omniconductor 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +64 -0
- package/LICENSE +219 -0
- package/NOTICE +11 -0
- package/README.md +526 -0
- package/THIRD_PARTY_NOTICES.md +31 -0
- package/TRADEMARKS.md +26 -0
- package/VISION.md +106 -0
- package/adapters/README.md +121 -0
- package/adapters/claude/README.md +102 -0
- package/adapters/claude/SUPPORTED-FEATURES.md +66 -0
- package/adapters/claude/hookify-templates/.recipe-scoped +9 -0
- package/adapters/claude/hookify-templates/README.md +93 -0
- package/adapters/claude/hookify-templates/block-completion-claim-without-push.local.md.template +56 -0
- package/adapters/claude/hookify-templates/block-direct-push-protected-branch.local.md.template +18 -0
- package/adapters/claude/hookify-templates/block-force-push-protected-branch.local.md.template +42 -0
- package/adapters/claude/hookify-templates/block-server-secret-in-client.local.md.template +36 -0
- package/adapters/claude/hookify-templates/warn-any-type-added.local.md.template +44 -0
- package/adapters/claude/hookify-templates/warn-commit-without-pre-commit-review.local.md.template +52 -0
- package/adapters/claude/hookify-templates/warn-console-direct.local.md.template +55 -0
- package/adapters/claude/hookify-templates/warn-create-table-without-access-control.local.md.template +35 -0
- package/adapters/claude/hookify-templates/warn-current-work-without-remaining-tasks.local.md.template +36 -0
- package/adapters/claude/hookify-templates/warn-gh-pr-create-without-pre-merge-review.local.md.template +38 -0
- package/adapters/claude/hookify-templates/warn-hardcoded-text-without-i18n-key.local.md.template +21 -0
- package/adapters/claude/hookify-templates/warn-on-gh-pr-merge.local.md.template +33 -0
- package/adapters/claude/hookify-templates/warn-plan-spec-without-remaining-tasks.local.md.template +44 -0
- package/adapters/claude/hookify-templates/warn-raw-hex-instead-of-token.local.md.template +21 -0
- package/adapters/claude/hookify-templates/warn-security-definer-without-search-path.local.md.template +30 -0
- package/adapters/claude/hookify-templates/warn-stop-commit-without-current-work.local.md.template +47 -0
- package/adapters/claude/hookify-templates/warn-user-manual-completion.local.md.template +40 -0
- package/adapters/claude/transform-spec.md +140 -0
- package/adapters/claude/transform.sh +1169 -0
- package/adapters/codex/README.md +87 -0
- package/adapters/codex/SUPPORTED-FEATURES.md +66 -0
- package/adapters/codex/transform-spec.md +90 -0
- package/adapters/codex/transform.sh +748 -0
- package/adapters/copilot/README.md +88 -0
- package/adapters/copilot/SUPPORTED-FEATURES.md +73 -0
- package/adapters/copilot/transform-spec.md +111 -0
- package/adapters/copilot/transform.sh +757 -0
- package/adapters/cursor/README.md +87 -0
- package/adapters/cursor/SUPPORTED-FEATURES.md +90 -0
- package/adapters/cursor/transform-spec.md +124 -0
- package/adapters/cursor/transform.sh +731 -0
- package/adapters/gemini/README.md +93 -0
- package/adapters/gemini/SUPPORTED-FEATURES.md +80 -0
- package/adapters/gemini/transform-spec.md +102 -0
- package/adapters/gemini/transform.sh +844 -0
- package/adapters/windsurf/README.md +93 -0
- package/adapters/windsurf/SUPPORTED-FEATURES.md +67 -0
- package/adapters/windsurf/transform-spec.md +99 -0
- package/adapters/windsurf/transform.sh +727 -0
- package/bin/omniconductor.js +130 -0
- package/core/README.md +64 -0
- package/core/anti-patterns/README.md +142 -0
- package/core/anti-patterns/dynamic-system-prompt.md +113 -0
- package/core/anti-patterns/frequent-rule-file-edit.md +83 -0
- package/core/anti-patterns/large-file-read-no-range.md +90 -0
- package/core/anti-patterns/no-sub-agent-dispatch.md +89 -0
- package/core/anti-patterns/single-monolithic-rule-file.md +99 -0
- package/core/anti-patterns/skill-eager-load.md +83 -0
- package/core/anti-patterns/tool-call-spam.md +93 -0
- package/core/docs-templates/CURRENT_WORK.md +64 -0
- package/core/docs-templates/INDEX.md +57 -0
- package/core/docs-templates/PLANS.md +44 -0
- package/core/docs-templates/README.md +40 -0
- package/core/docs-templates/REMAINING_TASKS.md +43 -0
- package/core/docs-templates/TASKS.md +51 -0
- package/core/docs-templates/specs/_example.md +121 -0
- package/core/hooks/README.md +62 -0
- package/core/hooks/pretool-agent-routing.sh.template +97 -0
- package/core/hooks/pretool-commit-current-work-check.sh.template +103 -0
- package/core/hooks/pretool-commit-test-coverage-check.sh.template +116 -0
- package/core/hooks/pretool-large-file-read-guard.sh.template +117 -0
- package/core/hooks/stop-cache-hit-baseline-check.sh.template +133 -0
