prjct-cli 2.63.2 → 2.67.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/CHANGELOG.md +20 -2
  2. package/README.md +18 -21
  3. package/assets/statusline/components/limits.sh +66 -0
  4. package/assets/statusline/default-config.json +5 -1
  5. package/assets/statusline/lib/cache.sh +48 -2
  6. package/assets/statusline/lib/config.sh +10 -4
  7. package/assets/statusline/statusline.sh +1 -1
  8. package/dist/bin/prjct-core.mjs +413 -407
  9. package/dist/daemon/entry.mjs +341 -335
  10. package/dist/mcp/server.mjs +201 -195
  11. package/dist/templates.json +1 -1
  12. package/package.json +1 -1
  13. package/scripts/install.sh +3 -3
  14. package/templates/antigravity/SKILL.md +2 -2
  15. package/templates/crew/agents/implementer.md +1 -1
  16. package/templates/cursor/router.mdc +1 -1
  17. package/templates/global/ANTIGRAVITY.md +1 -1
  18. package/templates/global/CURSOR.mdc +1 -1
  19. package/templates/global/GEMINI.md +1 -1
  20. package/templates/global/STORAGE-SPEC.md +4 -5
  21. package/templates/global/WINDSURF.md +1 -1
  22. package/templates/mcp-config.json +2 -2
  23. package/templates/windsurf/router.md +1 -1
  24. package/templates/agentic/checklist-routing.md +0 -98
  25. package/templates/agentic/orchestrator.md +0 -68
  26. package/templates/agentic/task-fragmentation.md +0 -89
  27. package/templates/agents/AGENTS.md +0 -67
  28. package/templates/checklists/architecture.md +0 -28
  29. package/templates/checklists/code-quality.md +0 -28
  30. package/templates/checklists/data.md +0 -33
  31. package/templates/checklists/documentation.md +0 -33
  32. package/templates/checklists/infrastructure.md +0 -33
  33. package/templates/checklists/performance.md +0 -33
  34. package/templates/checklists/security.md +0 -33
  35. package/templates/checklists/testing.md +0 -33
  36. package/templates/checklists/ux-ui.md +0 -37
  37. package/templates/config/skill-mappings.json +0 -82
  38. package/templates/context/dashboard.md +0 -251
  39. package/templates/context/roadmap.md +0 -221
  40. package/templates/cursor/commands/ship.md +0 -6
  41. package/templates/cursor/commands/task.md +0 -6
  42. package/templates/cursor/p.md +0 -6
  43. package/templates/permissions/default.jsonc +0 -60
  44. package/templates/permissions/permissive.jsonc +0 -49
  45. package/templates/permissions/strict.jsonc +0 -58
  46. package/templates/skills/code-review.md +0 -47
  47. package/templates/skills/debug.md +0 -61
  48. package/templates/skills/refactor.md +0 -47
  49. package/templates/tools/bash.txt +0 -22
  50. package/templates/tools/edit.txt +0 -18
  51. package/templates/tools/glob.txt +0 -19
  52. package/templates/tools/grep.txt +0 -21
  53. package/templates/tools/read.txt +0 -14
  54. package/templates/tools/task.txt +0 -20
  55. package/templates/tools/webfetch.txt +0 -16
  56. package/templates/tools/websearch.txt +0 -18
  57. package/templates/tools/write.txt +0 -17
  58. package/templates/windsurf/workflows/ship.md +0 -6
  59. package/templates/windsurf/workflows/task.md +0 -6
@@ -25,9 +25,9 @@ All reads and writes go through the `prjct` CLI, which manages a SQLite database
25
25
 
26
26
  ### How to interact with storage
27
27
 
28
- - **Read state**: Use `prjct status`, `prjct dash`, `prjct next` CLI commands
29
- - **Write state**: Use `prjct` CLI commands (task, done, pause, resume, etc.)
30
- - **Issue tracker setup**: Use `prjct linear setup` or `prjct jira setup` (MCP/OAuth)
28
+ - **Read state**: Use `prjct status`, `prjct context`, or MCP project tools
29
+ - **Write state**: Use `prjct` CLI commands (`task`, `status`, `capture`, `remember`, etc.)
