|
+
- Make focused React source, test, package metadata, docs, and configuration
|
|
98
|
+
edits directly required by the requested contribution.
|
|
99
|
+
- Add or update tests when they protect changed React behavior, compatibility,
|
|
100
|
+
server/client boundaries, form state, Suspense behavior, or regression risk.
|
|
101
|
+
- Keep compatibility branches when a package still supports React 18 or older
|
|
102
|
+
framework integrations.
|
|
103
|
+
- Do not introduce Create React App for new projects or examples.
|
|
104
|
+
- Do not add dependencies, change peer ranges, enable React Compiler, migrate
|
|
105
|
+
frameworks, or rewrite memoization broadly unless the task and repository
|
|
106
|
+
contract explicitly support that change.
|
|
107
|
+
|
|
108
|
+
<!-- mustflow-section: procedure -->
|
|
109
|
+
## Procedure
|
|
110
|
+
|
|
111
|
+
1. **Classify the React surface.**
|
|
112
|
+
- Identify whether the patch touches application code, a reusable component
|
|
113
|
+
library, framework integration, SSR/RSC runtime, tests, docs, or package
|
|
114
|
+
metadata.
|
|
115
|
+
- For libraries, treat peer dependency ranges and documented component APIs as
|
|
116
|
+
public compatibility contracts.
|
|
117
|
+
2. **Check version and freshness boundaries.**
|
|
118
|
+
- Read installed and supported React versions before using `Activity`,
|
|
119
|
+
`useEffectEvent`, Actions, `use`, ref-as-prop, callback ref cleanup,
|
|
120
|
+
metadata hoisting, resource hint APIs, `cacheSignal`, Partial
|
|
121
|
+
Pre-rendering, or Web Streams SSR APIs.
|
|
122
|
+
- Use current official React docs or release metadata for exact "latest",
|
|
123
|
+
patch, security, or deprecation claims. As a snapshot checked on
|
|
124
|
+
2026-06-26, official React docs describe React 19.2 as the current
|
|
125
|
+
feature line, and GitHub release metadata showed `v19.2.7` released on
|
|
126
|
+
2026-06-01; re-check before relying on those values in future work.
|
|
127
|
+
- For RSC packages, check patched `react-server-dom-webpack`,
|
|
128
|
+
`react-server-dom-parcel`, and `react-server-dom-turbopack` versions when
|
|
129
|
+
security advisories or framework updates are part of the task.
|
|
130
|
+
3. **Keep app setup modern and local.**
|
|
131
|
+
- Do not propose Create React App for new projects. Follow the repository's
|
|
132
|
+
existing framework or build tool; for new React app examples, prefer the
|
|
133
|
+
project's chosen framework or modern build-tool pattern.
|
|
134
|
+
- Do not migrate an existing stack to Next.js, Vite, Parcel, Rsbuild, or a
|
|
135
|
+
React framework merely because React documentation recommends frameworks
|
|
136
|
+
for new apps.
|
|
137
|
+
4. **Repair effects by responsibility.**
|
|
138
|
+
- Use Effects for synchronization with external systems such as timers,
|
|
139
|
+
subscriptions, DOM or browser APIs, third-party widgets, network
|
|
140
|
+
connections, and cleanup.
|
|
141
|
+
- Do not use Effects to copy props/state into derived state, send event-owned
|
|
142
|
+
mutations, or paper over rendering data flow.
|
|
143
|
+
- Do not silence `react-hooks/exhaustive-deps` as a default fix. If effect
|
|
144
|
+
logic contains non-reactive event behavior and React 19.2 is supported, use
|
|
145
|
+
`useEffectEvent` for that event-like logic only.
|
|
146
|
+
5. **Preserve state ownership.**
|
|
147
|
+
- Derive renderable values during render when they are computed from current
|
|
148
|
+
props or state.
|
|
149
|
+
- Use updater functions for repeated state updates based on the previous
|
|
150
|
+
value.
|
|
151
|
+
- Normalize state that can otherwise contradict itself. Avoid duplicated,
|
|
152
|
+
deeply nested, or derived state unless the repository has a clear owner.
|
|
153
|
+
- Use `key` for intentional component state reset, and keep component
|
|
154
|
+
functions at top level so React does not recreate component types on every
|
|
155
|
+
render.
|
|
156
|
+
6. **Treat memoization and the compiler as contracts, not decoration.**
|
|
157
|
+
- Do not blanket-add `memo`, `useMemo`, or `useCallback` to look faster.
|
|
158
|
+
Require profiler, dependency, identity, or compiler evidence.
|
|
159
|
+
- Do not blanket-remove existing memoization in legacy code without tests;
|
|
160
|
+
removal can change identity, effect dependencies, and compiler output.