- package/core/hooks/stop-r6-review-check.sh.template +80 -0
- package/core/hooks/stop-session-log-check.sh.template +101 -0
- package/core/hooks/stop-trajectory-log.sh.template +96 -0
- package/core/memory-pattern/EXAMPLES.md +114 -0
- package/core/memory-pattern/README.md +133 -0
- package/core/recipes/README.md +46 -0
- package/core/recipes/auto-mock-data.md +82 -0
- package/core/recipes/branch-strategy.md +100 -0
- package/core/recipes/coding-conventions.md +123 -0
- package/core/recipes/database-discipline.md +65 -0
- package/core/recipes/debugging.md +143 -0
- package/core/recipes/design-system.md +30 -0
- package/core/recipes/i18n.md +118 -0
- package/core/recipes/monorepo.md +101 -0
- package/core/recipes/self-improvement.md +61 -0
- package/core/recipes/tdd.md +128 -0
- package/core/recipes/web-mobile-parity.md +87 -0
- package/core/reflector/SCHEDULING.md +83 -0
- package/core/reflector/prune-lessons.sh +105 -0
- package/core/reflector/reflect-brief.md +11 -0
- package/core/reflector/reflect.command.md +13 -0
- package/core/reflector/run-weekly.sh +54 -0
- package/core/reflector/trajectory-log.sh +55 -0
- package/core/roles/README.md +61 -0
- package/core/roles/builder.md +75 -0
- package/core/roles/designer.md +93 -0
- package/core/roles/helper.md +70 -0
- package/core/roles/planner.md +123 -0
- package/core/roles/reflector.md +72 -0
- package/core/roles/reviewer.md +104 -0
- package/core/roles/scribe.md +89 -0
- package/core/universal-rules/README.md +71 -0
- package/core/universal-rules/meta-discipline.md +292 -0
- package/core/universal-rules/operations.md +162 -0
- package/core/universal-rules/quality-gates.md +191 -0
- package/core/universal-rules/spec-as-you-go.md +123 -0
- package/core/universal-rules/workflow.md +153 -0
- package/core/workflow/PHASES.md +134 -0
- package/core/workflow/README.md +56 -0
- package/docs/MANUAL-INSTALL.md +456 -0
- package/package.json +52 -0
- package/tools/check-framework-purity.sh +91 -0
- package/tools/measure-tokens.sh +169 -0
- package/tools/validate-adapter-output.sh +611 -0
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: block-server-secret-in-client
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
action: block
|
|
6
|
+
conditions:
|
|
7
|
+
- field: file_path
|
|
8
|
+
operator: regex_match
|
|
9
|
+
pattern: ${CONDUCTOR_CLIENT_GLOB}
|
|
10
|
+
- field: new_text
|
|
11
|
+
operator: regex_match
|
|
12
|
+
pattern: ${CONDUCTOR_SERVER_SECRET_PATTERN}
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
🚨 **CRITICAL — server-only secret in client-bundled code (blocked)**
|
|
16
|
+
|
|
17
|
+
A server-only secret pattern was added to a file that ships in the client bundle. **Blocked.**
|
|
18
|
+
|
|
19
|
+
### Why this is critical
|
|
20
|
+
|
|
21
|
+
- Client bundles are downloadable by every user of the app. A server secret placed in client code is extractable from the shipped bundle.
|
|
22
|
+
- A single exposure means the key must be rotated immediately (incident response), not just edited out.
|
|
23
|
+
- Build tooling will happily inline the value — there is no compile-time guard unless one is added (this rule is that guard).
|
|
24
|
+
|
|
25
|
+
### The correct split
|
|
26
|
+
|
|
27
|
+
| Surface | Key type |
|
|
28
|
+
|---|---|
|
|
29
|
+
| Client (browser / mobile) | Public / anon key only — scoped, safe to ship |
|
|
30
|
+
| Server (API route / server action / serverless function / build script) | Secret / privileged key — never imported into client paths |
|
|
31
|
+
|
|
32
|
+
### If this matched a genuine server-only file
|
|
33
|
+
|
|
34
|
+
The path matched `${CONDUCTOR_CLIENT_GLOB}` but is actually server-only — move it under a server-only directory, or narrow `CONDUCTOR_CLIENT_GLOB` for this project. Then retry.
|
|
35
|
+
|
|
36
|
+
**block — operation halted. Relocate the secret to a server-only path and retry.**
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-any-type-added
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
conditions:
|
|
6
|
+
- field: file_path
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: \.(ts|tsx)$
|
|
9
|
+
- field: new_text
|
|
10
|
+
operator: regex_match
|
|
11
|
+
pattern: :\s*any\b
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
⚠️ **`: any` type added — TypeScript discipline (recipe `coding-conventions.md` ABSOLUTE)**
|
|
15
|
+
|
|
16
|
+
A TypeScript file gained a `: any` type annotation. The framework's coding-conventions recipe (`core/recipes/coding-conventions.md`) marks `any` as forbidden: it bypasses the type system the project pays to maintain.
