npm - rebar-mcp - Versions diffs - 2.0.0 - Mend

rebar-mcp 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (248) hide show

package/.claude/agents/template-writer.md +43 -0
package/.claude/agents/test-runner.md +47 -0
package/.claude/mcp.json +9 -0
package/.claude/settings.json +29 -0
package/.claude/skills/ /SKILL.md +21 -0
package/.claude/skills/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/SKILL.md +21 -0
package/.claude/skills/bmmibwetxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmibwjgvxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmibwsesxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmibwxufxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmibx3r9xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmji0lrkxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmjiniphxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmjio86zxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmjiolfbxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmjit1lvxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bmmjita1qxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/SKILL.md +21 -0
package/.claude/skills/bnd-mmibweu3/SKILL.md +21 -0
package/.claude/skills/bnd-mmibwjh4/SKILL.md +21 -0
package/.claude/skills/bnd-mmibwsey/SKILL.md +21 -0
package/.claude/skills/bnd-mmibwxup/SKILL.md +21 -0
package/.claude/skills/bnd-mmibx3rg/SKILL.md +21 -0
package/.claude/skills/bnd-mmji0lrp/SKILL.md +21 -0
package/.claude/skills/bnd-mmjinipm/SKILL.md +21 -0
package/.claude/skills/bnd-mmjio875/SKILL.md +21 -0
package/.claude/skills/bnd-mmjiolfg/SKILL.md +21 -0
package/.claude/skills/bnd-mmjit1m3/SKILL.md +21 -0
package/.claude/skills/bnd-mmjita1x/SKILL.md +21 -0
package/.claude/skills/coercion-test/SKILL.md +50 -0
package/.claude/skills/large-skill/SKILL.md +21 -0
package/.claude/skills/long-desc-skill/SKILL.md +21 -0
package/.claude/skills/mcp-dev/SKILL.md +61 -0
package/.claude/skills/nl-mmibweus/SKILL.md +25 -0
package/.claude/skills/nl-mmibwjhf/SKILL.md +25 -0
package/.claude/skills/nl-mmibwsf7/SKILL.md +25 -0
package/.claude/skills/nl-mmibwxvq/SKILL.md +25 -0
package/.claude/skills/nl-mmibx3rt/SKILL.md +25 -0
package/.claude/skills/nl-mmji0lrz/SKILL.md +25 -0
package/.claude/skills/nl-mmjinipx/SKILL.md +25 -0
package/.claude/skills/nl-mmjio87f/SKILL.md +25 -0
package/.claude/skills/nl-mmjiolfs/SKILL.md +25 -0
package/.claude/skills/nl-mmjit1mc/SKILL.md +25 -0
package/.claude/skills/nl-mmjita26/SKILL.md +25 -0
package/.claude/skills/rapid-1/SKILL.md +21 -0
package/.claude/skills/rapid-2/SKILL.md +21 -0
package/.claude/skills/rapid-3/SKILL.md +21 -0
package/.claude/skills/rapid-4/SKILL.md +21 -0
package/.claude/skills/rapid-5/SKILL.md +21 -0
package/.claude/skills/test/", /"malicious/": /"true/SKILL.md" +69 -0
package/.claude/skills/test-emoji-/360/237/230/200-skill/SKILL.md +69 -0
package/.claude/skills/test-skill/SKILL.md +69 -0
package/.claude/skills/test; rm -rf /; skill/SKILL.md +69 -0
package/.claude/skills/test<script>alert(1)</script>skill/SKILL.md +69 -0
package/.claudeignore +5 -0
package/.mcp.json +3 -0
package/CHANGELOG.md +29 -0
package/CLAUDE.md +76 -0
package/LICENSE +21 -0
package/README.md +149 -0
package/ROADMAP.md +526 -0
package/ccboot-PRD-v1.0.docx.md +732 -0
package/ccboot-v1.2.0-enforcement-spec.md +1272 -0
package/dist/cli.d.ts +3 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +674 -0
package/dist/cli.js.map +1 -0
package/dist/constants.d.ts +25 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +118 -0
package/dist/constants.js.map +1 -0
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +47 -0
package/dist/index.js.map +1 -0
package/dist/schemas/common.d.ts +62 -0
package/dist/schemas/common.d.ts.map +1 -0
package/dist/schemas/common.js +15 -0
package/dist/schemas/common.js.map +1 -0
