renma 0.15.2 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +54 -1
- package/README.md +216 -655
- package/architecture.md +523 -0
- package/design.md +458 -0
- package/dist/agent-skills.d.ts +77 -0
- package/dist/agent-skills.d.ts.map +1 -0
- package/dist/agent-skills.js +468 -0
- package/dist/agent-skills.js.map +1 -0
- package/dist/catalog.d.ts.map +1 -1
- package/dist/catalog.js +38 -5
- package/dist/catalog.js.map +1 -1
- package/dist/cli-help.d.ts +13 -11
- package/dist/cli-help.d.ts.map +1 -1
- package/dist/cli-help.js +36 -11
- package/dist/cli-help.js.map +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +139 -40
- package/dist/cli.js.map +1 -1
- package/dist/commands/catalog.d.ts.map +1 -1
- package/dist/commands/catalog.js +4 -3
- package/dist/commands/catalog.js.map +1 -1
- package/dist/commands/graph.d.ts.map +1 -1
- package/dist/commands/graph.js +7 -12
- package/dist/commands/graph.js.map +1 -1
- package/dist/commands/readiness.d.ts.map +1 -1
- package/dist/commands/readiness.js +7 -6
- package/dist/commands/readiness.js.map +1 -1
- package/dist/commands/scaffold.d.ts.map +1 -1
- package/dist/commands/scaffold.js +59 -16
- package/dist/commands/scaffold.js.map +1 -1
- package/dist/commands/suggest-metadata.d.ts +3 -1
- package/dist/commands/suggest-metadata.d.ts.map +1 -1
- package/dist/commands/suggest-metadata.js +226 -7
- package/dist/commands/suggest-metadata.js.map +1 -1
- package/dist/commands/suggest-semantic-split.js +3 -3
- package/dist/commands/suggest-semantic-split.js.map +1 -1
- package/dist/dependency-resolution.d.ts +6 -0
- package/dist/dependency-resolution.d.ts.map +1 -0
- package/dist/dependency-resolution.js +11 -0
- package/dist/dependency-resolution.js.map +1 -0
- package/dist/diagnostic-ids.d.ts +29 -0
- package/dist/diagnostic-ids.d.ts.map +1 -1
- package/dist/diagnostic-ids.js +28 -0
- package/dist/diagnostic-ids.js.map +1 -1
- package/dist/discovery.d.ts +50 -0
- package/dist/discovery.d.ts.map +1 -1
- package/dist/discovery.js +183 -25
- package/dist/discovery.js.map +1 -1
- package/dist/metadata.d.ts +3 -1
- package/dist/metadata.d.ts.map +1 -1
- package/dist/metadata.js +166 -29
- package/dist/metadata.js.map +1 -1
- package/dist/model.d.ts +1 -0
- package/dist/model.d.ts.map +1 -1
- package/dist/report.d.ts.map +1 -1
- package/dist/report.js +16 -1
- package/dist/report.js.map +1 -1
- package/dist/repository-paths.d.ts +13 -0
- package/dist/repository-paths.d.ts.map +1 -1
- package/dist/repository-paths.js +60 -2
- package/dist/repository-paths.js.map +1 -1
- package/dist/rules.d.ts.map +1 -1
- package/dist/rules.js +97 -107
- package/dist/rules.js.map +1 -1
- package/dist/scanner.d.ts.map +1 -1
- package/dist/scanner.js +3 -1
- package/dist/scanner.js.map +1 -1
- package/dist/security-diagnostics.d.ts.map +1 -1
- package/dist/security-diagnostics.js +98 -35
- package/dist/security-diagnostics.js.map +1 -1
- package/dist/security-policy-inventory.js +11 -4
- package/dist/security-policy-inventory.js.map +1 -1
- package/dist/security-policy.d.ts +27 -1
- package/dist/security-policy.d.ts.map +1 -1
- package/dist/security-policy.js +247 -34
- package/dist/security-policy.js.map +1 -1
- package/dist/skill-migration.d.ts +30 -0
- package/dist/skill-migration.d.ts.map +1 -0
- package/dist/skill-migration.js +566 -0
- package/dist/skill-migration.js.map +1 -0
- package/dist/trust-graph.d.ts.map +1 -1
- package/dist/trust-graph.js +7 -11
- package/dist/trust-graph.js.map +1 -1
- package/dist/types.d.ts +3 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/yaml-frontmatter.d.ts +26 -0
- package/dist/yaml-frontmatter.d.ts.map +1 -0
- package/dist/yaml-frontmatter.js +114 -0
- package/dist/yaml-frontmatter.js.map +1 -0
- package/docs/README.md +55 -0
- package/docs/advanced-skill-authoring.md +140 -0