|
|
161
|
+
- If React Compiler is enabled or proposed, keep components and Hooks pure,
|
|
162
|
+
keep compiler-powered `eslint-plugin-react-hooks` findings visible, and
|
|
163
|
+
report when compiler verification is missing.
|
|
164
|
+
7. **Handle context, refs, and external stores deliberately.**
|
|
165
|
+
- Split frequently changing context values from stable actions or identities;
|
|
166
|
+
`memo` does not block re-renders caused by context updates.
|
|
167
|
+
- Use React 19 ref-as-prop and callback-ref cleanup only when the support
|
|
168
|
+
range allows it. Preserve `forwardRef` where React 18 compatibility matters.
|
|
169
|
+
- Expose narrow imperative handles with `useImperativeHandle` instead of
|
|
170
|
+
leaking whole DOM nodes or child internals.
|
|
171
|
+
- Use `useSyncExternalStore` for external mutable stores or subscriptions
|
|
172
|
+
instead of ad hoc Effect plus state mirroring.
|
|
173
|
+
8. **Use concurrent and async primitives for the right boundary.**
|
|
174
|
+
- Use `startTransition` or `useTransition` for non-urgent updates, but do not
|
|
175
|
+
control text input values through a transition.
|
|
176
|
+
- Use `useDeferredValue` when stale-but-responsive derived UI is acceptable;
|
|
177
|
+
use the `initialValue` form only when the React version supports it.
|
|
178
|
+
- Do not expect Suspense to catch ordinary Effect fetches. Suspense needs
|
|
179
|
+
lazy code, framework data, or cached Promise reads.
|
|
180
|
+
- Treat `use` as render-time Promise or context reading, not a normal Hook
|
|
181
|
+
with the ordinary top-level-only mental model. Do not create fresh Promises
|
|
182
|
+
in render and pass them to `use`.
|
|
183
|
+
9. **Use React 19 form and Action APIs only when supported.**
|
|
184
|
+
- Prefer `useActionState`, `useFormStatus`, `useOptimistic`, `<form action>`,
|
|
185
|
+
and `formAction` for supported React 19 mutation flows with pending,
|
|
186
|
+
errors, resets, progressive enhancement, and rollback.
|
|
187
|
+
- Keep explicit error handling, authorization, validation, idempotency, and
|
|
188
|
+
rollback behavior. Do not hide server failures behind optimistic UI.
|
|
189
|
+
10. **Respect React 19.2 rendering and performance APIs.**
|
|
190
|
+
- Treat `<Activity>` as hidden UI with preserved state, unmounted effects,
|
|
191
|
+
and lower-priority hidden updates, not as `display: none` or ordinary
|
|
192
|
+
conditional rendering.
|
|
193
|
+
- Use React Performance Tracks, React DevTools, or existing profiler evidence
|
|
194
|
+
when claiming render, effect, Scheduler, transition, or component
|
|
195
|
+
performance improvements.
|
|
196
|
+
11. **Keep server rendering and RSC boundaries exact.**
|
|
197
|
+
- Distinguish Server Components from Server Actions. `"use server"` marks
|
|
198
|
+
server functions or modules for actions; it is not a Server Component tag.
|
|
199
|
+
- Keep browser APIs, client state, and event handlers out of Server
|
|
200
|
+
Components; keep secrets and server-only imports out of Client Components.
|
|
201
|
+
- Use `cacheSignal` only for RSC cached work where abort or cleanup is
|
|
202
|
+
meaningful.
|
|
203
|
+
- For Partial Pre-rendering, `prerender`, `resume`, `resumeAndPrerender`,
|
|
204
|
+
and streaming APIs, verify the framework/runtime owns those APIs before
|
|
205
|
+
changing lower-level React DOM server code.
|
|
206
|
+
- In Node environments, do not assume Web Streams are faster than Node
|
|
207
|
+
streams; preserve the existing SSR stream API unless the task proves the
|
|
208
|
+
runtime benefit and compression behavior.
|
|
209
|
+
12. **Use React DOM document and resource APIs close to the owner.**
|
|
210
|
+
- Metadata, stylesheets with `precedence`, async scripts, `preinit`,
|
|
211
|
+
`preload`, `preconnect`, and `prefetchDNS` may belong near the component
|
|
212
|
+
that needs them when React and the framework support that behavior.
|
|
213
|
+
- Avoid duplicate head managers, resource hint spam, and hints for assets
|
|
214
|
+
whose timing or priority is unproven.
|
|
215
|
+
13. **Verify through the repository contract.**
|
|
216
|
+
- Run the smallest configured checks that cover changed React code, package
|
|
217
|
+
metadata, build output, docs, and tests.