package/dist/schemas/scaffolding.d.ts +277 -0
package/dist/schemas/scaffolding.d.ts.map +1 -0
package/dist/schemas/scaffolding.js +133 -0
package/dist/schemas/scaffolding.js.map +1 -0
package/dist/services/claudemd-generator.d.ts +16 -0
package/dist/services/claudemd-generator.d.ts.map +1 -0
package/dist/services/claudemd-generator.js +426 -0
package/dist/services/claudemd-generator.js.map +1 -0
package/dist/services/codex-generator.d.ts +6 -0
package/dist/services/codex-generator.d.ts.map +1 -0
package/dist/services/codex-generator.js +35 -0
package/dist/services/codex-generator.js.map +1 -0
package/dist/services/cursor-generator.d.ts +15 -0
package/dist/services/cursor-generator.d.ts.map +1 -0
package/dist/services/cursor-generator.js +134 -0
package/dist/services/cursor-generator.js.map +1 -0
package/dist/services/file-ops.d.ts +48 -0
package/dist/services/file-ops.d.ts.map +1 -0
package/dist/services/file-ops.js +153 -0
package/dist/services/file-ops.js.map +1 -0
package/dist/services/output-formatter.d.ts +57 -0
package/dist/services/output-formatter.d.ts.map +1 -0
package/dist/services/output-formatter.js +88 -0
package/dist/services/output-formatter.js.map +1 -0
package/dist/services/platform-detect.d.ts +14 -0
package/dist/services/platform-detect.d.ts.map +1 -0
package/dist/services/platform-detect.js +63 -0
package/dist/services/platform-detect.js.map +1 -0
package/dist/services/project-analyzer.d.ts +71 -0
package/dist/services/project-analyzer.d.ts.map +1 -0
package/dist/services/project-analyzer.js +595 -0
package/dist/services/project-analyzer.js.map +1 -0
package/dist/services/rules-engine.d.ts +41 -0
package/dist/services/rules-engine.d.ts.map +1 -0
package/dist/services/rules-engine.js +304 -0
package/dist/services/rules-engine.js.map +1 -0
package/dist/services/strictness.d.ts +37 -0
package/dist/services/strictness.d.ts.map +1 -0
package/dist/services/strictness.js +182 -0
package/dist/services/strictness.js.map +1 -0
package/dist/services/template-engine.d.ts +16 -0
package/dist/services/template-engine.d.ts.map +1 -0
package/dist/services/template-engine.js +85 -0
package/dist/services/template-engine.js.map +1 -0
package/dist/services/validation.d.ts +41 -0
package/dist/services/validation.d.ts.map +1 -0
package/dist/services/validation.js +104 -0
package/dist/services/validation.js.map +1 -0
package/dist/services/windsurf-generator.d.ts +15 -0
package/dist/services/windsurf-generator.d.ts.map +1 -0
package/dist/services/windsurf-generator.js +127 -0
package/dist/services/windsurf-generator.js.map +1 -0
package/dist/tests/enforcement.test.d.ts +2 -0
package/dist/tests/enforcement.test.d.ts.map +1 -0
package/dist/tests/enforcement.test.js +541 -0
package/dist/tests/enforcement.test.js.map +1 -0
package/dist/tests/enterprise.test.d.ts +2 -0
package/dist/tests/enterprise.test.d.ts.map +1 -0
package/dist/tests/enterprise.test.js +353 -0
package/dist/tests/enterprise.test.js.map +1 -0
package/dist/tests/fuzzing.test.d.ts +2 -0
package/dist/tests/fuzzing.test.d.ts.map +1 -0
package/dist/tests/fuzzing.test.js +596 -0
package/dist/tests/fuzzing.test.js.map +1 -0
package/dist/tests/knowledge.test.d.ts +2 -0
package/dist/tests/knowledge.test.d.ts.map +1 -0
package/dist/tests/knowledge.test.js +292 -0
package/dist/tests/knowledge.test.js.map +1 -0
package/dist/tests/management.test.d.ts +2 -0
package/dist/tests/management.test.d.ts.map +1 -0
package/dist/tests/management.test.js +338 -0
package/dist/tests/management.test.js.map +1 -0
package/dist/tests/scaffolding.test.d.ts +2 -0
package/dist/tests/scaffolding.test.d.ts.map +1 -0
package/dist/tests/scaffolding.test.js +419 -0
package/dist/tests/scaffolding.test.js.map +1 -0
package/dist/tests/test-utils.d.ts +76 -0
package/dist/tests/test-utils.d.ts.map +1 -0
package/dist/tests/test-utils.js +171 -0