- package/docs/agent-skills-compatibility.md +500 -0
- package/docs/authoring-guide.md +324 -0
- package/docs/context-conflict-diagnostics.md +32 -0
- package/docs/context-language-diagnostics.md +99 -0
- package/docs/context-lens.md +253 -0
- package/docs/context-lifecycle-diagnostics.md +55 -0
- package/docs/diagnostics.md +373 -0
- package/docs/metadata-budget.md +14 -0
- package/docs/repository-context-bom.md +113 -0
- package/docs/security-policy.md +338 -0
- package/docs/user-manual.md +813 -0
- package/examples/context-lens/README.md +101 -0
- package/examples/context-lens/contexts/testing/boundary-value-analysis.md +23 -0
- package/examples/context-lens/lenses/testing/spec-review-boundary-values.md +29 -0
- package/examples/context-lens/lenses/testing/test-design-boundary-values.md +29 -0
- package/examples/context-lens/skills/testing/spec-review/SKILL.md +49 -0
- package/examples/context-repo/README.md +149 -0
- package/examples/context-repo/contexts/domain/payment/idempotency.md +20 -0
- package/examples/context-repo/contexts/testing/boundary-value-analysis.md +19 -0
- package/examples/context-repo/contexts/testing/negative-testing.md +19 -0
- package/examples/context-repo/lenses/testing/spec-review-boundary-values.md +35 -0
- package/examples/context-repo/renma.config.json +12 -0
- package/examples/context-repo/skills/testing/spec-review/SKILL.md +66 -0
- package/examples/context-repo/tools/appium/README.md +14 -0
- package/examples/github-actions/renma-ci-report.yml +36 -0
- package/examples/interactive-placeholder/README.md +104 -0
- package/examples/interactive-placeholder/assets/template.txt +1 -0
- package/examples/interactive-placeholder/renma.config.json +6 -0
- package/examples/interactive-placeholder/skills/replace-placeholder/SKILL.md +54 -0
- package/examples/interactive-placeholder/tools/README.md +48 -0
- package/examples/interactive-placeholder/tools/placeholder-demo.mjs +99 -0
- package/package.json +11 -1
- package/plan-discovery.md +740 -0
- package/plan.md +150 -0
- package/scripts/verify-package.mjs +97 -0
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
# Context Lens Example
|
|
2
|
+
|
|
3
|
+
This current example demonstrates how Context Lenses give different workflows
|
|
4
|
+
purpose-specific interpretations of the same governed Context Asset.
|
|
5
|
+
|
|
6
|
+
It includes:
|
|
7
|
+
|
|
8
|
+
- one reusable Context Asset:
|
|
9
|
+
[`contexts/testing/boundary-value-analysis.md`](contexts/testing/boundary-value-analysis.md);
|
|
10
|
+
- two valid Lenses over that Context:
|
|
11
|
+
[`spec-review-boundary-values.md`](lenses/testing/spec-review-boundary-values.md)
|
|
12
|
+
and
|
|
13
|
+
[`test-design-boundary-values.md`](lenses/testing/test-design-boundary-values.md);
|
|
14
|
+
- one canonical nested Agent Skills-compatible
|
|
15
|
+
[`SKILL.md`](skills/testing/spec-review/SKILL.md) with static required and
|
|
16
|
+
optional Lens relationships.
|
|
17
|
+
|
|
18
|
+
The Skill is a thin routing and workflow layer. The Context Asset owns reusable
|
|
19
|
+
boundary-value knowledge. Each Lens explains how to apply that knowledge for a
|
|
20
|
+
particular purpose without copying it into the Skill.
|
|
21
|
+
|
|
22
|
+
```text
|
|
23
|
+
Skill -> Context Lens -> Context Asset
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
These are static repository relationships. Renma validates their definitions,
|
|
27
|
+
metadata, resolution, and repository health. The consuming agent reads and
|
|
28
|
+
applies the declared Context and Lens; Renma does not choose a runtime Lens,
|
|
29
|
+
assemble prompts, inject Context, execute the workflow, or judge Lens quality
|
|
30
|
+
with an LLM. A human reviews the result.
|
|
31
|
+
|
|
32
|
+
```text
|
|
33
|
+
LLM proposes. Renma verifies. Human approves.