|
|
17
|
+
|
|
18
|
+
### Alternatives
|
|
19
|
+
|
|
20
|
+
| Use case | Replacement |
|
|
21
|
+
|---|---|
|
|
22
|
+
| Unknown shape from external data | `unknown` + type guard / Zod schema |
|
|
23
|
+
| Temporary prototype | TODO comment + explicit `as Type` assertion |
|
|
24
|
+
| Untyped library | `// @ts-expect-error <reason>` + open a typing PR upstream |
|
|
25
|
+
| Variadic params | Generic `<T>` or discriminated union |
|
|
26
|
+
| Test mock | `Partial<T>` or test-runner-specific mock helpers |
|
|
27
|
+
|
|
28
|
+
### Legitimate exceptions (rare)
|
|
29
|
+
|
|
30
|
+
- `Record<string, any>` where any-key any-value JSON is the actual contract — even here, prefer `unknown`.
|
|
31
|
+
- `catch (e: any)` in pre-TS-4.4 code; modern codebases should use `unknown`.
|
|
32
|
+
|
|
33
|
+
### Quick search
|
|
34
|
+
|
|
35
|
+
```bash
|
|
36
|
+
grep -rn ":\s*any\b" <project-source-dir> --include="*.ts" --include="*.tsx" | wc -l
|
|
37
|
+
# Target: 0
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
### Project-local note
|
|
41
|
+
|
|
42
|
+
If your project does NOT use TypeScript (pure JavaScript), delete this rule. If your project allows `any` in specific paths (e.g., test fixtures), edit the `file_path` regex to exclude those paths.
|
|
43
|
+
|
|
44
|
+
**Warn-only — operation proceeds. Pre-merge review (Q2) may upgrade this to a blocker if the issue scores ≥ 80.**
|
package/adapters/claude/hookify-templates/warn-commit-without-pre-commit-review.local.md.template
ADDED
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-commit-without-pre-commit-review
|
|
3
|
+
enabled: true
|
|
4
|
+
event: bash
|
|
5
|
+
conditions:
|
|
6
|
+
- field: command
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: \bgit\s+commit\s+-m\b
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **Pre-commit code review (Q1) reminder before `git commit`**
|
|
12
|
+
|
|
13
|
+
A `git commit` is about to run. Per `core/universal-rules/quality-gates.md` Q1 (pre-commit code review), an automated reviewer must inspect the diff before commit. HIGH-confidence issues (severity ≥ 75) are blockers; LOWER severity becomes follow-up.
|
|
14
|
+
|
|
15
|
+
### Reviewer routing (model selection)
|
|
16
|
+
|
|
17
|
+
| Diff size / nature | Reviewer model |
|
|
18
|
+
|---|---|
|
|
19
|
+
| Multi-file (3+ files cross-cutting) | Opus-tier |
|
|
20
|
+
| Single-file change | Sonnet-tier |
|
|
21
|
+
| Type-design heavy diff | Specialized type-design reviewer if available |
|
|
22
|
+
| Error-handling heavy diff | Specialized silent-failure-hunter if available |
|
|
23
|
+
|
|
24
|
+
When in doubt, upgrade one tier.
|
|
25
|
+
|
|
26
|
+
### Exemptions (no review needed)
|
|
27
|
+
|
|
28
|
+
- 100% docs-only changes (`docs/**`, `*.md` only).
|
|
29
|
+
- Auto-generated lockfile bumps.
|
|
30
|
+
- Auto-generated codegen output (e.g., types from a schema).
|
|
31
|
+
- Hookify rule config files (`.claude/hookify.*.local.md`) — config, not code.
|
|
32
|
+
|
|
33
|
+
Mixed PRs (docs + code) are NOT exempt — any code in the diff triggers review.
|
|
34
|
+
|
|
35
|
+
### What "block on HIGH-confidence" means
|
|
36
|
+
|
|
37
|
+
If the reviewer reports any issue with confidence ≥ 75 and severity ≥ HIGH:
|
|
38
|
+
|
|
39
|
+
1. Commit must NOT proceed.
|
|
40
|
+
2. Fix the issue or document a justified exception in the commit message.
|
|
41
|
+
3. Re-run reviewer on the updated diff.
|
|
42
|
+
4. Only when no HIGH-confidence issues remain: commit.
|
|
43
|
+
|
|
44
|
+
### Verification prompt (orchestrator self-check)
|
|
45
|
+
|
|
46
|
+
> "Is this diff trivial (docs-only / lockfile / codegen) or substantive? If substantive, run Q1 reviewer first. If trivial, note the exemption category in the commit message."
|
|
47
|
+
|
|
48
|
+
### Origin
|
|
49
|
+
|
|
50
|
+
Production pattern: pre-merge review (Q2) caught build-blocker issues that pre-commit review (Q1) would have caught earlier and cheaper. Promoted Q1 to ABSOLUTE.