package/dist/tests/test-utils.js.map +1 -0
package/dist/tests/tool-harness.d.ts +18 -0
package/dist/tests/tool-harness.d.ts.map +1 -0
package/dist/tests/tool-harness.js +51 -0
package/dist/tests/tool-harness.js.map +1 -0
package/dist/tools/enterprise.d.ts +8 -0
package/dist/tools/enterprise.d.ts.map +1 -0
package/dist/tools/enterprise.js +571 -0
package/dist/tools/enterprise.js.map +1 -0
package/dist/tools/knowledge.d.ts +7 -0
package/dist/tools/knowledge.d.ts.map +1 -0
package/dist/tools/knowledge.js +120 -0
package/dist/tools/knowledge.js.map +1 -0
package/dist/tools/management.d.ts +10 -0
package/dist/tools/management.d.ts.map +1 -0
package/dist/tools/management.js +1541 -0
package/dist/tools/management.js.map +1 -0
package/dist/tools/scaffolding.d.ts +8 -0
package/dist/tools/scaffolding.d.ts.map +1 -0
package/dist/tools/scaffolding.js +736 -0
package/dist/tools/scaffolding.js.map +1 -0
package/dist/types.d.ts +54 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +5 -0
package/dist/types.js.map +1 -0
package/landing/app/layout.tsx +30 -0
package/landing/app/page.tsx +944 -0
package/landing/next-env.d.ts +6 -0
package/landing/next.config.js +6 -0
package/landing/package-lock.json +896 -0
package/landing/package.json +20 -0
package/landing/tsconfig.json +40 -0
package/package.json +49 -0
package/rebar-v2.0.0-platform-spec.md +1567 -0
package/server.json +20 -0
package/src/cli.ts +735 -0
package/src/constants.ts +131 -0
package/src/index.ts +54 -0
package/src/schemas/common.ts +22 -0
package/src/schemas/scaffolding.ts +161 -0
package/src/services/claudemd-generator.ts +481 -0
package/src/services/codex-generator.ts +44 -0
package/src/services/cursor-generator.ts +153 -0
package/src/services/file-ops.ts +172 -0
package/src/services/platform-detect.ts +80 -0
package/src/services/project-analyzer.ts +690 -0
package/src/services/rules-engine.ts +353 -0
package/src/services/strictness.ts +202 -0
package/src/services/template-engine.ts +119 -0
package/src/services/validation.ts +138 -0
package/src/services/windsurf-generator.ts +145 -0
package/src/tests/enforcement.test.ts +794 -0
package/src/tests/enterprise.test.ts +483 -0
package/src/tests/fuzzing.test.ts +690 -0
package/src/tests/knowledge.test.ts +371 -0
package/src/tests/management.test.ts +451 -0
package/src/tests/scaffolding.test.ts +575 -0
package/src/tests/test-utils.ts +206 -0
package/src/tests/tool-harness.ts +70 -0
package/src/tools/enterprise.ts +666 -0
package/src/tools/knowledge.ts +162 -0
package/src/tools/management.ts +1706 -0
package/src/tools/scaffolding.ts +909 -0
package/src/types.ts +93 -0
package/supabase/.temp/cli-latest +1 -0
package/supabase/.temp/gotrue-version +1 -0
package/supabase/.temp/pooler-url +1 -0
package/supabase/.temp/postgres-version +1 -0
package/supabase/.temp/project-ref +1 -0
package/supabase/.temp/rest-version +1 -0
package/supabase/.temp/storage-migration +1 -0
package/supabase/.temp/storage-version +1 -0
package/templates/agents/explore.md +41 -0
package/templates/agents/plan.md +73 -0
package/templates/agents/security-auditor.md +77 -0
package/templates/agents/test-runner.md +60 -0
package/templates/claudemd/fastapi.md +49 -0
package/templates/claudemd/monorepo.md +48 -0
package/templates/claudemd/nextjs.md +52 -0
package/templates/claudemd/react-spa.md +50 -0
package/templates/claudemd/springboot.md +50 -0
package/templates/hooks/danger-blocker.json +11 -0
package/templates/hooks/format-on-write.json +17 -0
package/templates/hooks/lint-on-write.json +16 -0
package/templates/hooks/secret-detector.json +11 -0
package/templates/skills/code-review.md +68 -0
package/templates/skills/documentation.md +62 -0
package/templates/skills/performance-audit.md +80 -0
package/templates/skills/security-scan.md +66 -0
package/templates/skills/test-writer.md +56 -0
package/tsconfig.json +19 -0

