packwise-skills 1.0.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/.cursorrules +23 -23
  2. package/CLAUDE.md +25 -25
  3. package/LICENSE +21 -0
  4. package/README.md +404 -295
  5. package/audit.md +224 -224
  6. package/bin/packwise.js +322 -155
  7. package/install.sh +123 -0
  8. package/package.json +32 -31
  9. package/skill.md +944 -719
  10. package/sub-skills/ai/local-llm.md +183 -183
  11. package/sub-skills/ai/python-ml.md +164 -164
  12. package/sub-skills/backend/go-server.md +184 -184
  13. package/sub-skills/backend/java-spring.md +241 -241
  14. package/sub-skills/backend/node-server.md +164 -164
  15. package/sub-skills/backend/php-laravel.md +175 -175
  16. package/sub-skills/backend/python-server.md +164 -164
  17. package/sub-skills/backend/rust-backend.md +118 -118
  18. package/sub-skills/cli/python-cli.md +236 -236
  19. package/sub-skills/cli/sdk-library.md +497 -497
  20. package/sub-skills/cloud/ci-cd-pipelines.md +350 -350
  21. package/sub-skills/cloud/docker.md +191 -191
  22. package/sub-skills/cloud/kubernetes.md +277 -277
  23. package/sub-skills/cloud/payment-integration.md +307 -307
  24. package/sub-skills/cross-platform/multiplatform.md +252 -252
  25. package/sub-skills/desktop/electron.md +783 -783
  26. package/sub-skills/desktop/game-dev.md +443 -443
  27. package/sub-skills/desktop/native-app.md +123 -123
  28. package/sub-skills/desktop/scenarios.md +443 -443
  29. package/sub-skills/desktop/smart-platforms.md +324 -324
  30. package/sub-skills/desktop/tauri.md +428 -428
  31. package/sub-skills/desktop/vr-ar.md +252 -252
  32. package/sub-skills/desktop/web-to-desktop.md +153 -153
  33. package/sub-skills/embedded/car-infotainment.md +129 -129
  34. package/sub-skills/embedded/esp32.md +184 -184
  35. package/sub-skills/embedded/ros.md +150 -150
  36. package/sub-skills/embedded/stm32.md +160 -160
  37. package/sub-skills/mobile/android.md +322 -322
  38. package/sub-skills/mobile/capacitor.md +232 -232
  39. package/sub-skills/mobile/flutter-mobile.md +138 -138
  40. package/sub-skills/mobile/harmonyos.md +150 -150
  41. package/sub-skills/mobile/ios.md +245 -245
  42. package/sub-skills/mobile/react-native.md +443 -443
  43. package/sub-skills/mobile/wearables.md +230 -230
  44. package/sub-skills/plugins/browser-extension.md +308 -308
  45. package/sub-skills/plugins/jetbrains-plugin.md +226 -226
  46. package/sub-skills/plugins/vscode-extension.md +204 -204
  47. package/sub-skills/security/security-tools.md +174 -174
  48. package/sub-skills/web/monorepo.md +274 -274
  49. package/sub-skills/web/pwa.md +220 -220
  50. package/sub-skills/web/serverless-edge.md +295 -295
  51. package/sub-skills/web/spa.md +266 -266
  52. package/sub-skills/web/ssr.md +228 -228
  53. package/sub-skills/web/wasm.md +243 -243
package/audit.md CHANGED
@@ -1,224 +1,224 @@
1
- # Post-Build Audit — Mandatory Verification
2
-
3
- Top-level document. Must be executed after every build. Cannot be skipped.
4
-
5
- ---
6
-
7
- ## Audit Procedure
8
-
9
- After packaging, the AI **must** load this document and execute all checks below. Any failure blocks delivery.