|
|
51
|
+
|
|
52
|
+
**Warn-only — operation proceeds. Bypassing Q1 puts the burden on Q2.**
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-console-direct
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
conditions:
|
|
6
|
+
- field: file_path
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: ${CONDUCTOR_SOURCE_GLOB}
|
|
9
|
+
- field: new_text
|
|
10
|
+
operator: regex_match
|
|
11
|
+
pattern: console\.(error|log|warn)\s*\(
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
⚠️ **Direct `console.error/log/warn` call — use the project's logger helper**
|
|
15
|
+
|
|
16
|
+
Production code added a direct `console.*` call. The framework's coding-conventions recipe (`core/recipes/coding-conventions.md`) prefers a centralized logger helper over raw console for several reasons:
|
|
17
|
+
|
|
18
|
+
### Why a logger helper
|
|
19
|
+
|
|
20
|
+
- **Observability**: production logs route to an error-aggregation service automatically.
|
|
21
|
+
- **Context**: helper attaches contextual metadata (user ID, request ID, trace ID) the raw console drops.
|
|
22
|
+
- **Log level discipline**: error / warn / info / debug routed differently per environment.
|
|
23
|
+
- **PII safety**: client `console.*` is visible to users; helper can mask sensitive fields.
|
|
24
|
+
|
|
25
|
+
### Standard pattern
|
|
26
|
+
|
|
27
|
+
```ts
|
|
28
|
+
// ❌ Avoid in production code
|
|
29
|
+
catch (e) {
|
|
30
|
+
console.error('Failed:', e)
|
|
31
|
+
return { error: 'Failed' }
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
// ✅ Use the project logger
|
|
35
|
+
import { logError } from '<project>/lib/utils/errorLogger'
|
|
36
|
+
|
|
37
|
+
catch (e) {
|
|
38
|
+
logError('<scope>', e, { userId, contextId })
|
|
39
|
+
return { data: null, error: 'Failed' }
|
|
40
|
+
}
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
### Exemptions
|
|
44
|
+
|
|
45
|
+
- Test / spec files (most projects exclude `*.test.{ts,tsx}` and `*.spec.{ts,tsx}` from the file_path regex).
|
|
46
|
+
- Build / CLI scripts under `scripts/` — direct stdout is the contract.
|
|
47
|
+
- Server-side runtime where stdout *is* the log channel (e.g., serverless functions where stdout → platform log aggregator).
|
|
48
|
+
|
|
49
|
+
The default `${CONDUCTOR_SOURCE_GLOB}` already excludes test files via the recommended pattern. Adjust if your project organizes tests differently.
|
|
50
|
+
|
|
51
|
+
### Project-local note
|
|
52
|
+
|
|
53
|
+
If your project does NOT have a logger helper module, this rule should be paired with introducing one (see `core/recipes/coding-conventions.md` "Error Handling"). Without the helper, the rule is just noise.
|
|
54
|
+
|
|
55
|
+
**Warn-only — operation proceeds.**
|
package/adapters/claude/hookify-templates/warn-create-table-without-access-control.local.md.template
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-create-table-without-access-control
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
action: warn
|
|
6
|
+
conditions:
|
|
7
|
+
- field: file_path
|
|
8
|
+
operator: regex_match
|
|
9
|
+
pattern: \.sql$
|
|
10
|
+
- field: new_text
|
|
11
|
+
operator: regex_match
|
|
12
|
+
pattern: CREATE\s+TABLE\s+(?:IF\s+NOT\s+EXISTS\s+)?\w
|
|
13
|
+
- field: new_text
|
|
14
|
+
operator: not_contains
|
|
15
|
+
pattern: ENABLE ROW LEVEL SECURITY
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
⚠️ **New table without row-level access control**
|
|
19
|
+
|
|
20
|
+
A `CREATE TABLE` was added but the same change does not enable row-level access control.
|
|
21
|
+
|
|
22
|
+
### Required pattern
|
|
23
|
+
|
|
24
|
+
```sql
|
|
25
|
+
CREATE TABLE <table> ( ... );
|
|
26
|
+
ALTER TABLE <table> ENABLE ROW LEVEL SECURITY;
|
|
27
|
+
CREATE POLICY "<name>" ON <table>
|
|
28
|
+
FOR <operation>
|
|
29
|
+
TO <explicit-role> -- name the role; never rely on a permissive default
|
|
30
|
+
USING (<owner-predicate>);
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
A policy with no explicit role grants access by default — a security hole. Read-only reference tables may scope SELECT broadly but should still enable access control.
|
|
34
|
+
|
|
35
|
+
**warn — operation proceeds; message injected. Do not merge a table without access control.**
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-current-work-without-remaining-tasks
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
conditions:
|
|
6
|
+
- field: file_path
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: ${CONDUCTOR_CURRENT_WORK_PATH}$
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **Cross-doc status flip check — REMAINING_TASKS sync reminder**
|
|
12
|
+
|
|
13
|
+
You are editing `${CONDUCTOR_CURRENT_WORK_PATH}`. In the same turn, `${CONDUCTOR_REMAINING_TASKS_PATH}` likely also needs an update.
|
|
14
|
+
|
|
15
|
+
This rule enforces the same-turn cross-doc flip pattern from `core/universal-rules/spec-as-you-go.md` §3 and the broader workflow from `core/universal-rules/workflow.md`. The originating production project caught this gap repeatedly: CURRENT_WORK was updated, but REMAINING_TASKS still showed the same item as `⏳`, producing stale-context confusion in the next session.
