oh-my-customcode 0.8.0 → 0.9.0

package/templates/.codex/skills/springboot-best-practices/SKILL.md

@@ -0,0 +1,357 @@
+---
+name: springboot-best-practices
+description: Spring Boot patterns for enterprise Java applications
+user-invocable: false
+---
+
+## Purpose
+
+Apply Spring Boot patterns for building enterprise-grade applications.
+
+## Rules
+
+### 1. Project Structure
+
+```yaml
+structure:
+  layout: layered architecture
+  packages:
+    - controller: REST endpoints
+    - service: Business logic
+    - repository: Data access
+    - model/entity: Domain objects
+    - dto: Data transfer objects
+    - config: Configuration classes
+    - exception: Custom exceptions
+
+example: |
+  com.example.app/
+  ├── controller/
+  │   └── UserController.java
+  ├── service/
+  │   ├── UserService.java
+  │   └── impl/UserServiceImpl.java
+  ├── repository/
+  │   └── UserRepository.java
+  ├── model/
+  │   └── User.java
+  ├── dto/
+  │   ├── UserRequest.java
+  │   └── UserResponse.java
+  ├── config/
+  │   └── SecurityConfig.java
+  └── exception/
+      └── UserNotFoundException.java
+```
+
+### 2. Dependency Injection
+
+```yaml
+prefer:
+  - Constructor injection over field injection
+  - Interface-based dependencies
+  - @RequiredArgsConstructor with final fields
+
+patterns: |
+  // GOOD: Constructor injection
+  @Service
+  @RequiredArgsConstructor
+  public class UserService {
+      private final UserRepository userRepository;
+      private final EmailService emailService;
+  }
+
+  // AVOID: Field injection
+  @Service
+  public class UserService {
+      @Autowired
+      private UserRepository userRepository; // Not recommended
+  }
+```
+
+### 3. REST API Design
+
+```yaml
+controller:
+  annotations:
+    - "@RestController"
+    - "@RequestMapping with base path"
+    - "@Validated for input validation"
+
+patterns: |
+  @RestController
+  @RequestMapping("/api/v1/users")
+  @RequiredArgsConstructor
+  public class UserController {
+
+      private final UserService userService;
+
+      @GetMapping("/{id}")
+      public ResponseEntity<UserResponse> getUser(@PathVariable Long id) {
+          return ResponseEntity.ok(userService.findById(id));
+      }
+
+      @PostMapping
+      @ResponseStatus(HttpStatus.CREATED)
+      public UserResponse createUser(@Valid @RequestBody UserRequest request) {
+          return userService.create(request);
+      }
+
+      @PutMapping("/{id}")
+      public UserResponse updateUser(
+          @PathVariable Long id,
+          @Valid @RequestBody UserRequest request
+      ) {
+          return userService.update(id, request);
+      }
+
+      @DeleteMapping("/{id}")
+      @ResponseStatus(HttpStatus.NO_CONTENT)
+      public void deleteUser(@PathVariable Long id) {
+          userService.delete(id);
+      }
+  }
+```
+
+### 4. Service Layer
+
+```yaml
+principles:
+  - Business logic in service layer
+  - Transaction boundaries at service level
+  - Interface + implementation pattern
+
+patterns: |
+  public interface UserService {
+      UserResponse findById(Long id);
+      UserResponse create(UserRequest request);
+  }
+
+  @Service
+  @Transactional(readOnly = true)
+  @RequiredArgsConstructor
+  public class UserServiceImpl implements UserService {
+
+      private final UserRepository userRepository;
+      private final UserMapper userMapper;
+
+      @Override
+      public UserResponse findById(Long id) {
+          User user = userRepository.findById(id)
+              .orElseThrow(() -> new UserNotFoundException(id));
+          return userMapper.toResponse(user);
+      }
+
+      @Override
+      @Transactional
+      public UserResponse create(UserRequest request) {
+          User user = userMapper.toEntity(request);
+          return userMapper.toResponse(userRepository.save(user));
+      }
+  }
+```
+
+### 5. Data Access
+
+```yaml
+repository:
+  use: Spring Data JPA
+  custom_queries: "@Query annotation or method naming"
+
+patterns: |
+  public interface UserRepository extends JpaRepository<User, Long> {
+
+      Optional<User> findByEmail(String email);
+
+      @Query("SELECT u FROM User u WHERE u.status = :status")
+      List<User> findByStatus(@Param("status") UserStatus status);
+
+      @Query(value = "SELECT * FROM users WHERE created_at > :date",
+             nativeQuery = true)
+      List<User> findRecentUsers(@Param("date") LocalDateTime date);
+  }
+
+entity: |
+  @Entity
+  @Table(name = "users")
+  @Getter
+  @NoArgsConstructor(access = AccessLevel.PROTECTED)
+  public class User {
+
+      @Id
+      @GeneratedValue(strategy = GenerationType.IDENTITY)
+      private Long id;
+
+      @Column(nullable = false, unique = true)