30
+ - **Issue tracker setup**: Configure Linear/Jira MCP servers in the AI client; prjct has no native tracker CLI verbs
31
31
  - **Never** read/write JSON files in `storage/` or `memory/` directories
32
32
 
33
33
  ---
@@ -307,8 +307,7 @@ Issue tracker integrations are MCP-only.
307
307
 
308
308
  ### Setup
309
309
 
310
- - `prjct linear setup`
311
- - `prjct jira setup`
310
+ Configure Linear/Jira MCP servers in the AI client when issue tracker access is needed.
312
311
 
313
312
  ### Operational Model
314
313
 
@@ -6,7 +6,7 @@ description: "prjct - Context layer for AI coding agents"
6
6
  <!-- prjct:start - DO NOT REMOVE THIS MARKER -->
7
7
  # p/ — Context layer for AI agents
8
8
 
9
- Skills auto-activate for: task, status, ship, sync, bug, workflow, spec, guard, capture, remember, context, linear, jira
9
+ Skills auto-activate for: task, status, ship, sync, workflow, spec, guard, capture, remember, context
10
10
  Other commands: run `prjct <command> --md` and follow CLI output
11
11
 
12
12
  Flow: idea → spec when warranted → task → work → status done → ship
@@ -23,7 +23,7 @@
23
23
  }
24
24
  },
25
25
  "integrations": {
26
- "linear": "MCP - Run `prjct linear setup`",
27
- "jira": "MCP - Run `prjct jira setup`"
26
+ "linear": "MCP - configure in your AI client",
27
+ "jira": "MCP - configure in your AI client"
28
28
  }
29
29
  }
@@ -5,5 +5,5 @@ description: "prjct - Context layer for AI coding agents"
5
5
 
6
6
  # prjct
7
7
 
8
- Core: /sync, /task, /status, /ship, /bug, /workflow, /spec, /guard
8
+ Core: /sync, /task, /status, /ship, /workflow, /spec, /guard
9
9
  Other: run `prjct <command> --md` and follow CLI output
@@ -1,98 +0,0 @@
1
- ---
2
- allowed-tools: [Read, Glob]
3
- description: 'Determine which quality checklists to apply - Claude decides'
4
- ---
5
-
6
- # Checklist Routing Instructions
7
-
8
- ## Objective
9
-
10
- Determine which quality checklists are relevant for a task by analyzing the ACTUAL task and its scope.
11
-
12
- ## Step 1: Understand the Task
13
-
14
- Read the task description and identify:
15
-
16
- - What type of work is being done? (new feature, bug fix, refactor, infra, docs)
17
- - What domains are affected? (code, UI, API, database, deployment)
18
- - What is the scope? (small fix, major feature, architectural change)
19
-
20
- ## Step 2: Consider Task Domains
21
-
22
- Each task can touch multiple domains. Consider:
23
-
24
- | Domain | Signals |
25
- |--------|---------|
26
- | Code Quality | Writing/modifying any code |
27
- | Architecture | New components, services, or major refactors |
28
- | UX/UI | User-facing changes, CLI output, visual elements |
29
- | Infrastructure | Deployment, containers, CI/CD, cloud resources |
30
- | Security | Auth, user data, external inputs, secrets |
31
- | Testing | New functionality, bug fixes, critical paths |
32
- | Documentation | Public APIs, complex features, breaking changes |
33
- | Performance | Data processing, loops, network calls, rendering |
34
- | Accessibility | User interfaces (web, mobile, CLI) |
35
- | Data | Database operations, caching, data transformations |
36
-
37
- ## Step 3: Match Task to Checklists
38
-
39
- Based on your analysis, select relevant checklists:
40
-
41
- **DO NOT assume:**
42
- - Every task needs all checklists
43
- - "Frontend" = only UX checklist
44
- - "Backend" = only Code Quality checklist
45
-
46
- **DO analyze:**
47
- - What the task actually touches
48
- - What quality dimensions matter for this specific work
49
- - What could go wrong if not checked