|
|
16
|
+
|
|
17
|
+
### Cross-doc flip checklist
|
|
18
|
+
|
|
19
|
+
When CURRENT_WORK gets a new completion / progress entry, also touch:
|
|
20
|
+
|
|
21
|
+
1. **`${CONDUCTOR_REMAINING_TASKS_PATH}`** — flip the matching task ID to ✅ (or update the status column).
|
|
22
|
+
2. **`docs/specs/<area>.md`** — frontmatter `last-updated: <today>`, plus body sections affected by the change.
|
|
23
|
+
3. **`docs/plans/<plan>.plan.md`** (if applicable) — frontmatter `status: APPROVED → SHIPPED` once the plan completes.
|
|
24
|
+
4. **`docs/runbooks/<runbook>.md`** (if applicable) — close the corresponding manual checklist item.
|
|
25
|
+
|
|
26
|
+
### Common skip patterns to watch for
|
|
27
|
+
|
|
28
|
+
- **External-dependency completion** (vendor approvals, DNS records propagated, third-party service activations): the user often reports "X is done" verbally — the manual completion does NOT auto-update REMAINING_TASKS. Update both.
|
|
29
|
+
- **Phase progression**: CURRENT_WORK gains a "Phase N complete" entry but REMAINING_TASKS' phase table column doesn't move. Update both.
|
|
30
|
+
- **Sub-task completion**: CURRENT_WORK records the sub-task; REMAINING_TASKS' parent task remains `⏳` because not every sub-task is done. Update the relevant rows; leave the parent until truly done.
|
|
31
|
+
|
|
32
|
+
### Origin
|
|
33
|
+
|
|
34
|
+
Repeated stale-doc occurrences in production work where one of the two files was treated as the "real" log and the other rotted. Promoted to a same-turn rule because cross-session context loss is expensive.
|
|
35
|
+
|
|
36
|
+
**Warn-only — operation proceeds. The reminder is the value.**
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-gh-pr-create-without-pre-merge-review
|
|
3
|
+
enabled: true
|
|
4
|
+
event: bash
|
|
5
|
+
conditions:
|
|
6
|
+
- field: command
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: \bgh\s+pr\s+create\b
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **Pre-merge code review (Q2) required before merge**
|
|
12
|
+
|
|
13
|
+
A PR is being created. Per `core/universal-rules/quality-gates.md` Q2 (pre-merge code review), the PR must pass a structured review BEFORE merge — distinct from Q1 (pre-commit review on the diff).
|
|
14
|
+
|
|
15
|
+
### Q2 procedure
|
|
16
|
+
|
|
17
|
+
1. **CI green check**: `gh pr checks <#>` or wait for the GitHub UI to show all checks passing.
|
|
18
|
+
2. **Run the pre-merge reviewer** — typically a multi-reviewer parallel pass with a scoring model that aggregates findings.
|
|
19
|
+
3. Findings score ≥ 80 → BLOCK_MERGE; fix and re-run review.
|
|
20
|
+
4. Findings score 75-79 → judgment call (escalate to human if ambiguous; build-blocker guard violations bump to 80).
|
|
21
|
+
5. Findings score ≤ 74 → optional follow-up comment, do not block merge.
|
|
22
|
+
6. Approve → merge.
|
|
23
|
+
|
|
24
|
+
### Exemptions
|
|
25
|
+
|
|
26
|
+
- 100% `docs/**` or `*.md`-only PRs.
|
|
27
|
+
- Auto-generated lockfile updates.
|
|
28
|
+
- Auto-generated codegen-only PRs.
|
|
29
|
+
|
|
30
|
+
### Auto-reminder integration
|
|
31
|
+
|
|
32
|
+
If your project uses `core/hooks/stop-r6-review-check.sh.template` (installed by the Claude adapter), it injects a reminder on session-stop when push + open PR is detected, with a cool-down to avoid spam.
|
|
33
|
+
|
|
34
|
+
### Origin
|
|
35
|
+
|
|
36
|
+
Production pattern: a PR was merged that had passed Q1 pre-commit review but skipped Q2 pre-merge review. Q2 would have caught a build-blocker (i18n score 75) — the orchestrator was explicitly called out for the skip. Promoted Q2 to ABSOLUTE.
|
|
37
|
+
|
|
38
|
+
**Warn-only — operation proceeds. The PR exists; the responsibility to run Q2 before merge is now on the orchestrator.**
|
package/adapters/claude/hookify-templates/warn-hardcoded-text-without-i18n-key.local.md.template
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-hardcoded-text-without-i18n-key
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
action: warn
|
|
6
|
+
conditions:
|
|
7
|
+
- field: file_path
|
|
8
|
+
operator: regex_match
|
|
9
|
+
pattern: \.(tsx|jsx)$
|
|
10
|
+
- field: new_text
|
|
11
|
+
operator: regex_match
|
|
12
|
+
pattern: >\s*[A-Z][a-zA-Z]{3,}(\s+[A-Z]?[a-zA-Z]+)*\s*<
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
⚠️ **Hardcoded user-facing text — possible missing i18n key**
|
|
16
|
+
|
|
17
|
+
A literal user-facing string was rendered directly in a component. On a multi-locale project, user-facing text must come from a translation key, not a hardcoded literal.
