refacil-sdd-ai 4.2.4 → 4.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +239 -214
- package/agents/auditor.md +182 -184
- package/agents/debugger.md +201 -204
- package/agents/implementer.md +150 -149
- package/agents/investigator.md +80 -89
- package/agents/proposer.md +219 -124
- package/agents/tester.md +140 -144
- package/agents/validator.md +153 -145
- package/bin/cli.js +158 -116
- package/lib/bus/askFulfillment.js +17 -17
- package/lib/bus/broker.js +599 -599
- package/lib/bus/ui/app.js +318 -318
- package/lib/commands/sdd.js +433 -0
- package/lib/hooks.js +236 -236
- package/lib/installer.js +55 -1
- package/lib/methodology-migration-pending.js +101 -136
- package/package.json +4 -6
- package/skills/apply/SKILL.md +122 -120
- package/skills/archive/SKILL.md +101 -107
- package/skills/ask/SKILL.md +78 -78
- package/skills/attend/SKILL.md +70 -70
- package/skills/bug/SKILL.md +121 -128
- package/skills/explore/SKILL.md +61 -63
- package/skills/guide/SKILL.md +79 -79
- package/skills/inbox/SKILL.md +43 -43
- package/skills/join/SKILL.md +82 -82
- package/skills/prereqs/BUS-CROSS-REPO.md +55 -55
- package/skills/prereqs/METHODOLOGY-CONTRACT.md +122 -115
- package/skills/prereqs/SKILL.md +30 -37
- package/skills/propose/SKILL.md +91 -102
- package/skills/reply/SKILL.md +44 -44
- package/skills/review/SKILL.md +135 -126
- package/skills/review/checklist-back.md +92 -92
- package/skills/review/checklist-front.md +72 -72
- package/skills/review/checklist.md +114 -114
- package/skills/say/SKILL.md +38 -38
- package/skills/setup/SKILL.md +85 -141
- package/skills/setup/troubleshooting.md +38 -35
- package/skills/test/SKILL.md +86 -94
- package/skills/test/testing-patterns.md +63 -63
- package/skills/up-code/SKILL.md +108 -108
- package/skills/update/SKILL.md +109 -132
- package/skills/verify/SKILL.md +128 -132
- package/templates/compact-guidance.md +45 -45
- package/templates/methodology-guide.md +46 -42
- package/config/openspec-config.yaml +0 -8
- package/skills/prereqs/OPENSPEC-DELTAS.md +0 -51
|
@@ -1,72 +1,72 @@
|
|
|
1
|
-
# Checklist
|
|
2
|
-
|
|
3
|
-
>
|
|
4
|
-
>
|
|
5
|
-
|
|
6
|
-
## F1.
|
|
7
|
-
-
|
|
8
|
-
-
|
|
9
|
-
-
|
|
10
|
-
- No
|
|
11
|
-
|
|
12
|
-
## F2.
|
|
13
|
-
-
|
|
14
|
-
- No
|
|
15
|
-
-
|
|
16
|
-
-
|
|
17
|
-
|
|
18
|
-
## F3.
|
|
19
|
-
-
|
|
20
|
-
-
|
|
21
|
-
-
|
|
22
|
-
-
|
|
23
|
-
|
|
24
|
-
## F4.
|
|
25
|
-
-
|
|
26
|
-
-
|
|
27
|
-
-
|
|
28
|
-
-
|
|
29
|
-
|
|
30
|
-
## F5.
|
|
31
|
-
-
|
|
32
|
-
-
|
|
33
|
-
-
|
|
34
|
-
|
|
35
|
-
## F6.
|
|
36
|
-
-
|
|
37
|
-
-
|
|
38
|
-
- Deep linking
|
|
39
|
-
-
|
|
40
|
-
|
|
41
|
-
## F7.
|
|
42
|
-
-
|
|
43
|
-
-
|
|
44
|
-
- No
|
|
45
|
-
-
|
|
46
|
-
- No
|
|
47
|
-
-
|
|
48
|
-
|
|
49
|
-
## F8.
|
|
50
|
-
- No
|
|
51
|
-
- Code splitting /
|
|
52
|
-
-
|
|
53
|
-
-
|
|
54
|
-
- No
|
|
55
|
-
-
|
|
56
|
-
-
|
|
57
|