50
-
51
- ## Available Checklists
52
-
53
- Located in `templates/checklists/`:
54
-
55
- | Checklist | When to Apply |
56
- |-----------|---------------|
57
- | `code-quality.md` | Any code changes (any language) |
58
- | `architecture.md` | New modules, services, significant structural changes |
59
- | `ux-ui.md` | User-facing interfaces (web, mobile, CLI, API DX) |
60
- | `infrastructure.md` | Deployment, containers, CI/CD, cloud resources |
61
- | `security.md` | ALWAYS for: auth, user input, external APIs, secrets |
62
- | `testing.md` | New features, bug fixes, refactors |
63
- | `documentation.md` | Public APIs, complex features, configuration changes |
64
- | `performance.md` | Data-intensive operations, critical paths |
65
- | `accessibility.md` | Any user interface work |
66
- | `data.md` | Database, caching, data transformations |
67
-
68
- ## Decision Process
69
-
70
- 1. Read task description
71
- 2. Identify primary work domain
72
- 3. List secondary domains affected
73
- 4. Select 2-4 most relevant checklists
74
- 5. Consider Security (almost always relevant)
75
-
76
- ## Output
77
-
78
- Return selected checklists with reasoning:
79
-
80
- ```json
81
- {
82
- "checklists": ["code-quality", "security", "testing"],
83
- "reasoning": "Task involves new API endpoint (code), handles user input (security), and adds business logic (testing)",
84
- "priority_items": ["Input validation", "Error handling", "Happy path tests"],
85
- "skipped": {
86
- "accessibility": "No user interface changes",
87
- "infrastructure": "No deployment changes"
88
- }
89
- }
90
- ```
91
-
92
- ## Rules
93
-
94
- - **Task-driven** - Focus on what the specific task needs
95
- - **Less is more** - 2-4 focused checklists beat 10 unfocused
96
- - **Security is special** - Default to including unless clearly irrelevant
97
- - **Explain your reasoning** - Don't just pick, justify selections AND skips
98
- - **Context matters** - Small typo fix ≠ major refactor in checklist needs
@@ -1,68 +0,0 @@
1
- # Orchestrator
2
-
3
- Load project context for task execution.
4
-
5
- ## Flow
6
-
7
- ```
8
- p. {command} → Load Config → Load State → Load Agents → Execute
9
- ```
10
-
11
- ## Step 1: Load Config
12
-
13
- ```
14
- READ: .prjct/prjct.config.json → {projectId}
15
- SET: {globalPath} = ~/.prjct-cli/projects/{projectId}
16
- ```
17
-
18
- ## Step 2: Load State
19
-
20
- ```bash
21
- prjct dash compact
22
- # Parse output to determine: {hasActiveTask}
23
- ```
24
-
25
- ## Step 3: Load Agents
26
-
27
- ```
28
- GLOB: {globalPath}/agents/*.md
29
- FOR EACH agent: READ and store content
30
- ```
31
-
32
- ## Step 4: Detect Domains
33
-
34
- Analyze task → identify domains:
35
- - frontend: UI, forms, components
36
- - backend: API, server logic
37
- - database: Schema, queries
38
- - testing: Tests, mocks
39
- - devops: CI/CD, deployment
40
-
41
- IF task spans 3+ domains → fragment into subtasks
42
-
43
- ## Step 5: Build Context
44
-
45
- Combine: state + agents + detected domains → execute
46
-
47
- ## Output Format
48
-
49
- ```
50
- 🎯 Task: {description}
51
- 📦 Context: Agent: {name} | State: {status} | Domains: {list}
52
- ```
53
-
54
- ## Error Handling
55
-
56
- | Situation | Action |
57
- |-----------|--------|
58
- | No config | "Run `p. init` first" |
59
- | No state | Create default |
60
- | No agents | Warn, continue |
61
-
62
- ## Disable
63
-
64
- ```yaml
65
- ---
66
- orchestrator: false
67
- ---
68
- ```
@@ -1,89 +0,0 @@
1
- # Task Fragmentation
2
-
3
- Break complex multi-domain tasks into subtasks.