package/templates/skills/code-review.md ADDED Viewed

@@ -0,0 +1,68 @@
+---
+name: code-review
+description: Reviews code changes for security, correctness, performance, and maintainability
+invocation: auto
+context: fork
+agent_type: general-purpose
+allowed_tools:
+  - Read
+  - Grep
+  - Glob
+  - Bash
+---
+# Code Review
+You are a senior staff engineer performing a thorough code review. Your review should
+catch real bugs before production, not nitpick formatting.
+## What to Review
+### 1. Security (Critical)
+- SQL injection, XSS, command injection, path traversal
+- Hardcoded secrets, API keys, or credentials
+- Missing authentication/authorization checks
+- Unsafe deserialization of user input
+- Logging sensitive data (passwords, tokens, PII)
+### 2. Correctness (Critical)
+- Logic errors, off-by-one mistakes, null dereferences
+- Race conditions in concurrent code
+- Missing error handling for I/O operations
+- Incorrect types or unsafe casts
+- Edge cases: empty arrays, zero values, undefined, null
+### 3. Performance (Warning)
+- N+1 database queries (loops that trigger queries)
+- Missing database indexes for common query patterns
+- Unbounded data fetching (no pagination/limits)
+- Memory leaks: unclosed streams, unremoved event listeners
+- Sequential async calls that could be parallelized
+### 4. Maintainability (Suggestion)
+- Functions over 50 lines that should be extracted
+- Duplicated logic that should be shared
+- Unclear naming that will confuse future developers
+- Missing type safety that invites runtime errors
+## Output Format
+Group findings by severity. For each finding:
+```
+[SEVERITY] file:line — Brief title
+  Problem: What's wrong and why it matters
+  Fix: Specific code change to make
+```
+Severities:
+- **CRITICAL**: Must fix — security vulnerability or data loss risk
+- **BUG**: Likely defect — incorrect behavior in normal use
+- **WARNING**: Should fix — performance issue or code smell
+- **SUGGESTION**: Consider — improvement for readability/maintainability
+## Rules
+- Never flag formatting issues (linters handle that)
+- Never suggest adding comments to self-documenting code
+- If the code is clean, say so — don't invent issues
+- Be specific: "Line 42: `userId` can be null here" not "check for null values"

package/templates/skills/documentation.md ADDED Viewed

@@ -0,0 +1,62 @@
+---
+name: documentation
+description: Generates and updates project documentation from code analysis
+invocation: user
+context: inline
+allowed_tools:
+  - Read
+  - Write
+  - Grep
+  - Glob
+---
+# Documentation
+Generate useful documentation, not documentation for documentation's sake.
+## What to Document
+### High Value (always worth documenting)
+- **API endpoints**: Method, path, request/response schemas, auth requirements, examples
+- **Architecture decisions**: Why we chose X over Y (create ADRs for these)
+- **Setup procedures**: How to get the project running from scratch
+- **Non-obvious behavior**: Code that does something surprising or counterintuitive
+- **Domain terminology**: Business terms that appear in the code
+### Low Value (skip unless asked)
+- Self-documenting function signatures
+- Trivial getters/setters
+- Framework boilerplate
+- Comments that restate the code
+## Documentation Formats
+### API Documentation
+```
+## POST /api/users
+Creates a new user account.
+**Auth**: Bearer token (admin role required)
+**Rate limit**: 10 requests/minute
+**Request body**:
+| Field    | Type   | Required | Description           |
+|----------|--------|----------|-----------------------|
+| email    | string | yes      | Valid email address    |
+| name     | string | yes      | Display name (2-100 chars) |
+**Response**: 201 Created
+**Errors**: 400 (validation), 409 (email taken), 429 (rate limit)
+```
+### Code Comments
+- Use JSDoc/docstrings for public API functions
+- Explain WHY, not WHAT (the code shows what)
+- Link to related ADRs or tickets for complex logic
+## Rules
+- Write for someone who just joined the team
+- Include runnable examples, not pseudocode
+- Keep docs next to the code they describe
+- If a doc is wrong, it's worse than no doc — verify accuracy