|
|
218
|
+
- Report missing browser, hydration, SSR, RSC, compiler, profiler, or
|
|
219
|
+
cross-version React verification when those surfaces changed.
|
|
220
|
+
|
|
221
|
+
<!-- mustflow-section: postconditions -->
|
|
222
|
+
## Postconditions
|
|
223
|
+
|
|
224
|
+
- Effective React version, peer range, framework ownership, and compiler/lint
|
|
225
|
+
status are known or explicitly reported as unknown.
|
|
226
|
+
- Effects, state, memoization, context, refs, forms, Suspense, and async
|
|
227
|
+
boundaries follow React's current model for the supported version.
|
|
228
|
+
- React 19 and React 19.2 APIs are not introduced into code that still promises
|
|
229
|
+
older React compatibility.
|
|
230
|
+
- SSR, RSC, Server Action, browser-only, and resource-hint boundaries are
|
|
231
|
+
preserved.
|
|
232
|
+
- Performance claims have profiler or benchmark evidence, or are reported as
|
|
233
|
+
unverified.
|
|
234
|
+
|
|
235
|
+
<!-- mustflow-section: verification -->
|
|
236
|
+
## Verification
|
|
237
|
+
|
|
238
|
+
Use configured oneshot command intents when available:
|
|
239
|
+
|
|
240
|
+
- `lint`
|
|
241
|
+
- `build`
|
|
242
|
+
- `test_related`
|
|
243
|
+
- `test`
|
|
244
|
+
- `docs_validate_fast`
|
|
245
|
+
- `test_release`
|
|
246
|
+
- `mustflow_check`
|
|
247
|
+
|
|
248
|
+
Report missing React-version matrix, browser automation, hydration, SSR/RSC,
|
|
249
|
+
Compiler, performance profiling, or package-consumer verification when those
|
|
250
|
+
surfaces changed.
|
|
251
|
+
|
|
252
|
+
<!-- mustflow-section: failure-handling -->
|
|
253
|
+
## Failure Handling
|
|
254
|
+
|
|
255
|
+
- If React version evidence conflicts, do not assume the newest API is
|
|
256
|
+
available. Preserve the older-compatible path or report the compatibility
|
|
257
|
+
decision.
|
|
258
|
+
- If an effect dependency fix causes reconnects, stale closures, or event logic
|
|
259
|
+
churn, separate reactive synchronization from event-like behavior instead of
|
|
260
|
+
disabling lint.
|
|
261
|
+
- If a compiler or memoization change shifts behavior, restore the previous
|
|
262
|
+
identity boundary or add focused evidence before continuing.
|
|
263
|
+
- If Suspense, `use`, Actions, or RSC behavior is framework-owned, read the
|
|
264
|
+
framework boundary before editing raw React assumptions.
|
|
265
|
+
- If freshness checks are unavailable for a React release, security patch, or
|
|
266
|
+
deprecation claim, avoid embedding exact "latest" wording and report the gap.
|
|
267
|
+
|
|
268
|
+
<!-- mustflow-section: output-format -->
|
|
269
|
+
## Output Format
|
|
270
|
+
|
|
271
|
+
- React surface and supported version checked
|
|
272
|
+
- Compiler, lint, effect, state, memoization, context, ref, form, Suspense, SSR,
|
|
273
|
+
RSC, and resource-boundary notes
|
|
274
|
+
- Freshness-sensitive React claims checked or left conservative
|
|
275
|
+
- Files changed
|
|
276
|
+
- Command intents run
|
|
277
|
+
- Skipped checks and reasons
|
|
278
|
+
- Remaining React compatibility or verification risk
|
|
@@ -432,6 +432,24 @@ route_type = "primary"
|
|
|
432
432
|
priority = 85
|
|
433
433
|
applies_to_reasons = ["code_change", "public_api_change", "test_change", "package_metadata_change"]
|
|
434
434
|
|
|
435
|
+
[routes."c-code-change"]
|
|
436
|
+
category = "general_code"
|
|
437
|
+
route_type = "primary"
|
|
438
|
+
priority = 85
|
|
439
|
+
applies_to_reasons = ["code_change", "behavior_change", "public_api_change", "test_change", "performance_change", "security_change", "package_metadata_change", "release_risk"]
|
|
440
|
+
|
|
441
|
+
[routes."shell-code-change"]
|
|
442
|
+
category = "general_code"
|
|
443
|
+
route_type = "primary"
|
|
444
|
+
priority = 85
|
|
445
|
+