-
|
|
58
|
-
## F9.
|
|
59
|
-
-
|
|
60
|
-
-
|
|
61
|
-
-
|
|
62
|
-
-
|
|
63
|
-
|
|
64
|
-
## F10.
|
|
65
|
-
- No
|
|
66
|
-
-
|
|
67
|
-
-
|
|
68
|
-
|
|
69
|
-
## F11.
|
|
70
|
-
-
|
|
71
|
-
- Tests
|
|
72
|
-
-
|
|
1
|
+
# Frontend Checklist — Refacil Team
|
|
2
|
+
|
|
3
|
+
> Complements the [general checklist](checklist.md). Applies to **frontend** repositories (web, mobile, desktop applications with UI).
|
|
4
|
+
> Detection: if the project has UI component structure, client-side state management, routes/views, or consumes APIs to render interfaces, apply this checklist.
|
|
5
|
+
|
|
6
|
+
## F1. Components and structure
|
|
7
|
+
- Components have a single responsibility (do not mix business logic with presentation)
|
|
8
|
+
- Complex logic is separated into helper functions, services, or the framework's reuse pattern
|
|
9
|
+
- Reusable components are in the project's shared folder (consult AGENTS.md)
|
|
10
|
+
- No excessively large components (> 200 lines as a guideline — consider extracting)
|
|
11
|
+
|
|
12
|
+
## F2. State and data
|
|
13
|
+
- State is managed at the closest level to where it is needed (avoid passing data unnecessarily through multiple levels)
|
|
14
|
+
- No duplicated or derivable state that can be calculated
|
|
15
|
+
- API calls use the pattern established in the project (consult AGENTS.md)
|
|
16
|
+
- All 4 states of each data-consuming view are handled: loading, error, empty, and with data
|
|
17
|
+
|
|
18
|
+
## F3. Error handling in UI
|
|
19
|
+
- Error handling exists at the component or section level (so the entire app does not crash due to a widget error)
|
|
20
|
+
- Error screens show clear visual feedback to the user (never blank or broken screens)
|
|
21
|
+
- Unexpected errors are captured and logged (if the project has a monitoring service)
|
|
22
|
+
- No errors or warnings in the browser console during normal flows
|
|
23
|
+
|
|
24
|
+
## F4. API integration
|
|
25
|
+
- Network states are handled: retries, timeout, disconnection
|
|
26
|
+
- Requests are cancelled when unmounting the component or navigating away (avoid state updates in already-destroyed components)
|
|
27
|
+
- Long lists use pagination or infinite scroll with incremental loading
|
|
28
|
+
- Duplicate or unnecessary calls to the same endpoint are avoided
|
|
29
|
+
|
|
30
|
+
## F5. Form validation
|
|
31
|
+
- Forms validate user input before submitting
|
|
32
|
+
- Error messages are clear and in the user's language
|
|
33
|
+
- Double submission is prevented (disable button, loading state)
|
|
34
|
+
|
|
35
|
+
## F6. Routing and navigation
|
|
36
|
+
- Protected routes validate authentication/authorization before rendering
|
|
37
|
+
- Handling of not-found routes exists (404 screen or redirect)
|
|
38
|
+
- Deep linking works correctly (accessing an internal URL directly)
|
|
39