package/templates/skills/performance-audit.md ADDED Viewed

@@ -0,0 +1,80 @@
+---
+name: performance-audit
+description: Finds performance bottlenecks — N+1 queries, memory leaks, unnecessary re-renders, bundle bloat
+invocation: user
+context: fork
+agent_type: general-purpose
+allowed_tools:
+  - Read
+  - Grep
+  - Glob
+---
+# Performance Audit
+Find real performance bottlenecks that affect user experience,
+not micro-optimizations that save nanoseconds.
+## Checks (by impact)
+### Database (High Impact)
+- **N+1 queries**: Database calls inside `for` loops, `.map()`, or `.forEach()`
+  ```
+  // BAD: 1 + N queries
+  const users = await db.users.findAll();
+  for (const user of users) {
+    user.orders = await db.orders.findByUserId(user.id); // N queries!
+  }
+  // GOOD: 2 queries
+  const users = await db.users.findAll({ include: ['orders'] });
+  ```
+- **Missing indexes**: WHERE/ORDER BY columns without indexes
+- **Unbounded queries**: `SELECT *` without LIMIT on large tables
+- **Unnecessary eager loading**: Loading relations that aren't used
+### Frontend (High Impact)
+- **Unnecessary re-renders**: Components re-rendering when props haven't changed
+  - Missing `React.memo()` on expensive components
+  - Unstable object/array references in props (created inline every render)
+  - Missing `useMemo`/`useCallback` for expensive computations
+- **Bundle size**: Large imports that could be lazy-loaded or tree-shaken
+  - `import moment from 'moment'` (use `date-fns` or `dayjs`)
+  - `import _ from 'lodash'` (use `lodash-es` with tree-shaking)
+  - Large components that should use `React.lazy()`
+### Async Patterns (Medium Impact)
+- **Sequential awaits** that could be parallelized:
+  ```
+  // BAD: 600ms total
+  const a = await fetchA(); // 200ms
+  const b = await fetchB(); // 200ms
+  const c = await fetchC(); // 200ms
+  // GOOD: 200ms total
+  const [a, b, c] = await Promise.all([fetchA(), fetchB(), fetchC()]);
+  ```
+- **Missing connection pooling** for database/HTTP connections
+- **No request deduplication**: Same API called multiple times simultaneously
+### Memory (Medium Impact)
+- **Event listener leaks**: `addEventListener` without `removeEventListener`
+- **Timer leaks**: `setInterval` without `clearInterval` on cleanup
+- **Subscription leaks**: Observable subscriptions without unsubscribe
+- **Closure leaks**: Closures holding references to large objects
+## Output Format
+```
+[IMPACT] Category — Title
+  File: path/to/file.ts:42
+  Issue: What the problem is
+  Evidence: How you identified it (query pattern, import size, etc.)
+  Fix: Specific solution with code example
+  Savings: Estimated improvement (e.g., "reduces API calls from N+1 to 2")
+```
+## Rules
+- Focus on bottlenecks that affect P95 latency or real users
+- Don't suggest premature optimization ("this loop runs 3 times")
+- Always provide a concrete fix, not "consider optimizing"