+      private String email;
+
+      @Enumerated(EnumType.STRING)
+      private UserStatus status;
+
+      @CreatedDate
+      private LocalDateTime createdAt;
+  }
+```
+
+### 6. Exception Handling
+
+```yaml
+global_handler:
+  use: "@ControllerAdvice"
+  custom_exceptions: domain-specific
+
+patterns: |
+  @RestControllerAdvice
+  public class GlobalExceptionHandler {
+
+      @ExceptionHandler(UserNotFoundException.class)
+      @ResponseStatus(HttpStatus.NOT_FOUND)
+      public ErrorResponse handleUserNotFound(UserNotFoundException ex) {
+          return new ErrorResponse("USER_NOT_FOUND", ex.getMessage());
+      }
+
+      @ExceptionHandler(MethodArgumentNotValidException.class)
+      @ResponseStatus(HttpStatus.BAD_REQUEST)
+      public ErrorResponse handleValidation(MethodArgumentNotValidException ex) {
+          List<String> errors = ex.getBindingResult()
+              .getFieldErrors()
+              .stream()
+              .map(e -> e.getField() + ": " + e.getDefaultMessage())
+              .toList();
+          return new ErrorResponse("VALIDATION_ERROR", errors);
+      }
+  }
+```
+
+### 7. Configuration
+
+```yaml
+profiles:
+  use: application-{profile}.yml
+  externalize: sensitive values
+
+patterns: |
+  # application.yml
+  spring:
+    profiles:
+      active: ${SPRING_PROFILES_ACTIVE:local}
+    datasource:
+      url: ${DATABASE_URL}
+      username: ${DATABASE_USERNAME}
+      password: ${DATABASE_PASSWORD}
+
+  # application-local.yml
+  spring:
+    datasource:
+      url: jdbc:h2:mem:testdb
+      driver-class-name: org.h2.Driver
+
+configuration_class: |
+  @Configuration
+  @ConfigurationProperties(prefix = "app")
+  @Validated
+  public class AppProperties {
+
+      @NotBlank
+      private String name;
+
+      @Min(1)
+      private int maxConnections;
+
+      // getters, setters
+  }
+```
+
+### 8. Security
+
+```yaml
+principles:
+  - Use Spring Security
+  - Externalize secrets
+  - Implement proper authentication
+
+patterns: |
+  @Configuration
+  @EnableWebSecurity
+  @RequiredArgsConstructor
+  public class SecurityConfig {
+
+      private final JwtTokenProvider tokenProvider;
+
+      @Bean
+      public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+          return http
+              .csrf(csrf -> csrf.disable())
+              .sessionManagement(session ->
+                  session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+              .authorizeHttpRequests(auth -> auth
+                  .requestMatchers("/api/v1/auth/**").permitAll()
+                  .requestMatchers("/api/v1/admin/**").hasRole("ADMIN")
+                  .anyRequest().authenticated())
+              .addFilterBefore(jwtFilter(), UsernamePasswordAuthenticationFilter.class)
+              .build();
+      }
+  }
+```
+
+### 9. Testing
+
+```yaml
+layers:
+  unit: "@MockBean, Mockito"
+  integration: "@SpringBootTest"
+  slice: "@WebMvcTest, @DataJpaTest"
+
+patterns: |
+  // Controller test
+  @WebMvcTest(UserController.class)
+  class UserControllerTest {
+
+      @Autowired
+      private MockMvc mockMvc;
+
+      @MockBean
+      private UserService userService;
+
+      @Test
+      void getUser_shouldReturnUser() throws Exception {
+          given(userService.findById(1L))
+              .willReturn(new UserResponse(1L, "test@example.com"));
+
+          mockMvc.perform(get("/api/v1/users/1"))
+              .andExpect(status().isOk())
+              .andExpect(jsonPath("$.email").value("test@example.com"));
+      }
+  }
+
+  // Repository test
+  @DataJpaTest
+  class UserRepositoryTest {
+
+      @Autowired
+      private UserRepository userRepository;
+
+      @Test
+      void findByEmail_shouldReturnUser() {
+          User user = userRepository.save(new User("test@example.com"));
+
+          Optional<User> found = userRepository.findByEmail("test@example.com");
+
+          assertThat(found).isPresent();
+          assertThat(found.get().getEmail()).isEqualTo("test@example.com");
+      }
+  }
+```
+
+## Application
+
+When writing Spring Boot code:
+
+1. **Always** use constructor injection
+2. **Always** use layered architecture
+3. **Prefer** interface-based services
+4. **Use** DTOs for API contracts
+5. **Handle** exceptions globally
+6. **Externalize** configuration
+7. **Secure** endpoints properly
+8. **Test** each layer appropriately

package/templates/.codex/skills/status/SKILL.md

@@ -0,0 +1,153 @@
+---
+name: status
+description: Show system status and health checks
+argument-hint: "[--verbose] [--health]"
+---
+
+# System Status Skill
+
+Show comprehensive system status including agents, skills, guides, and health checks.