4
-
5
- ## When to Fragment
6
-
7
- - Spans 3+ domains (frontend + backend + database)
8
- - Has natural dependency order
9
- - Too large for single execution
10
-
11
- ## When NOT to Fragment
12
-
13
- - Single domain only
14
- - Small, focused change
15
- - Already atomic
16
-
17
- ## Dependency Order
18
-
19
- 1. **Database** (models first)
20
- 2. **Backend** (API using models)
21
- 3. **Frontend** (UI using API)
22
- 4. **Testing** (tests for all)
23
- 5. **DevOps** (deploy)
24
-
25
- ## Subtask Format
26
-
27
- ```json
28
- {
29
- "subtasks": [{
30
- "id": "subtask-1",
31
- "description": "Create users table",
32
- "domain": "database",
33
- "agent": "database.md",
34
- "dependsOn": []
35
- }]
36
- }
37
- ```
38
-
39
- ## Output
40
-
41
- ```
42
- 🎯 Task: {task}
43
-
44
- 📋 Subtasks:
45
- ├─ 1. [database] Create schema
46
- ├─ 2. [backend] Create API
47
- └─ 3. [frontend] Create form
48
- ```
49
-
50
- ## Delegation
51
-
52
- ```
53
- Task(
54
- subagent_type: 'general-purpose',
55
- prompt: '
56
- Read: {agentsPath}/{domain}.md
57
- Subtask: {description}
58
- Previous: {previousSummary}
59
- Focus ONLY on this subtask.
60
- '
61
- )
62
- ```
63
-
64
- ## Progress
65
-
66
- ```
67
- 📊 Progress: 2/4 (50%)
68
- ✅ 1. [database] Done
69
- ✅ 2. [backend] Done
70
- ▶️ 3. [frontend] ← CURRENT
71
- ⏳ 4. [testing]
72
- ```
73
-
74
- ## Error Handling
75
-
76
- ```
77
- ❌ Subtask 2/4 failed
78
-
79
- Options:
80
- 1. Retry
81
- 2. Skip and continue
82
- 3. Abort
83
- ```
84
-
85
- ## Anti-Patterns
86
-
87
- - Over-fragmentation: 10 subtasks for "add button"
88
- - Under-fragmentation: 1 subtask for "add auth system"
89
- - Wrong order: Frontend before backend
@@ -1,67 +0,0 @@
1
- # AGENTS.md
2
-
3
- AI assistant guidance for **prjct-cli** - context layer for AI coding agents. Works with Claude Code, Codex, Gemini CLI, OpenCode, Qwen Code, Cline, Cursor, Windsurf, and any AGENTS.md-aware runtime.
4
-
5
- ## What This Is
6
-
7
- **NOT** project management. NO sprints, story points, ceremonies, or meetings.
8
-
9
- **IS** a context layer that gives AI agents the project knowledge they need to work effectively.
10
-
11
- ---
12
-
13
- ## Agent Contract
14
-
15
- Run `prjct <command> --md` and follow the CLI output. Prefer `prjct_*` MCP tools when the active client exposes them.
16
-
17
- ## Architecture
18
-
19
- **Global**: `~/.prjct-cli/projects/{id}/`
20
- ```
21
- prjct.db # SQLite database (all state)
22
- agents/ # domain specialists
23
- ```
24
-
25
- **Local**: `.prjct/prjct.config.json` (read-only)
26
-
27
- ## Commands
28
-
29
- | Command | Action |
30
- |---------|--------|
31
- | `prjct init` | Initialize |
32
- | `prjct sync --md` | Analyze + refresh agent context |
33
- | `prjct task "X" --md` | Start task |
34
- | `prjct status done --md` | Complete active task |
35
- | `prjct ship --md` | Ship feature |
36
- | `prjct status --md` | Show current task/workflow state |
37
-
38
- ## Intent Detection
39
-
40
- | Intent | Command |
41
- |--------|---------|
42
- | Start task | `prjct task "<desc>" --md` |
43
- | Finish | `prjct status done --md` |
44
- | Ship | `prjct ship --md` |
45
- | What's active | `prjct status --md` |
46
-
47
- ## Implementation
48
-
49
- - Atomic operations via `prjct` CLI
50
- - CLI handles all state persistence (SQLite)
51
- - Handle missing config gracefully
52
-
53
- ## Crew mode (opt-in)
54
-
55
- Projects that want a multi-agent workflow can run `prjct crew install` to drop a leader/implementer/reviewer trio into `.claude/agents/`, a project `CHECKPOINTS.md`, and a CLAUDE.md snippet that locks the main session into orchestrator role. Templates live in `templates/crew/`. Uninstall with `prjct crew uninstall`. Strictly opt-in — not invoked by `init`/`sync`.