|
|
18
|
+
|
|
19
|
+
If this string is not user-facing (a test id, a constant, a non-translated proper noun), proceed.
|
|
20
|
+
|
|
21
|
+
**warn — operation proceeds; message injected.**
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-on-gh-pr-merge
|
|
3
|
+
enabled: true
|
|
4
|
+
event: bash
|
|
5
|
+
conditions:
|
|
6
|
+
- field: command
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: \bgh\s+pr\s+merge\b
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **PR merge — 4-spot status flip required (same turn)**
|
|
12
|
+
|
|
13
|
+
A PR merge command was issued. Per `core/universal-rules/spec-as-you-go.md` §3 and the audit-stale-pattern rule, every merge requires immediate cross-doc status flips in the same turn. Skipping this produces stale documentation that audit dispatches in subsequent sessions waste cycles re-investigating.
|
|
14
|
+
|
|
15
|
+
### Same-turn 4-spot flip
|
|
16
|
+
|
|
17
|
+
1. **`${CONDUCTOR_REMAINING_TASKS_PATH}`** — flip the corresponding task ID to ✅ (run `grep -n` for stale `⏳` markers tied to the merged work).
|
|
18
|
+
2. **`docs/plans/<plan>.plan.md`** — frontmatter `status: APPROVED → SHIPPED`; body's "Out of scope" / "Sprint buffer" / "Deferred" sections updated accordingly.
|
|
19
|
+
3. **`docs/runbooks/<runbook>.md`** — close the user-manual checklist items + summary table rows the merge resolves.
|
|
20
|
+
4. **`${CONDUCTOR_CURRENT_WORK_PATH}`** — append a `+N` entry: PR number, merge sha, one-line summary, follow-up actions.
|
|
21
|
+
|
|
22
|
+
### Additional checks
|
|
23
|
+
|
|
24
|
+
- **`docs/audits/<latest>.md`** — close findings the merge resolves (preserve historical dated snapshots).
|
|
25
|
+
- **`docs/specs/<area>.md`** — frontmatter `last-updated: YYYY-MM-DD` plus body sections (per `core/universal-rules/spec-as-you-go.md` §1).
|
|
26
|
+
|
|
27
|
+
### Origin
|
|
28
|
+
|
|
29
|
+
Production pattern: PR merged, CURRENT_WORK updated, but REMAINING_TASKS / plan frontmatter / runbook checklists left stale for days. Subsequent audit dispatches surfaced the stale items as findings, wasting cycles on already-resolved work.
|
|
30
|
+
|
|
31
|
+
**Merge is not the end of a task. The 4-spot flip is.**
|
|
32
|
+
|
|
33
|
+
**Warn-only — operation proceeds. Treat the reminder as a gate before declaring the task done.**
|
package/adapters/claude/hookify-templates/warn-plan-spec-without-remaining-tasks.local.md.template
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-plan-spec-without-remaining-tasks
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
conditions:
|
|
6
|
+
- field: file_path
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: docs/(plans|specs)/.*\.md$
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **Plan / spec edit — cross-doc flip check**
|
|
12
|
+
|
|
13
|
+
You are editing `docs/plans/*.md` or `docs/specs/*.md`. In the same turn, `${CONDUCTOR_REMAINING_TASKS_PATH}` and `${CONDUCTOR_CURRENT_WORK_PATH}` likely also need updates.
|
|
14
|
+
|
|
15
|
+
This rule enforces the 4-spot flip pattern from `core/universal-rules/spec-as-you-go.md` §3. The originating project caught this gap repeatedly: a plan flipped to "shipped" in body text but its frontmatter status stayed `APPROVED`, so audit dispatches kept finding it as a stale unfinished item.
|
|
16
|
+
|
|
17
|
+
### 4-spot flip (same turn)
|
|
18
|
+
|
|
19
|
+
1. **`${CONDUCTOR_REMAINING_TASKS_PATH}`** — task status / external-dependency list / phase checklist (search by task ID *and* keyword to catch drift).
|
|
20
|
+
2. **This plan/spec frontmatter** — flip `status: APPROVED → SHIPPED` (or equivalent) directly in the YAML block, not just the prose.
|
|
21
|
+
3. **`docs/runbooks/<runbook>.md`** — close any manual checklist tied to the change.
|
|
22
|
+
4. **`docs/audits/<latest>.md`** — close findings that this change resolves (do NOT modify dated historical audit snapshots; create a follow-up note instead).
|
|
23
|
+
|
|
24
|
+
### Frontmatter completeness (related — `core/universal-rules/spec-as-you-go.md` §1.2)
|
|
25
|
+
|
|
26
|
+
When editing a spec body, also update:
|
|
27
|
+
|
|
28
|
+
- `last-updated: YYYY-MM-DD` — today's date.
|
|
29
|
+
- `last-tested: YYYY-MM-DD` (if the spec tracks it) — date of most recent verified pass.