10
-
11
- ### 1. Build Artifact Integrity
12
-
13
- ```bash
14
- # TypeScript compilation (if applicable)
15
- npx tsc --noEmit 2>&1 | head -5
16
-
17
- # Syntax check (if CJS bundle exists)
18
- node -c dist/server.cjs 2>/dev/null && echo "Syntax OK" || echo "Syntax ERROR"
19
-
20
- # Encryption files (if applicable)
21
- ls data-encrypted/*.enc 2>/dev/null | head -5
22
- head -c 50 data-encrypted/*.enc 2>/dev/null # Should be hex format
23
-
24
- # Package exists and reasonable size
25
- ls -lh release/*.exe release/*.dmg release/*.AppImage release/*.apk 2>/dev/null
26
- ```
27
-
28
- ### 2. Package Validation
29
-
30
- | Check | Method | Pass Criteria |
31
- |-------|--------|--------------|
32
- | Package executable | Double-click to run installer | No errors, wizard displays correctly |
33
- | Logo correct | Check desktop shortcut and installer | Shows user-provided logo |
34
- | License correct | View license in installer | Version, email, copyright correct |
35
- | Install path | Confirm installation directory | Default or user-selected path |
36
-
37
- ### 3. Application Launch
38
-
39
- | Check | Method | Pass Criteria |
40
- |-------|--------|--------------|
41
- | No startup errors | Double-click to open app | No black/white screen, no Error dialog |
42
- | Server ready | Check console logs | Server listening on port |
43
- | Frontend loads | UI displays correctly | No blank page, no 404 |
44
- | Database created | Check userData directory | Database file exists at expected path |
45
- | First launch | Fresh install and open | Welcome screen or normal initial state |
46
-
47
- ### 4. Data Persistence
48
-
49
- | Check | Method | Pass Criteria |
50
- |-------|--------|--------------|
51
- | Data saves | Create data → close → reopen | Data persists correctly |
52
- | Database writes | Perform multiple operations | Database file size increases |
53
- | Config saves | Modify settings → save → reopen | Settings restored correctly |
54
- | Data clear | Clear data → reopen | No residual data, clean initial state |
55
-
56
- ### 5. Encryption & Decryption
57
-
58
- | Check | Method | Pass Criteria |
59
- |-------|--------|--------------|
60
- | Encrypted files correct | Check .enc file content | Hex format (`iv:encrypted_data`) |
61
- | Decryption functional | App uses encrypted data at runtime | Data loads and processes correctly |
62
- | No functional regression | Compare with/without encryption | Core functionality identical |
63
- | Keys not in artifacts | Search build output | 0 matches for key seed/salt |
64
-
65
- ### 6. Credential Security
66
-
67
- ```bash
68
- # Search build artifacts for sensitive information
69
- grep -r "sk-\|apiKey\|secret\|token\|password\|appKey\|accessKey\|SecretKey" dist/ release/ 2>/dev/null
70
-
71
- # Check for source map files (SECURITY: these contain full unobfuscated source)
72
- find dist/ release/ -name '*.map' -type f 2>/dev/null
73
- # Expected: 0 results
74
-
75
- # Check for .env files in build output (SECURITY: may contain secrets)
76
- find dist/ release/ -name '.env*' -type f 2>/dev/null
77
- # Expected: 0 results
78
-
79
- # Check app-specific config files are clean (replace <APP_CONFIG_DIR> with actual path)
80
- cat <APP_CONFIG_DIR>/config.json 2>/dev/null # Should be empty if cleared
81
- cat <APP_CONFIG_DIR>/tts.json 2>/dev/null # Should be empty if cleared
82
- ```
83
-
84
- | Check | Pass Criteria |
85
- |-------|--------------|
86
- | No real keys in build artifacts | Only placeholder text (e.g., `sk-...`) |
87
- | Config files cleared | apiKey/secretKey/appId all empty |
88
- | No source map files in build | `find dist/ release/ -name '*.map'` returns 0 results |
89
- | No .env files in package | `find dist/ release/ -name '.env*'` returns 0 results |
90
- | .gitignore covers sensitive dirs | App config dir, `dist/`, `data-encrypted/`, `.env` all ignored |
91
-
92
- ### 7. File Architecture Validation
93
-
94
- **Electron projects**:
95
- ```
96
- resources/
97
- ├── app.asar (read-only: code + frontend)
98
- ├── app.asar.unpacked/ (native modules)
99
- ├── data/ (encrypted data)
100
- └── public/ (static resources)
101
-
102
- %APPDATA%/<APP_NAME>/<APP_NAME>/.<app-name>/
103
- ├── config.json
104
- ├── tts.json
105
- ├── database.db (SQLite)
106
- ├── saves/
107
- └── memory/
108
- ```
109
-
110
- **Other frameworks**: Check against the architecture defined in the corresponding sub-skill.
111
-
112
- ### 8. Build Artifact Cleanup
113
-
114
- ```bash
115
- # release/ directory should only contain the installer
116
- ls release/
117
- # Expected: only *.exe / *.dmg / *.AppImage / *.apk
118
- # Should NOT contain: win-unpacked/, *.blockmap, builder-debug.yml, latest.yml
119
-
120
- # dist/ should not contain standalone images (if embedded)
121
- ls dist/images/ dist/*.png 2>/dev/null && echo "WARNING: standalone images" || echo "PASS"
122
- ```
123
-
124
- ### 9. Network Verification (Desktop Apps)
125
-
126
- Launch the application with a network monitoring tool active (Wireshark, Fiddler, Charles Proxy, or `netstat`).