56
-
57
- ### Crew roster
58
-
59
- Each member has a stable name + color so you can identify who is acting at a glance, in any LLM. Source of truth: `templates/crew/registry.json`.
60
-
61
- | Name | Role | Color |
62
- |---|---|---|
63
- | Leader | Orchestrator | blue |
64
- | Implementer | Worker | purple |
65
- | Reviewer | Strict auditor | pink |
66
-
67
- Crew SUBAGENT DISPATCH is Claude Code only (only Claude Code currently exposes an Agent tool that can spawn typed subagents). In Codex / Gemini / Cursor / Windsurf the roster above is informational — the same session plays whichever role the prompt names; identify it explicitly when you reply ("acting as Implementer").
@@ -1,28 +0,0 @@
1
- # Architecture Checklist
2
-
3
- > Applies to ANY system architecture
4
-
5
- ## Design Principles
6
- - [ ] Clear separation of concerns
7
- - [ ] Loose coupling between components
8
- - [ ] High cohesion within modules
9
- - [ ] Single source of truth for data
10
- - [ ] Explicit dependencies (no hidden coupling)
11
-
12
- ## Scalability
13
- - [ ] Stateless where possible
14
- - [ ] Horizontal scaling considered
15
- - [ ] Bottlenecks identified
16
- - [ ] Caching strategy defined
17
-
18
- ## Resilience
19
- - [ ] Failure modes documented
20
- - [ ] Graceful degradation planned
21
- - [ ] Recovery procedures defined
22
- - [ ] Circuit breakers where needed
23
-
24
- ## Maintainability
25
- - [ ] Clear boundaries between layers
26
- - [ ] Easy to test in isolation
27
- - [ ] Configuration externalized
28
- - [ ] Logging and observability built-in
@@ -1,28 +0,0 @@
1
- # Code Quality Checklist
2
-
3
- > Universal principles for ANY programming language
4
-
5
- ## Universal Principles
6
- - [ ] Single Responsibility: Each unit does ONE thing well
7
- - [ ] DRY: No duplicated logic (extract shared code)
8
- - [ ] KISS: Simplest solution that works
9
- - [ ] Clear naming: Self-documenting identifiers
10
- - [ ] Consistent patterns: Match existing codebase style
11
-
12
- ## Error Handling
13
- - [ ] All error paths handled gracefully
14
- - [ ] Meaningful error messages
15
- - [ ] No silent failures
16
- - [ ] Proper resource cleanup (files, connections, memory)
17
-
18
- ## Edge Cases
19
- - [ ] Null/nil/None handling
20
- - [ ] Empty collections handled
21
- - [ ] Boundary conditions tested
22
- - [ ] Invalid input rejected early
23
-
24
- ## Code Organization
25
- - [ ] Functions/methods are small and focused
26
- - [ ] Related code grouped together
27
- - [ ] Clear module/package boundaries
28
- - [ ] No circular dependencies
@@ -1,33 +0,0 @@
1
- # Data Checklist
2
-
3
- > Applies to: SQL, NoSQL, GraphQL, File storage, Caching
4
-
5
- ## Data Integrity
6
- - [ ] Schema/structure defined
7
- - [ ] Constraints enforced
8
- - [ ] Transactions used appropriately
9
- - [ ] Referential integrity maintained
10
-
11
- ## Query Performance
12
- - [ ] Indexes on frequent queries
13
- - [ ] N+1 queries eliminated
14
- - [ ] Query complexity analyzed
15
- - [ ] Pagination for large datasets
16
-
17
- ## Data Operations
18
- - [ ] Migrations versioned and reversible
19
- - [ ] Backup and restore tested
20
- - [ ] Data validation at boundary
21
- - [ ] Soft deletes considered (if applicable)
22
-
23
- ## Caching
24
- - [ ] Cache invalidation strategy defined
25
- - [ ] TTL values appropriate
26
- - [ ] Cache warming considered