|
|
30
|
+
- `status` field, if present.
|
|
31
|
+
- The `api_routes:` / `pages:` / `components:` / `services:` / `hooks:` lists, if you added or removed any.
|
|
32
|
+
|
|
33
|
+
Body changes without frontmatter changes leave future audits unable to detect staleness.
|
|
34
|
+
|
|
35
|
+
### Origin
|
|
36
|
+
|
|
37
|
+
Two recurring patterns in production:
|
|
38
|
+
|
|
39
|
+
1. Plan body text said "shipped" but frontmatter status stayed `APPROVED` → audit dispatch flagged plan as still pending → wasted investigation cycles.
|
|
40
|
+
2. Spec body added new API routes but `api_routes:` frontmatter list wasn't extended → other agents loading the spec by route name missed the addition.
|
|
41
|
+
|
|
42
|
+
Both promoted to same-turn ABSOLUTE per `spec-as-you-go.md`.
|
|
43
|
+
|
|
44
|
+
**Warn-only — operation proceeds.**
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-raw-hex-instead-of-token
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
action: warn
|
|
6
|
+
conditions:
|
|
7
|
+
- field: file_path
|
|
8
|
+
operator: regex_match
|
|
9
|
+
pattern: \.(tsx|jsx|css|scss)$
|
|
10
|
+
- field: new_text
|
|
11
|
+
operator: regex_match
|
|
12
|
+
pattern: (style\s*=\s*\{\{[^}]*#[0-9a-fA-F]{6}|:\s*#[0-9a-fA-F]{6})
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
⚠️ **Raw hex color — use a design token**
|
|
16
|
+
|
|
17
|
+
An inline raw hex color was added. Reference a design token (color variable) instead, so theming and dark-mode stay consistent.
|
|
18
|
+
|
|
19
|
+
If this is an intentional one-off outside the token system (e.g. a third-party embed), justify it in the change and proceed.
|
|
20
|
+
|
|
21
|
+
**warn — operation proceeds; message injected.**
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-security-definer-without-search-path
|
|
3
|
+
enabled: true
|
|
4
|
+
event: file
|
|
5
|
+
action: warn
|
|
6
|
+
conditions:
|
|
7
|
+
- field: file_path
|
|
8
|
+
operator: regex_match
|
|
9
|
+
pattern: \.sql$
|
|
10
|
+
- field: new_text
|
|
11
|
+
operator: regex_match
|
|
12
|
+
pattern: SECURITY\s+DEFINER
|
|
13
|
+
- field: new_text
|
|
14
|
+
operator: not_contains
|
|
15
|
+
pattern: SET search_path
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
⚠️ **SECURITY DEFINER function without an explicit search_path**
|
|
19
|
+
|
|
20
|
+
A `SECURITY DEFINER` function runs with the definer's privileges. Without `SET search_path`, a caller can shadow objects via their own schema and hijack the elevated execution.
|
|
21
|
+
|
|
22
|
+
### Required
|
|
23
|
+
|
|
24
|
+
```sql
|
|
25
|
+
CREATE FUNCTION ... SECURITY DEFINER
|
|
26
|
+
SET search_path = <trusted-schemas>
|
|
27
|
+
AS $$ ... $$;
|
|
28
|
+
```
|
|
29
|
+
|
|
30
|
+
**warn — operation proceeds; message injected.**
|
package/adapters/claude/hookify-templates/warn-stop-commit-without-current-work.local.md.template
ADDED
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-stop-commit-without-current-work
|
|
3
|
+
enabled: true
|
|
4
|
+
event: stop
|
|
5
|
+
conditions:
|
|
6
|
+
- field: transcript
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: git\s+commit\s+-m
|
|
9
|
+
- field: transcript
|
|
10
|
+
operator: not_contains
|
|
11
|
+
pattern: ${CONDUCTOR_CURRENT_WORK_PATH}
|
|
12
|
+
---
|
|
13
|
+
|
|
14
|
+
⚠️ **Session has commits but `${CONDUCTOR_CURRENT_WORK_PATH}` was never touched**
|
|
15
|
+
|
|
16
|
+
The session transcript contains `git commit -m` evidence but no edits to `${CONDUCTOR_CURRENT_WORK_PATH}`. Per `core/universal-rules/spec-as-you-go.md` §3 (same-turn docs sync), every commit producing a behavior or content change requires a corresponding `${CONDUCTOR_CURRENT_WORK_PATH}` `+N` entry in the same turn.
|
|
17
|
+
|
|
18
|
+
### Process before Stop
|
|
19
|
+
|
|
20
|
+
1. **`${CONDUCTOR_CURRENT_WORK_PATH}`** — append `+N` entry:
|
|
21
|
+
- Date.
|
|
22
|
+
- Change summary (1-2 sentences).
|
|
23
|
+
- Commit sha.
|
|
24
|
+
- Affected scope (which area / module).
|
|
25
|
+
- Follow-up actions (if any).
|
|
26
|
+
2. **`${CONDUCTOR_REMAINING_TASKS_PATH}`** — flip affected task IDs to ✅ or update status.