127
-
128
- | Check | Method | Pass Criteria |
129
- |-------|--------|--------------|
130
- | No unexpected outbound connections | Monitor network traffic for 60 seconds after launch | Only expected connections (user-configured API, license server, update server) |
131
- | No telemetry without consent | Check for analytics/telemetry endpoints | User explicitly opted in, or none present |
132
- | DNS requests match expected domains | Filter DNS queries | Only configured domains appear |
133
-
134
- ### 10. Performance Assessment
135
-
136
- | Metric | Method | Reference |
137
- |--------|--------|-----------|
138
- | Package size | `ls -lh` | Electron: 130-180MB / Tauri: 3-10MB |
139
- | Startup time | Double-click to UI display | < 5 seconds |
140
- | Memory usage | Task Manager | Electron: 200-500MB |
141
-
142
- ### 10. User Requirements Completeness
143
-
144
- Review all requirements collected before packaging:
145
-
146
- | Requirement Category | Check Item |
147
- |---------------------|------------|
148
- | Platform | Target platforms correct? |
149
- | Architecture | Target architectures correct? |
150
- | Info | App name/version correct? |
151
- | Logo | Logo displays correctly? |
152
- | Output | Package at correct location? |
153
- | Encryption | Encryption functional? |
154
- | Cleanup | Test data cleared? |
155
- | Security | API keys cleared? |
156
- | Corners | Logo corners handled correctly? |
157
- | Signing | Platform signing correct? (macOS mandatory) |
158
-
159
- ### 11. Platform-Specific Checks
160
-
161
- **Windows**:
162
- - NSIS installer wizard works
163
- - Desktop shortcut created
164
- - Start menu entry exists
165
- - Uninstall works correctly
166
-
167
- **macOS**:
168
- - DMG opens correctly
169
- - Drag-to-install works
170
- - Code signature valid (`codesign -v App.app`)
171
- - Gatekeeper does not block
172
-
173
- **Linux**:
174
- - AppImage is executable (`chmod +x *.AppImage && ./AppImage`)
175
- - deb installs correctly (`dpkg -i *.deb`)
176
-
177
- ---
178
-
179
- ## Audit Report Template
180
-
181
- ```
182
- ═══════════════════════════════════════
183
- POST-BUILD AUDIT
184
- ═══════════════════════════════════════
185
-
186
- [BUILD ARTIFACTS]
187
- ✅ TypeScript compilation 0 errors
188
- ✅ Syntax check passed
189
- ✅ Encryption files format correct
190
- ✅ No credential leaks
191
-
192
- [PACKAGE]
193
- ✅ Package valid (XXX MB)
194
- ✅ Logo displays correctly
195
- ✅ License info correct
196
-
197
- [APPLICATION]
198
- ✅ Launches normally
199
- ✅ Database created correctly
200
- ✅ Data persistence works
201
- ✅ Data clear leaves no residue
202
-
203
- [SECURITY]
204
- ✅ Credentials cleared
205
- ✅ No source map files in package
206
- ✅ No .env files in package
207
- ✅ Source code obfuscated
208
- ✅ Content encrypted
209
- ✅ Images embedded (anti-theft)
210
- ✅ No unexpected network connections
211
-
212
- [CLEANUP]
213
- ✅ No residual build artifacts
214
-
215
- [USER REQUIREMENTS]
216
- ✅ All requirements met
217
-
218
- [CONCLUSION]
219
- All checks passed. Ready for delivery.
220
-
221
- [PACKAGE LOCATION]
222
- release/<filename> (<size>MB)
223
- ═══════════════════════════════════════
224
- ```
1
+ # Post-Build Audit — Mandatory Verification
2
+
3
+ Top-level document. Must be executed after every build. Cannot be skipped.
4
+
5
+ ---
6
+
7
+ ## Audit Procedure
8
+
9
+ After packaging, the AI **must** load this document and execute all checks below. Any failure blocks delivery.