27
- - [ ] Cache hit/miss monitored
28
-
29
- ## Data Privacy
30
- - [ ] PII identified and protected
31
- - [ ] Data anonymization where needed
32
- - [ ] Audit trail for sensitive data
33
- - [ ] Data deletion procedures defined
@@ -1,33 +0,0 @@
1
- # Documentation Checklist
2
-
3
- > Applies to ALL projects
4
-
5
- ## Essential Docs
6
- - [ ] README with quick start
7
- - [ ] Installation instructions
8
- - [ ] Configuration options documented
9
- - [ ] Common use cases shown
10
-
11
- ## Code Documentation
12
- - [ ] Public APIs documented
13
- - [ ] Complex logic explained
14
- - [ ] Architecture decisions recorded (ADRs)
15
- - [ ] Diagrams for complex flows
16
-
17
- ## Operational Docs
18
- - [ ] Deployment process documented
19
- - [ ] Troubleshooting guide
20
- - [ ] Runbooks for common issues
21
- - [ ] Changelog maintained
22
-
23
- ## API Documentation
24
- - [ ] All endpoints documented
25
- - [ ] Request/response examples
26
- - [ ] Error codes explained
27
- - [ ] Authentication documented
28
-
29
- ## Maintenance
30
- - [ ] Docs updated with code changes
31
- - [ ] Version-specific documentation
32
- - [ ] Broken links checked
33
- - [ ] Examples tested and working
@@ -1,33 +0,0 @@
1
- # Infrastructure Checklist
2
-
3
- > Applies to: Cloud, On-prem, Hybrid, Edge
4
-
5
- ## Deployment
6
- - [ ] Infrastructure as Code (Terraform, Pulumi, CloudFormation, etc.)
7
- - [ ] Reproducible environments
8
- - [ ] Rollback strategy defined
9
- - [ ] Blue-green or canary deployment option
10
-
11
- ## Observability
12
- - [ ] Logging strategy defined
13
- - [ ] Metrics collection configured
14
- - [ ] Alerting thresholds set
15
- - [ ] Distributed tracing (if applicable)
16
-
17
- ## Security
18
- - [ ] Secrets management (not in code)
19
- - [ ] Network segmentation
20
- - [ ] Least privilege access
21
- - [ ] Encryption at rest and in transit
22
-
23
- ## Reliability
24
- - [ ] Backup strategy defined
25
- - [ ] Disaster recovery plan
26
- - [ ] Health checks configured
27
- - [ ] Auto-scaling rules (if applicable)
28
-
29
- ## Cost Management
30
- - [ ] Resource sizing appropriate
31
- - [ ] Unused resources identified
32
- - [ ] Cost monitoring in place
33
- - [ ] Budget alerts configured
@@ -1,33 +0,0 @@
1
- # Performance Checklist
2
-
3
- > Applies to: Backend, Frontend, Mobile, Database
4
-
5
- ## Analysis
6
- - [ ] Bottlenecks identified with profiling
7
- - [ ] Baseline metrics established
8
- - [ ] Performance budgets defined
9
- - [ ] Benchmarks before/after changes
10
-
11
- ## Optimization Strategies
12
- - [ ] Algorithmic complexity reviewed (O(n) vs O(n²))
13
- - [ ] Appropriate data structures used
14
- - [ ] Caching implemented where beneficial
15
- - [ ] Lazy loading for expensive operations
16
-
17
- ## Resource Management
18
- - [ ] Memory usage optimized
19
- - [ ] Connection pooling used
20
- - [ ] Batch operations where applicable
21
- - [ ] Async/parallel processing considered
22
-
23
- ## Frontend Specific
24
- - [ ] Bundle size optimized
25
- - [ ] Images optimized
26
- - [ ] Critical rendering path optimized
27
- - [ ] Network requests minimized
28
-
29
- ## Backend Specific
30
- - [ ] Database queries optimized
31
- - [ ] Response compression enabled
32
- - [ ] Proper indexing in place
33
- - [ ] Connection limits configured
@@ -1,33 +0,0 @@
1
- # Security Checklist
2
-
3