|
+
- Post-login/logout redirects are correct
|
|
40
|
+
|
|
41
|
+
## F7. Visual consistency
|
|
42
|
+
- The project's design system components and tokens are used (consult AGENTS.md)
|
|
43
|
+
- The defined spacing and typography scale is respected
|
|
44
|
+
- No unnecessary inline styles if the project has a defined style system
|
|
45
|
+
- Icons and images are optimized (appropriate formats, correct sizes)
|
|
46
|
+
- No hardcoded text if the project uses internationalization (i18n)
|
|
47
|
+
- The UI is responsive if applicable to the project
|
|
48
|
+
|
|
49
|
+
## F8. Frontend performance
|
|
50
|
+
- No unnecessary re-renders (use the framework's memoization/optimization techniques)
|
|
51
|
+
- Code splitting / lazy loading of heavy routes or modules
|
|
52
|
+
- Images use lazy loading
|
|
53
|
+
- Optimized fonts (preload, fallback defined)
|
|
54
|
+
- No heavy dependencies loaded unnecessarily (evaluate bundle size)
|
|
55
|
+
- No duplicate dependencies in the bundle
|
|
56
|
+
- Long lists use virtualization if applicable
|
|
57
|
+
|
|
58
|
+
## F9. Accessibility (a11y)
|
|
59
|
+
- Interactive elements have accessible labels (labels, alternative texts, ARIA roles)
|
|
60
|
+
- Keyboard navigation works correctly
|
|
61
|
+
- Color contrast is adequate
|
|
62
|
+
- Touch targets have an adequate minimum size (44x44px as a guideline)
|
|
63
|
+
|
|
64
|
+
## F10. Frontend security
|
|
65
|
+
- No sensitive data exposed on the client (tokens, secrets, API keys in source code)
|
|
66
|
+
- Inputs are sanitized to prevent XSS
|
|
67
|
+
- Tokens or sensitive data are not stored in client storage without adequate protection
|
|
68
|
+
|
|
69
|
+
## F11. Frontend testing
|
|
70
|
+
- User interaction tests (clicks, forms, navigation)
|
|
71
|
+
- Tests for all 4 visual states (loading, error, empty, with data)
|
|
72
|
+
- Tests verify user behavior, not implementation details
|
|
@@ -1,114 +1,114 @@
|
|
|
1
|
-
# Checklist
|
|
2
|
-
|
|
3
|
-
>
|
|
4
|
-
>
|
|
5
|
-
>
|
|
6
|
-
> **
|
|
7
|
-
> - Backend: [checklist-back.md](checklist-back.md)
|
|
8
|
-
> - Frontend: [checklist-front.md](checklist-front.md)
|
|
9
|
-
|
|
10
|
-
##
|
|
11
|
-
1. Define
|
|
12
|
-
2.
|
|
13
|
-
3.
|
|
14
|
-
4.
|
|
15
|
-
5.
|
|
16
|
-
6.
|
|
17
|
-
|
|
18
|
-
## 1.
|
|
19
|
-
-
|
|
20
|
-
- No
|
|
21
|
-
-
|
|
22
|
-
-
|
|
23
|
-
|
|
24
|
-
## 2.
|
|
25
|
-
-
|
|
26
|
-
-
|
|
27
|
-
-
|
|
28
|
-
-
|
|
29
|
-
|
|
30
|
-
## 3.
|
|
31
|
-
|
|
32
|
-
###
|
|
33
|
-
- No
|
|
34
|
-
-
|
|
35
|
-
|
|
36
|
-
###
|
|
37
|
-
-
|
|
38
|
-
- No
|
|
39
|
-
|
|
40
|
-
### Naming (
|
|
41
|
-
- **Variables**: camelCase — **
|
|
42
|
-
-
|
|
43
|
-
|
|
44
|
-
###
|
|
45
|
-
-
|
|
46
|
-
- No
|
|
47
|
-
-
|
|
48
|
-
- No
|
|
49
|
-
-
|
|
50
|
-
-
|
|
51
|
-
- No
|
|
52
|
-
|
|
53
|
-
## 4.
|
|
54
|
-
- **SRP**:
|
|
55
|
-
- **KISS**:
|
|
56
|
-
-
|
|
57
|
-
- No
|
|
58
|
-
-
|
|
59
|
-
- No
|
|
60
|
-
|
|
61
|
-
>
|
|
62
|
-
|
|
63
|
-
## 5.
|
|
64
|
-
-
|
|
65
|
-
-
|
|
66
|
-
-
|
|
67
|
-
-
|
|
68
|
-
- No
|
|
69
|
-
|
|
70
|
-
## 6. Testing
|
|
71
|
-
-
|
|
72
|
-
-
|
|
73
|
-
-
|
|
74
|
-
-
|
|
75
|
-
-
|
|
76
|
-
-
|
|
77
|
-
- Coverage >= 80%
|
|
78
|
-
-
|
|
79
|
-
|
|
80
|
-
## 7.
|
|
81
|
-
- No
|
|
82
|
-
-
|
|
83
|
-
-
|
|
84
|
-
-
|
|
85
|
-
- No
|
|
86
|
-
|
|
87
|
-
## 8.
|
|
88
|
-
-
|
|
89
|
-
-
|
|
90
|
-
-
|
|
91
|
-
-
|
|
92
|
-
-
|
|
93
|
-
|
|
94
|
-
## 9.
|
|
95
|
-
-
|
|
96
|
-
-
|
|
97
|
-
-
|
|
98
|
-
-
|
|
99
|
-
|
|
100
|
-
## 10. Git
|
|
101
|
-
-
|
|
102
|
-
- No
|
|
103
|
-
- No
|
|
104
|
-
-
|
|
105
|
-
|
|
106
|
-
## 11.
|
|
107
|
-
-
|
|
108
|
-
-
|
|
109
|
-
-
|
|
110
|
-
|
|
111
|
-
##
|
|
112
|
-
- **APROBADO**: No
|
|
113
|
-
- **APROBADO CON OBSERVACIONES**:
|
|
114
|
-
- **REQUIERE CORRECCIONES**:
|
|
1
|
+
# General Checklist — Refacil Team
|
|
2
|
+
|
|
3
|
+
> Applies to **all** repositories (backend, frontend, fullstack), regardless of language or framework.
|
|
4
|
+
> Before evaluating, read the project's `AGENTS.md` to adapt each section to the actual stack.
|
|
5
|
+
> If `AGENTS.md` does not exist, apply this checklist as a baseline and mark N/A for rules that depend on undocumented conventions.
|
|
6
|
+
> **In addition to this checklist**, load the project-type specific checklist:
|
|
7
|
+
> - Backend: [checklist-back.md](checklist-back.md)
|
|
8
|
+
> - Frontend: [checklist-front.md](checklist-front.md)
|
|
9
|
+
|
|
10
|
+
## How to use this checklist (methodology)
|
|
11
|
+
1. Define review scope: `$ARGUMENTS` > `refacil-sdd/changes/` > `git diff`.
|
|
12
|
+
2. Evaluate blockers first: Scope, Spec, Testing, and Security.
|
|
13
|
+
3. Then evaluate Quality, Architecture, Errors, Dependencies, and Maintainability.
|
|
14
|
+
4. Mark each item as PASS, FAIL, or N/A with a brief justification.
|
|
15
|
+
5. For each FAIL, add severity: CRITICAL, HIGH, MEDIUM, or LOW.
|
|
16
|
+
6. If there are many FAILs, prioritize the 5 with the highest impact.
|
|
17
|
+
|
|
18
|
+
## 1. Scope and focus
|
|
19
|
+
- The change does **one single thing** (does not mix features with refactors, or fixes with unsolicited improvements)
|
|
20
|
+
- No functionality was implemented outside the scope of the spec or the reported bug
|
|
21
|
+
- If there are unrelated changes, they must be in a separate commit or PR
|
|
22
|
+
- The change size is reasonable to review (if too large, suggest dividing)
|
|
23
|
+
|
|
24
|
+
## 2. Spec compliance
|
|
25
|
+
- All acceptance criteria from the spec are covered
|
|
26
|
+
- Rejection criteria (edge cases) are handled
|
|
27
|
+
- The data model matches what was specified
|
|
28
|
+
- There are no differences between what the spec says and what the code does
|
|
29
|
+
|
|
30
|
+
## 3. Code quality
|
|
31
|
+
|
|
32
|
+
### Typing (Refacil standard)
|
|
33
|
+
- No use of unconstrained generic types (e.g. `any`, `object`, `dynamic`) — use interfaces, concrete types, or typed generics
|
|
34
|
+
- Interfaces/DTOs are defined for data transport between layers
|
|
35
|
+
|
|
36
|
+
### Object validation (Refacil standard)
|
|
37
|
+
- Both the object AND the property are validated before accessing (null-safe access or guard clause)
|
|
38
|
+
- No direct property access on objects that may be null or undefined
|
|
39
|
+
|
|
40
|
+
### Naming (Refacil standard)
|
|
41
|
+
- **Variables**: camelCase — **Classes**: PascalCase — **Files**: kebab-case with component type
|
|
42
|
+
- Self-documenting names: the name explains the component's purpose without needing comments
|
|
43
|
+
|
|
44
|
+
### Cleanliness
|
|
45
|
+
- The code follows existing repo patterns (check AGENTS.md)
|
|
46
|
+
- No duplicated code that could be extracted
|
|
47
|
+
- Immutable variables are preferred (avoid unnecessary mutations)
|
|
48
|
+
- No loose debug prints/logs, TODOs without an associated ticket, or commented-out code without reason
|
|
49
|
+