+
+## Options
+
+```
+--verbose, -v    Detailed status
+--health, -h     Health checks only
+```
+
+## Output Format
+
+### Default Status
+```
+AI Agent System - Status
+
+System:
+  Rules: 10 loaded (R000-R009)
+
+Agents:
+  Orchestrator:     1 (secretary)
+  Manager:          3 (mgr-creator, mgr-updater, mgr-supplier)
+  SW Engineer:      6
+  Backend Engineer: 3
+  Infra Engineer:   2
+  Total:           15 agents
+
+Skills:
+  Development:     8
+  Backend:         3
+  Infrastructure:  2
+  Total:          13 skills
+
+Guides:            12 loaded
+Commands:          10 available
+
+Health: ✓ OK
+```
+
+### Verbose Status
+```
+status --verbose
+
+AI Agent System - Detailed Status
+
+Rules:
+  MUST:
+    ✓ R000 language-policy
+    ✓ R001 safety
+    ✓ R002 permissions
+    ✓ R006 agent-design
+
+  SHOULD:
+    ✓ R003 interaction
+    ✓ R004 error-handling
+    ✓ R007 agent-identification
+    ✓ R008 tool-identification
+
+  MAY:
+    ✓ R005 optimization
+    ✓ R009 parallel-execution
+
+Agents:
+  orchestrator/
+    ✓ secretary (internal)
+
+  manager/
+    ✓ mgr-creator (internal)
+    ✓ mgr-updater (internal)
+    ✓ mgr-supplier (internal)
+
+  sw-engineer/
+    ✓ lang-golang-expert (internal)
+    ✓ lang-python-expert (internal)
+    ✓ lang-rust-expert (internal)
+    ✓ lang-kotlin-expert (internal)
+    ✓ lang-typescript-expert (internal)
+    ✓ fe-vercel-agent (external v1.0.0)
+
+  sw-engineer/backend/
+    ✓ be-fastapi-expert (internal)
+    ✓ be-springboot-expert (internal)
+    ✓ be-go-backend-expert (internal)
+
+  infra-engineer/
+    ✓ infra-docker-expert (internal)
+    ✓ infra-aws-expert (internal)
+
+Skills:
+  development/
+    ✓ go-best-practices
+    ✓ python-best-practices
+    ✓ rust-best-practices
+    ✓ kotlin-best-practices
+    ✓ typescript-best-practices
+    ✓ react-best-practices
+    ✓ web-design-guidelines
+    ✓ vercel-deploy
+
+  backend/
+    ✓ fastapi-best-practices
+    ✓ springboot-best-practices
+    ✓ go-backend-best-practices
+
+  infrastructure/
+    ✓ docker-best-practices
+    ✓ aws-best-practices
+
+Guides:
+  ✓ claude-code, web-design
+  ✓ golang, python, rust, kotlin, typescript
+  ✓ fastapi, springboot, go-backend
+  ✓ docker, aws
+
+Commands:
+  system:    lists, status, help
+  manager:   create-agent, update-docs, update-external, audit-agents, fix-refs
+  dev:       dev-review, dev-refactor
+
+All systems operational.
+```
+
+### Health Check
+```
+status --health
+
+Health Checks:
+
+Agents:
+  ✓ 15/15 agents valid
+  ✓ All agent files exist in .codex/agents/
+
+Dependencies:
+  ✓ All skill references valid
+  ✓ All guide references valid
+
+External Sources:
+  ✓ fe-vercel-agent (github: reachable)
+
+Documentation:
+  ✓ AGENTS.md in sync
+  ✓ All .codex/agents/*.md files valid
+  ✓ All .codex/skills/*/SKILL.md files valid
+
+Result: HEALTHY
+```

package/templates/.codex/skills/supabase-postgres-best-practices/SKILL.md

@@ -0,0 +1,99 @@
+---
+name: supabase-postgres-best-practices
+description: PostgreSQL performance optimization guidelines from Supabase. Apply when writing SQL, designing schemas, configuring RLS, or optimizing database performance.