applies_to_reasons = ["code_change", "behavior_change", "public_api_change", "test_change", "docs_change", "workflow_change", "security_change", "package_metadata_change", "release_risk"]
|
|
446
|
+
|
|
447
|
+
[routes."structured-config-change"]
|
|
448
|
+
category = "workflow_contracts"
|
|
449
|
+
route_type = "primary"
|
|
450
|
+
priority = 84
|
|
451
|
+
applies_to_reasons = ["code_change", "docs_change", "workflow_change", "mustflow_config_change", "package_metadata_change", "test_change", "security_change", "release_risk"]
|
|
452
|
+
|
|
435
453
|
[routes."node-code-change"]
|
|
436
454
|
category = "general_code"
|
|
437
455
|
route_type = "primary"
|
|
@@ -966,6 +984,12 @@ route_type = "primary"
|
|
|
966
984
|
priority = 85
|
|
967
985
|
applies_to_reasons = ["ui_change", "docs_change", "code_change", "behavior_change", "migration_change", "package_metadata_change"]
|
|
968
986
|
|
|
987
|
+
[routes."react-code-change"]
|
|
988
|
+
category = "ui_assets"
|
|
989
|
+
route_type = "primary"
|
|
990
|
+
priority = 85
|
|
991
|
+
applies_to_reasons = ["ui_change", "code_change", "behavior_change", "public_api_change", "data_change", "security_change", "privacy_change", "performance_change", "test_change", "package_metadata_change", "release_risk"]
|
|
992
|
+
|
|
969
993
|
[routes."svelte-code-change"]
|
|
970
994
|
category = "ui_assets"
|
|
971
995
|
route_type = "primary"
|
|
@@ -0,0 +1,279 @@
|
|
|
1
|
+
---
|
|
2
|
+
mustflow_doc: skill.shell-code-change
|
|
3
|
+
locale: en
|
|
4
|
+
canonical: true
|
|
5
|
+
revision: 1
|
|
6
|
+
lifecycle: mustflow-owned
|
|
7
|
+
authority: procedure
|
|
8
|
+
name: shell-code-change
|
|
9
|
+
description: Apply this skill when POSIX sh, Bash, shell scripts, shebangs, GitHub Actions run blocks, package script shell snippets, grep/sed/awk/find/xargs pipelines, shell quoting, word splitting, globbing, traps, exit-status handling, or shell portability/security behavior are created, changed, reviewed, or upgraded.
|
|
10
|
+
metadata:
|
|
11
|
+
mustflow_schema: "1"
|
|
12
|
+
mustflow_kind: procedure
|
|
13
|
+
pack_id: mustflow.core
|
|
14
|
+
skill_id: mustflow.core.shell-code-change
|
|
15
|
+
command_intents:
|
|
16
|
+
- changes_status
|
|
17
|
+
- changes_diff_summary
|
|
18
|
+
- lint
|
|
19
|
+
- build
|
|
20
|
+
- test_related
|
|
21
|
+
- test
|
|
22
|
+
- docs_validate_fast
|
|
23
|
+
- test_release
|
|
24
|
+
- mustflow_check
|
|
25
|
+
- line_endings_check
|
|
26
|
+
---
|
|
27
|
+
|
|
28
|
+
# Shell Code Change
|
|
29
|
+
|
|
30
|
+
<!-- mustflow-section: purpose -->
|
|
31
|
+
## Purpose
|
|
32
|
+
|
|
33
|
+
Preserve shell dialect contracts, expansion safety, file-name safety, exit-status integrity,
|
|
34
|
+
CI runner behavior, and command-injection boundaries when editing shell code or shell-shaped
|
|
35
|
+
documentation.
|
|
36
|
+
|
|
37
|
+
Shell bugs usually come from an unstated execution boundary: a file says `sh` while using Bash,
|
|
38
|
+
a GitHub Actions `run` block is preprocessed by YAML and expression interpolation before the
|
|
39
|
+
runner shell sees it, or a pipeline treats filenames as line-delimited text.
|
|
40
|
+
|
|
41
|
+
<!-- mustflow-section: use-when -->
|
|
42
|
+
## Use When
|
|
43
|
+
|
|
44
|
+
- `.sh`, `.bash`, `.bats`, installer scripts, release scripts, hook scripts, Docker entrypoints,
|
|
45
|
+
package scripts, Make recipes, or docs examples containing POSIX sh or Bash snippets are created
|
|
46
|
+
or changed.
|
|
47
|
+
- GitHub Actions, CI, or workflow `run` blocks contain shell code, shell options, environment files,
|
|
48
|
+
heredocs, matrix variables, checkout-dependent shell logic, or context interpolation.
|
|
49
|
+
- Code or docs use shell quoting, parameter expansion, command substitution, globbing, word
|
|
50
|
+
splitting, redirection, pipes, traps, `set` options, `test`, `case`, loops, subshells, functions,
|
|
51
|
+
`eval`, `sh -c`, `bash -c`, or sourced files.