package/templates/skills/security-scan.md ADDED Viewed

@@ -0,0 +1,66 @@
+---
+name: security-scan
+description: Scans code for OWASP Top 10 vulnerabilities and security anti-patterns
+invocation: auto
+context: fork
+agent_type: general-purpose
+allowed_tools:
+  - Read
+  - Grep
+  - Glob
+---
+# Security Scan
+You are a security engineer performing a targeted vulnerability assessment.
+Focus on exploitable issues, not theoretical concerns.
+## OWASP Top 10 Checks
+### A01: Broken Access Control
+- Missing authorization checks on endpoints
+- IDOR: User can access other users' resources by changing IDs
+- Missing CORS restrictions on sensitive endpoints
+- Directory traversal in file paths
+### A02: Cryptographic Failures
+- Passwords stored in plaintext or with weak hashing (MD5, SHA1)
+- Sensitive data transmitted without TLS
+- Hardcoded encryption keys or IVs
+- Use of deprecated crypto algorithms
+### A03: Injection
+- SQL queries built with string concatenation
+- Shell commands with unsanitized user input
+- HTML rendered without escaping (XSS)
+- NoSQL injection vectors
+### A05: Security Misconfiguration
+- Debug mode enabled in production configs
+- Default credentials in config files
+- Stack traces exposed in error responses
+- Permissive CORS (`Access-Control-Allow-Origin: *`)
+### A07: Authentication Failures
+- No brute-force protection on login
+- Session tokens in URLs or logs
+- JWT without expiration or with `none` algorithm
+### A09: Logging Failures
+- Sensitive data in logs (passwords, tokens, SSN, credit cards)
+- Missing audit trail for privileged operations
+## Output Format
+```
+[SEVERITY] OWASP-Category — Title
+  File: path/to/file.ts:42
+  Issue: Specific vulnerability description
+  Exploit: How an attacker could use this
+  Fix: Exact code change needed
+```
+## Rules
+- Only flag real, exploitable vulnerabilities
+- Always include a specific fix, not just "sanitize input"
+- Prioritize: auth bypass > injection > data exposure > misconfiguration

package/templates/skills/test-writer.md ADDED Viewed

@@ -0,0 +1,56 @@
+---
+name: test-writer
+description: Generates comprehensive tests matching the project's existing test patterns
+invocation: user
+context: inline
+allowed_tools:
+  - Read
+  - Write
+  - Grep
+  - Glob
+  - Bash
+---
+# Test Writer
+You write tests that catch real bugs, not tests that just check if the code runs.
+## Before Writing
+1. **Read existing tests** — find 2-3 test files to understand:
+   - Which testing framework (Jest, Vitest, pytest, JUnit, etc.)
+   - Test file naming convention (`.test.ts`, `.spec.ts`, `_test.go`, etc.)
+   - Test location (colocated vs. `__tests__/` vs. `test/`)
+   - Mocking patterns used (jest.mock, vi.mock, unittest.mock, etc.)
+   - Setup/teardown patterns (beforeEach, fixtures, etc.)
+2. **Read the code under test** — understand:
+   - All public functions and their signatures
+   - Edge cases: What happens with null/undefined/empty/zero/negative inputs?
+   - Error paths: What exceptions can be thrown?
+   - Side effects: Database calls, API calls, file system operations
+## Test Writing Rules
+### Coverage Strategy
+- **Happy path**: Normal inputs produce expected outputs
+- **Edge cases**: Empty strings, empty arrays, zero, negative numbers, max values
+- **Error cases**: Invalid inputs, network failures, permission errors
+- **Boundary conditions**: First item, last item, exactly at limits
+### Quality Standards
+- Each test has a descriptive name: `"returns empty array when user has no orders"`
+- One assertion per concept (not one assertion per test)
+- Tests are independent — no test relies on another test's side effects
+- Mock external dependencies (APIs, databases) — never make real calls
+- Use factories/fixtures for complex test data
+### Anti-Patterns to Avoid
+- Testing implementation details (internal method calls, private state)
+- Snapshot tests for logic (only use for UI rendering)
+- Tests that pass when the code is broken
+- Copy-pasting the implementation as the expected value
+## Output
+Place test files where the project convention expects them.
+Run the tests after writing to verify they pass.

package/tsconfig.json ADDED Viewed

@@ -0,0 +1,19 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "Node16",
+    "moduleResolution": "Node16",
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true
+  },
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
+}