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
## Inspect The Example
|
|
37
|
+
|
|
38
|
+
From the Renma repository root after building the CLI:
|
|
39
|
+
|
|
40
|
+
```bash
|
|
41
|
+
node dist/index.js scan examples/context-lens --fail-on high
|
|
42
|
+
node dist/index.js catalog examples/context-lens --format markdown
|
|
43
|
+
node dist/index.js readiness examples/context-lens --format markdown
|
|
44
|
+
node dist/index.js inspect examples/context-lens/lenses/testing/spec-review-boundary-values.md --format text
|
|
45
|
+
node dist/index.js graph examples/context-lens --view layered --format mermaid
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
The expected result is one valid nested Skill, two valid Context Lenses, one
|
|
49
|
+
governed Context Asset, resolved Skill-to-Lens-to-Context relationships, zero
|
|
50
|
+
scan findings, and readiness level `ready` with score 100. Readiness includes a
|
|
51
|
+
`Context Lens` summary; JSON output exposes the same evidence under
|
|
52
|
+
`summary.contextLens`.
|
|
53
|
+
|
|
54
|
+
## Minimal Valid Lens
|
|
55
|
+
|
|
56
|
+
```yaml
|
|
57
|
+
---
|
|
58
|
+
id: lens.testing.spec-review.boundary-values
|
|
59
|
+
type: context_lens
|
|
60
|
+
owner: qa-platform
|
|
61
|
+
status: experimental
|
|
62
|
+
version: 1
|
|
63
|
+
scope: context
|
|
64
|
+
purpose: spec_review
|
|
65
|
+
applies_to:
|
|
66
|
+
- context.testing.boundary-value-analysis
|
|
67
|
+
---
|
|
68
|
+
# Spec Review Lens for Boundary Values
|
|
69
|
+
|
|
70
|
+
Review the boundary-value Context for ambiguity and missing limits.
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
The supported Lens schema version is `1`; the supported scope is `context`.
|
|
74
|
+
|
|
75
|
+
## Diagnostic Illustration
|
|
76
|
+
|
|
77
|
+
The following illustration is intentionally not stored as a scanned fixture:
|
|
78
|
+
|
|
79
|
+
```yaml
|
|
80
|
+
---
|
|
81
|
+
id: lens.testing.invalid
|
|
82
|
+
owner: qa-platform
|
|
83
|
+
applies_to:
|
|
84
|
+
- ./contexts/testing/missing.md
|
|
85
|
+
---
|
|
86
|
+
# Invalid Lens
|
|
87
|
+
```
|
|
88
|
+
|
|
89
|
+
It would produce:
|
|
90
|
+
|
|
91
|
+
- `CONTEXT-LENS-MISSING-REQUIRED-FIELD` for the missing `purpose`;
|
|
92
|
+
- `CONTEXT-LENS-PATH-NORMALIZATION-MISMATCH` for the `./` path prefix; and
|
|
93
|
+
- `CONTEXT-LENS-TARGET-NOT-FOUND` because the target does not resolve.
|
|
94
|
+
|
|
95
|
+
Use readiness as the blocking CI view for Context Lens governance:
|
|
96
|
+
|
|
97
|
+
```bash
|
|
98
|
+
renma readiness examples/context-lens --json
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
Blocking Context Lens diagnostics make that command exit `1`.
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: context.testing.boundary-value-analysis
|
|
3
|
+
owner: qa-platform
|
|
4
|
+
status: stable
|
|
5
|
+
tags:
|
|
6
|
+
- testing
|
|
7
|
+
- qa
|
|
8
|
+
when_to_use:
|
|
9
|
+
- Designing or reviewing behavior around numeric, date, quantity, retry, or limit boundaries
|
|
10
|
+
when_not_to_use:
|
|
11
|
+
- Reviewing copy, styling, or exploratory observations that do not depend on explicit boundaries
|
|
12
|
+
allowed_data:
|
|
13
|
+
- repo-local-files
|
|
14
|
+
network_allowed: false
|
|
15
|
+
external_upload_allowed: false
|
|
16
|
+
secrets_allowed: false
|
|
17
|
+
requires_human_approval: false
|
|
18
|
+
---
|
|
19
|
+
# Boundary Value Analysis
|
|
20
|
+
|
|
21
|
+
Boundary value analysis is reusable testing knowledge. It should stay as a base context asset because it can support spec review, test design, regression planning, onboarding, and other skills.
|
|
22
|
+
|
|
23
|
+
Keep task-specific interpretation in context lens assets instead of copying this content into each skill.