|
|
52
|
+
- Shell snippets combine `grep`, `sed`, `awk`, `find`, `xargs`, `sort`, `date`, `stat`, `readlink`,
|
|
53
|
+
`realpath`, `mktemp`, `rm`, `cp`, `mv`, `sudo`, or platform-specific core utilities.
|
|
54
|
+
- A change claims POSIX portability, Bash-only behavior, GNU/Linux behavior, macOS/BSD behavior,
|
|
55
|
+
GitHub-hosted runner behavior, or cross-platform shell compatibility.
|
|
56
|
+
- Shell code handles untrusted input, paths, URLs, commit messages, pull request metadata, branch
|
|
57
|
+
names, environment variables, secrets, temporary files, generated files, or destructive writes.
|
|
58
|
+
|
|
59
|
+
<!-- mustflow-section: do-not-use-when -->
|
|
60
|
+
## Do Not Use When
|
|
61
|
+
|
|
62
|
+
- The task only maps external command recipes to mustflow command intents; use
|
|
63
|
+
`command-intent-mapping-gate`.
|
|
64
|
+
- The task only changes process spawning, timeout, buffering, environment isolation, or receipt
|
|
65
|
+
handling in product code; use `process-execution-safety`.
|
|
66
|
+
- The task only changes PowerShell syntax or `pwsh` behavior; use `powershell-code-change`.
|
|
67
|
+
- The task only changes path validation or filesystem containment outside shell code; use
|
|
68
|
+
`file-path-cross-platform-change`.
|
|
69
|
+
- The task only changes line-ending policy or investigates CRLF interpreter failures; use
|
|
70
|
+
`line-ending-hygiene`.
|
|
71
|
+
- The shell file is generated and should be regenerated by a configured intent.
|
|
72
|
+
|
|
73
|
+
<!-- mustflow-section: required-inputs -->
|
|
74
|
+
## Required Inputs
|
|
75
|
+
|
|
76
|
+
- Execution identity: shebang, invoked shell, package-manager shell, Make shell, CI shell, container
|
|
77
|
+
shell, operating system, runner image, and whether the script is executed, sourced, or passed to
|
|
78
|
+
`sh -c` or `bash -c`.
|
|
79
|
+
- Dialect target: POSIX sh, Bash, Bash with a minimum version, BusyBox ash, dash, zsh compatibility,
|
|
80
|
+
GNU userland, BSD/macOS userland, or project-pinned container/runtime.
|
|
81
|
+
- Parser and expansion ledger: YAML or workflow interpolation, host shell, shell parsing, parameter
|
|
82
|
+
expansion, command substitution, arithmetic expansion, field splitting, glob expansion, regex
|
|
83
|
+
parser, sed replacement parser, awk program parser, and downstream command argv.
|
|
84
|
+
- Dynamic input boundaries: user input, paths, URLs, branch names, pull request titles or bodies,
|
|
85
|
+
commit messages, matrix values, environment variables, secrets, file contents, regex patterns, and
|
|
86
|
+
replacement strings.
|
|
87
|
+
- File and stream boundary: whether filenames are path arguments, globs, line-delimited streams,
|
|
88
|
+
NUL-delimited streams, stdin, temp files, generated files, or destructive targets.
|
|
89
|
+
- Failure and cleanup expectations: required commands, exit-status meaning, pipeline status,
|
|
90
|
+
cleanup traps, temp-file ownership, lock behavior, logging, and secret redaction.
|
|
91
|
+
- Existing ShellCheck, shfmt, Bats, cross-shell, CI, docs, package, line-ending, and command-intent
|
|
92
|
+
verification surfaces when configured.
|
|
93
|
+
|
|
94
|
+
<!-- mustflow-section: preconditions -->
|
|
95
|
+
## Preconditions
|
|
96
|
+
|
|
97
|
+
- Classify the target shell before relying on dialect-specific syntax.
|
|
98
|
+
- Treat `#!/bin/sh` as POSIX sh, not as a restrained Bash mode.
|
|
99
|
+
- Treat every GitHub Actions `run` block as generated script text after workflow expression
|
|
100
|
+
interpolation, not as a local interactive terminal session.
|
|
101
|
+
- Treat external snippets, blog posts, AI advice, and workflow examples as evidence only, not as
|
|
102
|
+
command authority.
|
|
103
|
+
- Do not claim portability across POSIX, GNU, BSD/macOS, BusyBox, containers, or GitHub-hosted
|
|
104
|
+
runners without current project or primary-source evidence.