10
+
11
+ ### 1. Build Artifact Integrity
12
+
13
+ ```bash
14
+ # TypeScript compilation (if applicable)
15
+ npx tsc --noEmit 2>&1 | head -5
16
+
17
+ # Syntax check (if CJS bundle exists)
18
+ node -c dist/server.cjs 2>/dev/null && echo "Syntax OK" || echo "Syntax ERROR"
19
+
20
+ # Encryption files (if applicable)
21
+ ls data-encrypted/*.enc 2>/dev/null | head -5
22
+ head -c 50 data-encrypted/*.enc 2>/dev/null # Should be hex format
23
+
24
+ # Package exists and reasonable size
25
+ ls -lh release/*.exe release/*.dmg release/*.AppImage release/*.apk 2>/dev/null
26
+ ```
27
+
28
+ ### 2. Package Validation
29
+
30
+ | Check | Method | Pass Criteria |
31
+ |-------|--------|--------------|
32
+ | Package executable | Double-click to run installer | No errors, wizard displays correctly |
33
+ | Logo correct | Check desktop shortcut and installer | Shows user-provided logo |
34
+ | License correct | View license in installer | Version, email, copyright correct |
35
+ | Install path | Confirm installation directory | Default or user-selected path |
36
+
37
+ ### 3. Application Launch
38
+
39
+ | Check | Method | Pass Criteria |
40
+ |-------|--------|--------------|
41
+ | No startup errors | Double-click to open app | No black/white screen, no Error dialog |
42
+ | Server ready | Check console logs | Server listening on port |
43
+ | Frontend loads | UI displays correctly | No blank page, no 404 |
44
+ | Database created | Check userData directory | Database file exists at expected path |
45
+ | First launch | Fresh install and open | Welcome screen or normal initial state |
46
+
47
+ ### 4. Data Persistence
48
+
49
+ | Check | Method | Pass Criteria |
50
+ |-------|--------|--------------|
51
+ | Data saves | Create data → close → reopen | Data persists correctly |
52
+ | Database writes | Perform multiple operations | Database file size increases |
53
+ | Config saves | Modify settings → save → reopen | Settings restored correctly |
54
+ | Data clear | Clear data → reopen | No residual data, clean initial state |
55
+
56
+ ### 5. Encryption & Decryption
57
+
58
+ | Check | Method | Pass Criteria |
59
+ |-------|--------|--------------|
60
+ | Encrypted files correct | Check .enc file content | Hex format (`iv:encrypted_data`) |
61
+ | Decryption functional | App uses encrypted data at runtime | Data loads and processes correctly |
62
+ | No functional regression | Compare with/without encryption | Core functionality identical |
63
+ | Keys not in artifacts | Search build output | 0 matches for key seed/salt |
64
+
65
+ ### 6. Credential Security
66
+
67
+ ```bash
68
+ # Search build artifacts for sensitive information
69
+ grep -r "sk-\|apiKey\|secret\|token\|password\|appKey\|accessKey\|SecretKey" dist/ release/ 2>/dev/null
70
+
71
+ # Check for source map files (SECURITY: these contain full unobfuscated source)
72
+ find dist/ release/ -name '*.map' -type f 2>/dev/null
73
+ # Expected: 0 results
74
+
75
+ # Check for .env files in build output (SECURITY: may contain secrets)
76
+ find dist/ release/ -name '.env*' -type f 2>/dev/null
77
+ # Expected: 0 results
78
+
79
+ # Check app-specific config files are clean (replace <APP_CONFIG_DIR> with actual path)
80
+ cat <APP_CONFIG_DIR>/config.json 2>/dev/null # Should be empty if cleared
81
+ cat <APP_CONFIG_DIR>/tts.json 2>/dev/null # Should be empty if cleared
82
+ ```
83
+
84
+ | Check | Pass Criteria |
85
+ |-------|--------------|
86
+ | No real keys in build artifacts | Only placeholder text (e.g., `sk-...`) |
87
+ | Config files cleared | apiKey/secretKey/appId all empty |
88
+ | No source map files in build | `find dist/ release/ -name '*.map'` returns 0 results |
89
+ | No .env files in package | `find dist/ release/ -name '.env*'` returns 0 results |
90
+ | .gitignore covers sensitive dirs | App config dir, `dist/`, `data-encrypted/`, `.env` all ignored |
91
+
92
+ ### 7. File Architecture Validation
93
+
94
+ **Electron projects**:
95
+ ```
96
+ resources/
97
+ ├── app.asar (read-only: code + frontend)
98
+ ├── app.asar.unpacked/ (native modules)
99
+ ├── data/ (encrypted data)
100
+ └── public/ (static resources)
101
+
102
+ %APPDATA%/<APP_NAME>/<APP_NAME>/.<app-name>/
103
+ ├── config.json
104
+ ├── tts.json
105
+ ├── database.db (SQLite)
106
+ ├── saves/
107
+ └── memory/
108
+ ```
109
+
110
+ **Other frameworks**: Check against the architecture defined in the corresponding sub-skill.