- Enums and constants are used for fixed values — configurable values go in configuration files, not hardcoded
|
|
50
|
+
- Imports use project aliases (if applicable)
|
|
51
|
+
- No new circular dependencies
|
|
52
|
+
|
|
53
|
+
## 4. Architecture
|
|
54
|
+
- **SRP**: each class/function has a single responsibility
|
|
55
|
+
- **KISS**: the solution is as simple as possible — no over-engineering or premature abstractions
|
|
56
|
+
- Logic is separated into single-purpose, reusable units
|
|
57
|
+
- No more than 4 parameters are passed to a method — if more are needed, encapsulate in an object/DTO
|
|
58
|
+
- The boundaries and layers defined in AGENTS.md are respected
|
|
59
|
+
- No unnecessary coupling is introduced between modules or services
|
|
60
|
+
|
|
61
|
+
> Architecture varies by project. Consult AGENTS.md to know which applies.
|
|
62
|
+
|
|
63
|
+
## 5. Error handling
|
|
64
|
+
- Errors are handled consistently with the rest of the project
|
|
65
|
+
- Error messages are useful for diagnosis (what failed, in what context)
|
|
66
|
+
- Internal details are not exposed to the user/consumer (stack traces, internal paths, DB IDs)
|
|
67
|
+
- Expected errors (validation, business) are distinguished from unexpected ones (system, infrastructure)
|
|
68
|
+
- No silenced errors (empty catch without log or handling)
|
|
69
|
+
|
|
70
|
+
## 6. Testing
|
|
71
|
+
- Each new/modified file has a corresponding test file
|
|
72
|
+
- Tests cover the acceptance criteria from the spec
|
|
73
|
+
- There are tests for edge cases and error scenarios
|
|
74
|
+
- Tests validate **behavior**, not implementation details (they do not break when refactoring)
|
|
75
|
+
- Mocks are minimal and necessary — do not mock what can be tested directly
|
|
76
|
+
- Tests are independent of each other (do not depend on execution order or shared state)
|
|
77
|
+
- Coverage >= 80% on new files
|
|
78
|
+
- Tests pass without errors (run the test command indicated in AGENTS.md)
|
|
79
|
+
|
|
80
|
+
## 7. Security
|
|
81
|
+
- No hardcoded secrets (passwords, API keys, tokens, internal service URLs)
|
|
82
|
+
- User inputs are validated before processing
|
|
83
|
+
- Sensitive endpoints or routes have appropriate authorization
|
|
84
|
+
- Sensitive information is not exposed in logs, error responses, or client source code
|
|
85
|
+
- No dependencies with known critical vulnerabilities (check if the project has audit configured)
|
|
86
|
+
|
|
87
|
+
## 8. Dependencies
|
|
88
|
+
- New dependencies are justified (no library added for something that can be done in a few lines)
|
|
89
|
+
- The license is compatible with the project
|
|
90
|
+
- The dependency is actively maintained (not abandoned)
|
|
91
|
+
- Does not duplicate functionality that already exists in the project or another installed dependency
|
|
92
|
+
- The version is pinned or uses a safe range (not `*` or `latest`)
|
|
93
|
+
|
|
94
|
+
## 9. Maintainability and observability
|
|
95
|
+
- The code is self-explanatory (comments only where logic is not obvious)
|
|
96
|
+
- Files are not excessively long (< 400 lines as a guideline)
|
|
97
|
+
- If something fails in production, there is enough information to diagnose (logs, traces, context in errors)
|
|
98
|
+
- Configuration changes are documented (new environment variables, flags, parameters)
|
|
99
|
+
|
|
100
|
+
## 10. Git and Deploy
|
|
101
|
+
- Commits are atomic and have descriptive messages
|
|
102
|
+
- No generated, temporary, or sensitive files in the commit (check .gitignore)
|
|
103
|
+
- No undocumented breaking changes
|
|
104
|
+
- If there are migrations, they are reversible and do not break existing data
|
|
105
|
+
|
|
106
|
+
## 11. Project-specific rules
|
|
107
|
+
- Consult the "Critical rules" section of AGENTS.md
|
|
108
|
+
- Evaluate against the "Always do", "Never do", and "Ask first" rules
|
|
109
|
+
- If AGENTS.md defines additional rules, verify their compliance
|
|
110
|
+
|
|
111
|
+
## Review exit criteria
|
|
112
|
+
- **APROBADO**: No CRITICAL/HIGH FAILs.