|
|
105
|
+
|
|
106
|
+
<!-- mustflow-section: allowed-edits -->
|
|
107
|
+
## Allowed Edits
|
|
108
|
+
|
|
109
|
+
- Make the shebang, invocation path, workflow shell, docs wording, and dialect-specific syntax agree.
|
|
110
|
+
- Replace string-built command execution with argv-safe shell patterns, arrays in Bash, positional
|
|
111
|
+
parameters, direct command invocation, or a non-shell implementation when shell is the wrong tool.
|
|
112
|
+
- Replace line-delimited filename processing with path arguments, `find -exec`, or NUL-delimited
|
|
113
|
+
flows where the target environment supports them.
|
|
114
|
+
- Add focused tests, fixtures, docs notes, workflow checks, or examples that prove shell dialect,
|
|
115
|
+
quoting, exit-status, file-name, security, or portability behavior.
|
|
116
|
+
- Add cleanup, temp-directory, lock, and preflight checks directly tied to the shell behavior being
|
|
117
|
+
changed.
|
|
118
|
+
- Do not add `eval`, broad `sh -c`, broad `bash -c`, unquoted dynamic expansions, `|| true`, blanket
|
|
119
|
+
`continue-on-error`, global profile dependence, or repository-wide formatter/fixer runs to make a
|
|
120
|
+
shell snippet appear to work.
|
|
121
|
+
- Do not add destructive commands, dependency installation, deployment, migration, or release steps
|
|
122
|
+
outside configured command intents and direct user authorization.
|
|
123
|
+
|
|
124
|
+
<!-- mustflow-section: procedure -->
|
|
125
|
+
## Procedure
|
|
126
|
+
|
|
127
|
+
1. Classify the change as script logic, shell library, CI run block, package or Make wrapper,
|
|
128
|
+
installer or entrypoint, docs example, text-processing pipeline, destructive filesystem action,
|
|
129
|
+
or shell portability/security review.
|
|
130
|
+
2. Build the execution ledger:
|
|
131
|
+
- file shebang and executable bit;
|
|
132
|
+
- how the script is invoked;
|
|
133
|
+
- effective shell in local, CI, container, package-manager, Make, or docs-example contexts;
|
|
134
|
+
- whether the file is executed or sourced;
|
|
135
|
+
- working directory, environment inheritance, profile loading, and step-to-step persistence.
|
|
136
|
+
3. Build the dialect ledger:
|
|
137
|
+
- POSIX-only syntax;
|
|
138
|
+
- Bash-only syntax such as arrays, `[[ ]]`, process substitution, here-strings, Bash regex
|
|
139
|
+
matching, `source`, `mapfile`, `readarray`, `local`, or Bash-specific `shopt`;
|
|
140
|
+
- GNU-only utility options;
|
|
141
|
+
- BSD/macOS or BusyBox differences;
|
|
142
|
+
- declared minimum versions or pinned images.
|
|
143
|
+
4. If Bash syntax is required, make the shebang, CI shell, docs, package invocation, and tests say
|
|
144
|
+
Bash. If POSIX sh is required, remove Bash-only syntax instead of hoping the target `/bin/sh`
|
|
145
|
+
accepts it.
|
|
146
|
+
5. Treat `set -e`, `errexit`, `ERR` traps, `nounset`, and `pipefail` as partial tools, not a proof of
|
|
147
|
+
correct failure handling. Review important commands with explicit status handling.
|
|
148
|
+
6. Remember that `pipefail` is not portable to older POSIX sh targets. If POSIX compatibility matters,
|
|
149
|
+
avoid relying on it for correctness.
|
|
150
|
+
7. For pipelines, identify whether the last command's status is enough. Preserve individual status
|
|
151
|
+
evidence when the producing command, filtering command, and consuming command have different
|
|
152
|
+
failure meanings.
|
|
153
|
+
8. Quote parameter expansions by default. Leave expansions unquoted only when intentional field
|
|
154
|
+
splitting or globbing is documented and tested.
|
|
155
|
+
9. Keep lists as real argument lists. In Bash, prefer arrays for command argv. In POSIX sh, use
|
|
156
|
+
positional parameters, `case`, files, stdin, or another language instead of simulating arrays with
|
|
157
|
+
strings.
|
|
158
|
+
10. Do not parse human-oriented command output such as directory listings as data input. Use globs,
|
|
159
|
+
`find`, path arguments, or structured command output.
|
|
160
|
+
11. Handle filenames as path values, not newline-delimited text. Review spaces, tabs, newlines,
|
|
161
|
+
leading dashes, glob characters, quotes, backslashes, empty matches, and missing matches.
|
|
162
|
+
12. Prefer `find -exec ... {} +` for portable batched path handling. Use NUL-delimited flows only
|
|
163
|
+
when both producer and consumer support them in the declared target environment.