111
+
112
+ ### 8. Build Artifact Cleanup
113
+
114
+ ```bash
115
+ # release/ directory should only contain the installer
116
+ ls release/
117
+ # Expected: only *.exe / *.dmg / *.AppImage / *.apk
118
+ # Should NOT contain: win-unpacked/, *.blockmap, builder-debug.yml, latest.yml
119
+
120
+ # dist/ should not contain standalone images (if embedded)
121
+ ls dist/images/ dist/*.png 2>/dev/null && echo "WARNING: standalone images" || echo "PASS"
122
+ ```
123
+
124
+ ### 9. Network Verification (Desktop Apps)
125
+
126
+ Launch the application with a network monitoring tool active (Wireshark, Fiddler, Charles Proxy, or `netstat`).
127
+
128
+ | Check | Method | Pass Criteria |
129
+ |-------|--------|--------------|
130
+ | No unexpected outbound connections | Monitor network traffic for 60 seconds after launch | Only expected connections (user-configured API, license server, update server) |
131
+ | No telemetry without consent | Check for analytics/telemetry endpoints | User explicitly opted in, or none present |
132
+ | DNS requests match expected domains | Filter DNS queries | Only configured domains appear |
133
+
134
+ ### 10. Performance Assessment
135
+
136
+ | Metric | Method | Reference |
137
+ |--------|--------|-----------|
138
+ | Package size | `ls -lh` | Electron: 130-180MB / Tauri: 3-10MB |
139
+ | Startup time | Double-click to UI display | < 5 seconds |
140
+ | Memory usage | Task Manager | Electron: 200-500MB |
141
+
142
+ ### 10. User Requirements Completeness
143
+
144
+ Review all requirements collected before packaging:
145
+
146
+ | Requirement Category | Check Item |
147
+ |---------------------|------------|
148
+ | Platform | Target platforms correct? |
149
+ | Architecture | Target architectures correct? |
150
+ | Info | App name/version correct? |
151
+ | Logo | Logo displays correctly? |
152
+ | Output | Package at correct location? |
153
+ | Encryption | Encryption functional? |
154
+ | Cleanup | Test data cleared? |
155
+ | Security | API keys cleared? |
156
+ | Corners | Logo corners handled correctly? |
157
+ | Signing | Platform signing correct? (macOS mandatory) |
158
+
159
+ ### 11. Platform-Specific Checks
160
+
161
+ **Windows**:
162
+ - NSIS installer wizard works
163
+ - Desktop shortcut created
164
+ - Start menu entry exists
165
+ - Uninstall works correctly
166
+
167
+ **macOS**:
168
+ - DMG opens correctly
169
+ - Drag-to-install works
170
+ - Code signature valid (`codesign -v App.app`)
171
+ - Gatekeeper does not block
172
+
173
+ **Linux**:
174
+ - AppImage is executable (`chmod +x *.AppImage && ./AppImage`)
175
+ - deb installs correctly (`dpkg -i *.deb`)
176
+
177
+ ---
178
+
179
+ ## Audit Report Template
180
+
181
+ ```
182
+ ═══════════════════════════════════════
183
+ POST-BUILD AUDIT
184
+ ═══════════════════════════════════════
185
+
186
+ [BUILD ARTIFACTS]
187
+ ✅ TypeScript compilation 0 errors
188
+ ✅ Syntax check passed
189
+ ✅ Encryption files format correct
190
+ ✅ No credential leaks
191
+
192
+ [PACKAGE]
193
+ ✅ Package valid (XXX MB)
194
+ ✅ Logo displays correctly
195
+ ✅ License info correct
196
+
197
+ [APPLICATION]
198
+ ✅ Launches normally
199
+ ✅ Database created correctly
200
+ ✅ Data persistence works
201
+ ✅ Data clear leaves no residue
202
+
203
+ [SECURITY]
204
+ ✅ Credentials cleared
205
+ ✅ No source map files in package
206
+ ✅ No .env files in package
207
+ ✅ Source code obfuscated
208
+ ✅ Content encrypted
209
+ ✅ Images embedded (anti-theft)
210
+ ✅ No unexpected network connections
211
+
212
+ [CLEANUP]
213
+ ✅ No residual build artifacts
214
+
215
+ [USER REQUIREMENTS]
216
+ ✅ All requirements met
217
+
218
+ [CONCLUSION]
219
+ All checks passed. Ready for delivery.
220
+
221
+ [PACKAGE LOCATION]
222
+ release/<filename> (<size>MB)
223
+ ═══════════════════════════════════════
224
+ ```