- > ALWAYS ON - Applies to ALL applications
4
-
5
- ## Input/Output
6
- - [ ] All user input validated and sanitized
7
- - [ ] Output encoded appropriately (prevent injection)
8
- - [ ] File uploads restricted and scanned
9
- - [ ] No sensitive data in logs or error messages
10
-
11
- ## Authentication & Authorization
12
- - [ ] Strong authentication mechanism
13
- - [ ] Proper session management
14
- - [ ] Authorization checked at every access point
15
- - [ ] Principle of least privilege applied
16
-
17
- ## Data Protection
18
- - [ ] Sensitive data encrypted at rest
19
- - [ ] Secure transmission (TLS/HTTPS)
20
- - [ ] PII handled according to regulations
21
- - [ ] Data retention policies followed
22
-
23
- ## Dependencies
24
- - [ ] Dependencies from trusted sources
25
- - [ ] Known vulnerabilities checked
26
- - [ ] Minimal dependency surface
27
- - [ ] Regular security updates planned
28
-
29
- ## API Security
30
- - [ ] Rate limiting implemented
31
- - [ ] Authentication required for sensitive endpoints
32
- - [ ] CORS properly configured
33
- - [ ] API keys/tokens secured
@@ -1,33 +0,0 @@
1
- # Testing Checklist
2
-
3
- > Applies to: Unit, Integration, E2E, Performance testing
4
-
5
- ## Coverage Strategy
6
- - [ ] Critical paths have high coverage
7
- - [ ] Happy path tested
8
- - [ ] Error paths tested
9
- - [ ] Edge cases covered
10
-
11
- ## Test Quality
12
- - [ ] Tests are deterministic (no flaky tests)
13
- - [ ] Tests are independent (no order dependency)
14
- - [ ] Tests are fast (optimize slow tests)
15
- - [ ] Tests are readable (clear intent)
16
-
17
- ## Test Types
18
- - [ ] Unit tests for business logic
19
- - [ ] Integration tests for boundaries
20
- - [ ] E2E tests for critical flows
21
- - [ ] Performance tests for bottlenecks
22
-
23
- ## Mocking Strategy
24
- - [ ] External services mocked
25
- - [ ] Database isolated or mocked
26
- - [ ] Time-dependent code controlled
27
- - [ ] Random values seeded
28
-
29
- ## Test Maintenance
30
- - [ ] Tests updated with code changes
31
- - [ ] Dead tests removed
32
- - [ ] Test data managed properly
33
- - [ ] CI/CD integration working
@@ -1,37 +0,0 @@
1
- # UX/UI Checklist
2
-
3
- > Applies to: Web, Mobile, CLI, Desktop, API DX
4
-
5
- ## User Experience
6
- - [ ] Clear user journey/flow
7
- - [ ] Feedback for every action
8
- - [ ] Loading states shown
9
- - [ ] Error states handled gracefully
10
- - [ ] Success confirmation provided
11
-
12
- ## Interface Design
13
- - [ ] Consistent visual language
14
- - [ ] Intuitive navigation
15
- - [ ] Responsive/adaptive layout (if applicable)
16
- - [ ] Touch targets adequate (mobile)
17
- - [ ] Keyboard navigation (web/desktop)
18
-
19
- ## CLI Specific
20
- - [ ] Help text for all commands
21
- - [ ] Clear error messages with suggestions
22
- - [ ] Progress indicators for long operations
23
- - [ ] Consistent flag naming conventions
24
- - [ ] Exit codes meaningful
25
-
26
- ## API DX (Developer Experience)
27
- - [ ] Intuitive endpoint/function naming
28
- - [ ] Consistent response format
29
- - [ ] Helpful error messages with codes
30
- - [ ] Good documentation with examples
31
- - [ ] Predictable behavior
32
-
33
- ## Information Architecture
34
- - [ ] Content hierarchy clear
35
- - [ ] Important actions prominent
36
- - [ ] Related items grouped
37
- - [ ] Search/filter for large datasets