|
|
27
|
+
3. **`docs/specs/<area>.md`** — frontmatter `last-updated` + body sections (per `core/universal-rules/spec-as-you-go.md` §1).
|
|
28
|
+
4. **`docs/plans/<plan>.plan.md`** (if applicable) — frontmatter status flip.
|
|
29
|
+
5. **`docs/runbooks/<runbook>.md`** (if applicable) — close checklist items.
|
|
30
|
+
|
|
31
|
+
### Exceptions (rule does not apply cleanly)
|
|
32
|
+
|
|
33
|
+
- **Pure auto-generated commits** (lockfile-only, codegen-only) — body content has nothing CURRENT_WORK could meaningfully record.
|
|
34
|
+
- **Pure config-rotation commits** (e.g., dotfile housekeeping) — narrow exception; usually still merits a brief CURRENT_WORK note.
|
|
35
|
+
|
|
36
|
+
Most ordinary feature / fix / refactor / docs commits warrant a CURRENT_WORK `+N` entry.
|
|
37
|
+
|
|
38
|
+
### Anti-evasion
|
|
39
|
+
|
|
40
|
+
- "I'll update CURRENT_WORK next turn" — next turn is not guaranteed (session may end / model may be replaced). Update in the same turn.
|
|
41
|
+
- "Too small to log" — every commit appears in `git log` and gets searched. CURRENT_WORK is the first stop for that search; tiny commits are exactly the ones that benefit from a one-line entry.
|
|
42
|
+
|
|
43
|
+
### Origin
|
|
44
|
+
|
|
45
|
+
Repeated production pattern: PR merged, no CURRENT_WORK update, next session starts with stale context, agent re-investigates already-completed work. Promoted to ABSOLUTE same-turn rule.
|
|
46
|
+
|
|
47
|
+
**Warn-only — operation proceeds. The reminder is the value; bypassing it costs the next session.**
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: warn-user-manual-completion
|
|
3
|
+
enabled: true
|
|
4
|
+
event: prompt
|
|
5
|
+
conditions:
|
|
6
|
+
- field: user_prompt
|
|
7
|
+
operator: regex_match
|
|
8
|
+
pattern: (했어|완료했|끝냈|활성화\s*했|등록했|push\s*했|푸시했|푸쉬했|deploy\s*했|배포했|머지했|merge\s*했|발급받았|승인됐|approved|done\s+manually|finished\s+manually|deployed|activated|registered)
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
⚠️ **User reports manual completion — immediate docs sync required**
|
|
12
|
+
|
|
13
|
+
The user just reported a manual / external completion (vendor approval, DNS propagation, deploy, key issuance, dashboard configuration, etc.). Per `core/universal-rules/spec-as-you-go.md` §3 (real-time docs sync), this triggers an **immediate** same-turn update across multiple docs. **Do not defer.**
|
|
14
|
+
|
|
15
|
+
### Same-turn updates
|
|
16
|
+
|
|
17
|
+
1. **`${CONDUCTOR_CURRENT_WORK_PATH}`** — append `+N` entry: date, manual action description, outcome, references (file / env var / dashboard URL).
|
|
18
|
+
2. **`${CONDUCTOR_REMAINING_TASKS_PATH}`** — flip the matching item to ✅ (e.g., user-manual list, A.x action items, external-dependency list, phase checklist).
|
|
19
|
+
3. **`docs/specs/<area>.md`** — frontmatter `last-updated: <today>` + body section "Current state" updated.
|
|
20
|
+
4. **Memory / reference docs** — if the manual action introduced new credentials, expiry dates, or vendor-specific facts, add or update the corresponding `reference_<name>.md` memory file.
|
|
21
|
+
|
|
22
|
+
### Common manual-completion categories
|
|
23
|
+
|
|
24
|
+
- External account signup / approval (payment provider, financial-data provider, identity provider, partner program).
|
|
25
|
+
- DNS / Cloudflare records (DKIM, DMARC, SPF, DNSSEC).
|
|
26
|
+
- Hosting platform env-var registration / redeploy trigger.
|
|
27
|
+
- App store / marketplace submissions or approvals.
|
|
28
|
+
- API key / token issuance.
|
|
29
|
+
|
|
30
|
+
### Why this rule exists (origin)
|
|
31
|
+
|
|
32
|
+
Production pattern: user reported a manual completion verbally; the orchestrator updated CURRENT_WORK and one memory file but missed REMAINING_TASKS / runbook / spec. Resulting stale state for several days, until a subsequent audit dispatch surfaced the discrepancy. The user explicitly flagged this as a recurring failure mode → promoted to same-turn ABSOLUTE.
|
|
33
|
+
|
|
34
|
+
### Verification self-prompt
|
|
35
|
+
|
|
36
|
+
> "Is the just-reported completion now reflected in `${CONDUCTOR_REMAINING_TASKS_PATH}` AND `${CONDUCTOR_CURRENT_WORK_PATH}` AND the relevant spec?"
|
|
37
|
+
|
|
38
|
+
If any answer is no, update those documents in this same turn before proceeding.
|
|
39
|
+
|
|
40
|
+
**Warn-only — operation proceeds. Treat the warn as a blocker on declaring the task done.**
|