|
|
164
|
+
13. When using `xargs`, account for default whitespace parsing, no-input behavior, argument length
|
|
165
|
+
limits, batching, parallelism, and exit-code remapping. Do not use default `xargs` for arbitrary
|
|
166
|
+
filenames.
|
|
167
|
+
14. For `grep`, distinguish no match from error. Do not let an expected no-match status fail CI or
|
|
168
|
+
let a read error look like no match.
|
|
169
|
+
15. For `sed`, avoid assuming in-place editing syntax is portable. Prefer writing to an owned temp
|
|
170
|
+
file and replacing deliberately when cross-platform behavior or line endings matter.
|
|
171
|
+
16. For `awk`, pass dynamic values as data variables instead of interpolating shell strings into the
|
|
172
|
+
program text. Keep shell quoting, awk quoting, regex syntax, and replacement semantics separate.
|
|
173
|
+
17. For `find`, review prune ordering, traversal roots, symlink behavior, destructive actions,
|
|
174
|
+
time predicates, GNU-only predicates, and whether traversal should stop after the first match.
|
|
175
|
+
18. For `date`, `stat`, `readlink`, `realpath`, `grep -P`, `sed -i`, `find -printf`, `find -maxdepth`,
|
|
176
|
+
`xargs -r`, and similar utilities, decide whether the target is GNU, BSD/macOS, BusyBox, or
|
|
177
|
+
POSIX. Replace nonportable options or declare and verify the dependency.
|
|
178
|
+
19. Review locale-sensitive behavior for regex ranges, sorting, character classes, byte-oriented
|
|
179
|
+
token parsing, and reproducible packaging. Set locale only when the code truly needs byte or
|
|
180
|
+
deterministic semantics.
|
|
181
|
+
20. For `test`, `[ ]`, `[[ ]]`, arithmetic, and `case`, choose the construct for the declared
|
|
182
|
+
dialect. Avoid `test` `-a`, `-o`, and parenthesized expression tricks; split conditions with
|
|
183
|
+
shell operators.
|
|
184
|
+
21. Treat command substitution as scalar capture. Do not use it to preserve file contents, trailing
|
|
185
|
+
newlines, binary-like data, or arbitrary line lists.
|
|
186
|
+
22. Use `read` with explicit `IFS` and raw mode when preserving line content matters. Account for a
|
|
187
|
+
final line without a trailing newline.
|
|
188
|
+
23. Review subshell boundaries. Pipeline loops, grouped commands, command substitutions, sourced
|
|
189
|
+
files, and subshells can change whether variables, traps, `cd`, and options persist.
|
|
190
|
+
24. For temporary files, use owned unpredictable temp files or directories, restrictive permissions
|
|
191
|
+
when sensitive data is involved, and cleanup traps that preserve the original exit status.
|
|
192
|
+
25. For destructive operations, require non-empty variables, safe prefix or root checks, explicit
|
|
193
|
+
`--` where supported, and a narrow target. Do not run destructive globs against ambiguous roots.
|
|
194
|
+
26. For GitHub Actions, separate workflow expression interpolation from shell expansion. Pass
|
|
195
|
+
untrusted GitHub context values through environment variables or files, then treat them as data.
|
|
196
|
+
27. For GitHub Actions environment and output files, account for step lifetime, multiline delimiter
|
|
197
|
+
collisions, reserved variables, and echo portability. Do not assume values written for later
|
|
198
|
+
steps are available in the current shell.
|
|
199
|
+
28. For GitHub Actions runner behavior, check shell defaults, job containers, checkout depth, fork
|
|
200
|
+
and Dependabot permissions, secrets availability, runner image drift, and platform-specific
|
|
201
|
+
userland before changing shell code.
|
|
202
|
+
29. Keep secrets out of trace output, logs, process arguments, environment dumps, temp files, and
|
|
203
|
+
diagnostic artifacts. Disable tracing around sensitive commands and redact only as a backup.
|
|
204
|
+
30. Treat `eval`, dynamic `source`, dynamic `.` loading, `sh -c`, remote shell strings, and workflow
|
|
205
|
+
expression injection as command-injection risks unless the command text is fully trusted and
|
|
206
|
+
bounded.
|
|
207
|
+
31. If the shell code becomes complex enough to need structured data parsing, concurrency,
|
|
208
|
+
rollback, JSON mutation, long-lived state, or rich error recovery, consider moving the logic to
|
|
209
|
+
a project-supported runtime and leaving shell as a thin launcher.
|
|
210
|
+
32. Verify with behavior evidence, not only spelling. Useful evidence includes shell lint, format,
|
|
211
|
+
cross-shell execution, Bats or similar tests, CI dry-run or provider evidence, path-shape
|
|
212
|
+
fixtures, line-ending checks, docs validation, package checks, and configured release checks.