|
|
113
|
+
- **APROBADO CON OBSERVACIONES**: Only MEDIUM/LOW FAILs.
|
|
114
|
+
- **REQUIERE CORRECCIONES**: At least one CRITICAL/HIGH FAIL exists.
|
package/skills/say/SKILL.md
CHANGED
|
@@ -1,38 +1,38 @@
|
|
|
1
|
-
---
|
|
2
|
-
name: refacil:say
|
|
3
|
-
description:
|
|
4
|
-
user-invocable: true
|
|
5
|
-
---
|
|
6
|
-
|
|
7
|
-
# refacil:say — Broadcast
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
##
|
|
12
|
-
|
|
13
|
-
###
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
```bash
|
|
18
|
-
refacil-sdd-ai bus say --text "<
|
|
19
|
-
```
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
###
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
##
|
|
28
|
-
|
|
29
|
-
- **`say`**:
|
|
30
|
-
- **`ask`**:
|
|
31
|
-
- **`reply`**:
|
|
32
|
-
|
|
33
|
-
##
|
|
34
|
-
|
|
35
|
-
-
|
|
36
|
-
-
|
|
37
|
-
-
|
|
38
|
-
-
|
|
1
|
+
---
|
|
2
|
+
name: refacil:say
|
|
3
|
+
description: Send a message to the entire bus room (broadcast). For general announcements, not directed questions.
|
|
4
|
+
user-invocable: true
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
# refacil:say — Broadcast to the room
|
|
8
|
+
|
|
9
|
+
Sends a message visible to all members of the room this session is in. **$ARGUMENTS** = message text.
|
|
10
|
+
|
|
11
|
+
## Instructions
|
|
12
|
+
|
|
13
|
+
### Step 1: Execute the broadcast
|
|
14
|
+
|
|
15
|
+
Run via `Bash`:
|
|
16
|
+
|
|
17
|
+
```bash
|
|
18
|
+
refacil-sdd-ai bus say --text "<text>"
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
Where `<text>` is $ARGUMENTS (or what the user asked you to announce). Correctly quote the text.
|
|
22
|
+
|
|
23
|
+
### Step 2: Confirm
|
|
24
|
+
|
|
25
|
+
Report to the user that the message was sent with its id.
|
|
26
|
+
|
|
27
|
+
## When to use `say` vs other bus commands
|
|
28
|
+
|
|
29
|
+
- **`say`**: general announcement to the room — "I finished my part", "I changed the X contract", "I'm going to restart the service"
|
|
30
|
+
- **`ask`**: directed question to another specific session (use `/refacil:ask`)
|
|
31
|
+
- **`reply`**: respond to a question you were asked (use `/refacil:reply`)
|
|
32
|
+
|
|
33
|
+
## Rules
|
|
34
|
+
|
|
35
|
+
- The session must be joined to a room; if not, the CLI will return an error.
|
|
36
|
+
- Short and useful message — avoid bus spam.
|
|
37
|
+
- If the user asks "tell the team ...", use `say`. If they ask "ask X ...", use `ask`.
|
|
38
|
+
- If a room thread **agrees on changes in this repo**, follow `refacil-prereqs/BUS-CROSS-REPO.md`: **`/refacil:propose`** and close via bus with whoever requested the work when done.
|