+user-invocable: false
+---
+
+## Supabase PostgreSQL Best Practices
+
+> Source: https://github.com/supabase/agent-skills
+
+### Rule Categories (Prioritized by Impact)
+
+| Priority | Category | Impact | Prefix |
+|----------|----------|--------|--------|
+| 1 | Query Performance | CRITICAL | query- |
+| 2 | Connection Management | CRITICAL | conn- |
+| 3 | Security & RLS | CRITICAL | security- |
+| 4 | Schema Design | HIGH | schema- |
+| 5 | Concurrency & Locking | MEDIUM-HIGH | lock- |
+| 6 | Data Access Patterns | MEDIUM | data- |
+| 7 | Monitoring & Diagnostics | LOW-MEDIUM | monitor- |
+| 8 | Advanced Features | LOW | advanced- |
+
+### 1. Query Performance (CRITICAL)
+
+- Always add indexes for columns used in WHERE, JOIN, and ORDER BY clauses
+- Use partial indexes for filtered queries: `CREATE INDEX idx_active ON users(email) WHERE active = true`
+- Prefer `EXISTS` over `IN` for subqueries
+- Avoid `SELECT *` - specify only needed columns
+- Use `EXPLAIN ANALYZE` to verify query plans
+- Add composite indexes for multi-column queries (column order matters)
+- Use covering indexes to avoid heap lookups
+
+### 2. Connection Management (CRITICAL)
+
+- Use Supabase connection pooler (PgBouncer) for serverless/edge functions
+- Use transaction mode for short-lived queries
+- Use session mode only when needed (prepared statements, advisory locks)
+- Set appropriate pool size limits
+- Release connections promptly - avoid holding connections during external calls
+- Use connection timeouts to prevent leaks
+
+### 3. Security & RLS (CRITICAL)
+
+- Enable RLS on ALL tables exposed via Supabase API
+- Write policies using `auth.uid()` and `auth.jwt()`
+- Avoid functions marked `SECURITY DEFINER` unless necessary
+- Use `SECURITY INVOKER` as default for functions
+- Never trust client-side data - validate in policies
+- Test RLS policies with different roles
+- Use `USING` for read policies, `WITH CHECK` for write policies
+
+### 4. Schema Design (HIGH)
+
+- Use appropriate data types (e.g., `uuid` for IDs, `timestamptz` for times)
+- Add `NOT NULL` constraints where applicable
+- Use `CHECK` constraints for data validation
+- Prefer `text` over `varchar(n)` unless length limit is meaningful
+- Use partial indexes instead of filtered queries
+- Design schemas for the access patterns, not just the data model
+
+### 5. Concurrency & Locking (MEDIUM-HIGH)
+
+- Use `SELECT ... FOR UPDATE SKIP LOCKED` for queue patterns
+- Keep transactions short to minimize lock contention
+- Avoid long-running transactions during migrations
+- Use advisory locks for application-level coordination
+- Be aware of lock ordering to prevent deadlocks
+
+### 6. Data Access Patterns (MEDIUM)
+
+- Use Supabase client libraries for standard CRUD
+- Use RPC functions for complex operations
+- Implement pagination with cursor-based approach (not OFFSET)
+- Use realtime subscriptions judiciously
+- Batch operations where possible
+
+### 7. Monitoring & Diagnostics (LOW-MEDIUM)
+
+- Monitor `pg_stat_statements` for slow queries
+- Check `pg_stat_user_indexes` for unused indexes
+- Monitor connection count and pool utilization
+- Set up alerts for long-running queries
+- Review lock waits periodically
+
+### 8. Advanced Features (LOW)
+
+- Use CTEs for readable complex queries (but note CTE materialization)
+- Leverage PostgreSQL extensions (pgvector, pg_trgm, etc.)
+- Use generated columns for computed values
+- Consider table partitioning for very large tables
+- Use LISTEN/NOTIFY for event-driven patterns
+
+### References
+- Supabase Documentation: https://supabase.com/docs
+- PostgreSQL Official Docs: https://www.postgresql.org/docs/
+- Supabase Agent Skills: https://github.com/supabase/agent-skills
+
+For detailed rule files with specific examples, see guides/supabase-postgres/.