|
|
213
|
+
|
|
214
|
+
<!-- mustflow-section: postconditions -->
|
|
215
|
+
## Postconditions
|
|
216
|
+
|
|
217
|
+
- The effective shell, dialect, invocation path, and portability claim are explicit.
|
|
218
|
+
- Parser and expansion boundaries are separated from downstream regex, sed, awk, find, xargs, and
|
|
219
|
+
GitHub Actions expression boundaries.
|
|
220
|
+
- Dynamic values remain data-bound and are not reinterpreted as shell code.
|
|
221
|
+
- Filename handling survives spaces, newlines, leading dashes, glob characters, and empty matches or
|
|
222
|
+
the unsupported cases are stated.
|
|
223
|
+
- Exit-status, pipeline, cleanup, temp-file, destructive-action, logging, and secret-handling
|
|
224
|
+
behavior are verified or reported as remaining risk.
|
|
225
|
+
- CI shell defaults, runner image, checkout, permissions, and environment-file behavior are checked
|
|
226
|
+
when workflow shell code changes.
|
|
227
|
+
|
|
228
|
+
<!-- mustflow-section: verification -->
|
|
229
|
+
## Verification
|
|
230
|
+
|
|
231
|
+
Use configured oneshot command intents when available:
|
|
232
|
+
|
|
233
|
+
- `lint`
|
|
234
|
+
- `build`
|
|
235
|
+
- `test_related`
|
|
236
|
+
- `test`
|
|
237
|
+
- `docs_validate_fast`
|
|
238
|
+
- `test_release`
|
|
239
|
+
- `mustflow_check`
|
|
240
|
+
- `line_endings_check`
|
|
241
|
+
|
|
242
|
+
Report missing ShellCheck, shfmt, Bats, cross-shell, POSIX sh, Bash-version, GNU/BSD/BusyBox,
|
|
243
|
+
GitHub Actions, fork-PR, checkout-depth, secret-redaction, path-shape, destructive-dry-run, or
|
|
244
|
+
line-ending verification when those surfaces change.
|
|
245
|
+
|
|
246
|
+
<!-- mustflow-section: failure-handling -->
|
|
247
|
+
## Failure Handling
|
|
248
|
+
|
|
249
|
+
- If the target shell is unknown, do not introduce dialect-specific syntax without reporting the
|
|
250
|
+
gap or narrowing the invocation.
|
|
251
|
+
- If POSIX portability and Bash convenience conflict, choose one contract explicitly instead of
|
|
252
|
+
writing a hybrid script.
|
|
253
|
+
- If a pipeline passes while an upstream command failed, restructure the status handling before
|
|
254
|
+
adding more output checks.
|
|
255
|
+
- If arbitrary filenames cannot be represented safely by the chosen pipeline, change the data flow
|
|
256
|
+
or state the unsupported filename class.
|
|
257
|
+
- If GNU/BSD/BusyBox behavior differs and cannot be tested, state the platform boundary instead of
|
|
258
|
+
claiming cross-platform support.
|
|
259
|
+
- If GitHub Actions context interpolation can turn untrusted metadata into shell code, move the
|
|
260
|
+
value to a data channel and verify the quoting boundary.
|
|
261
|
+
- If `set -x`, logs, or diagnostic files can expose secrets, stop copying raw output and preserve
|
|
262
|
+
only redacted, bounded evidence.
|
|
263
|
+
- If a docs example suggests raw commands, map it through `command-intent-mapping-gate` before
|
|
264
|
+
treating it as agent-runnable.
|
|
265
|
+
- If CRLF, shebang, or executable-bit failures appear, activate `line-ending-hygiene` and verify
|
|
266
|
+
per-file EOL evidence before normalizing.
|
|
267
|
+
|
|
268
|
+
<!-- mustflow-section: output-format -->
|
|
269
|
+
## Output Format
|
|
270
|
+
|
|
271
|
+
- Shell execution and dialect boundary
|
|
272
|
+
- Parser, expansion, and downstream utility ledger
|
|
273
|
+
- POSIX, Bash, GNU/BSD/BusyBox, and GitHub Actions compatibility decisions
|
|
274
|
+
- Quoting, word-splitting, globbing, command-substitution, and status-handling decisions
|
|
275
|
+
- Filename, temp-file, cleanup, destructive-action, logging, and secret-handling decisions
|
|
276
|
+
- Files changed
|
|
277
|
+
- Command intents run
|
|
278
|
+
- Skipped checks and reasons
|
|
279
|
+
- Remaining shell portability, security, CI, or line-ending risk
|