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: lens.testing.spec-review.boundary-values
|
|
3
|
+
type: context_lens
|
|
4
|
+
owner: qa-platform
|
|
5
|
+
status: experimental
|
|
6
|
+
version: 1
|
|
7
|
+
scope: context
|
|
8
|
+
tags:
|
|
9
|
+
- testing
|
|
10
|
+
- spec-review
|
|
11
|
+
purpose: spec_review
|
|
12
|
+
applies_to:
|
|
13
|
+
- context.testing.boundary-value-analysis
|
|
14
|
+
focus: ambiguity, missing boundary, source of truth, confirmation questions
|
|
15
|
+
expected_outputs: unresolved questions, risk notes, spec clarification suggestions
|
|
16
|
+
allowed_data:
|
|
17
|
+
- repo-local-files
|
|
18
|
+
network_allowed: false
|
|
19
|
+
external_upload_allowed: false
|
|
20
|
+
secrets_allowed: false
|
|
21
|
+
requires_human_approval: false
|
|
22
|
+
---
|
|
23
|
+
# Spec Review Lens for Boundary Values
|
|
24
|
+
|
|
25
|
+
Use this lens when reading boundary value analysis context during spec review.
|
|
26
|
+
|
|
27
|
+
Emphasize whether the spec defines exact lower and upper bounds, inclusive or exclusive behavior, empty or zero cases, overflow handling, retry limits, and ownership of the source of truth.
|
|
28
|
+
|
|
29
|
+
The lens should help produce review questions and risk notes. It should not duplicate the base boundary value analysis context or become a prompt template.
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: lens.testing.test-design.boundary-values
|
|
3
|
+
type: context_lens
|
|
4
|
+
owner: qa-platform
|
|
5
|
+
status: experimental
|
|
6
|
+
version: 1
|
|
7
|
+
scope: context
|
|
8
|
+
tags:
|
|
9
|
+
- testing
|
|
10
|
+
- test-design
|
|
11
|
+
purpose: test_design
|
|
12
|
+
applies_to:
|
|
13
|
+
- context.testing.boundary-value-analysis
|
|
14
|
+
focus: inclusive limits, empty and zero values, overflow behavior, retry limits
|
|
15
|
+
expected_outputs: test cases, edge-case checklist, coverage notes
|
|
16
|
+
allowed_data:
|
|
17
|
+
- repo-local-files
|
|
18
|
+
network_allowed: false
|
|
19
|
+
external_upload_allowed: false
|
|
20
|
+
secrets_allowed: false
|
|
21
|
+
requires_human_approval: false
|
|
22
|
+
---
|
|
23
|
+
# Test Design Lens for Boundary Values
|
|
24
|
+
|
|
25
|
+
Use this lens when turning boundary value analysis context into concrete test coverage.
|
|
26
|
+
|
|
27
|
+
Emphasize lower and upper bounds, inclusive and exclusive behavior, empty input, zero values, overflow, maximum retries, and expected failure modes.
|
|
28
|
+
|
|
29
|
+
The lens should help produce test cases and coverage notes. It should not select runtime context, assemble a prompt, or duplicate the base boundary value analysis context.
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: spec-review
|
|
3
|
+
description: Review a specification through declared Context Assets and Context Lenses. Use when implementation or test-design boundaries need focused analysis; do not use for implementation, final approval, or unrelated editorial review.
|
|
4
|
+
metadata:
|
|
5
|
+
renma.id: skill.testing.spec-review
|
|
6
|
+
renma.owner: qa-platform
|
|
7
|
+
renma.status: experimental
|
|
8
|
+
renma.tags: '["testing","spec-review"]'
|
|
9
|
+
renma.requires-context: '["context.testing.boundary-value-analysis"]'
|
|
10
|
+
renma.requires-lens: '["lens.testing.spec-review.boundary-values"]'
|
|
11
|
+
renma.optional-lens: '["lens.testing.test-design.boundary-values"]'
|
|
12
|
+
renma.allowed-data: '["repo-local-files"]'
|
|
13
|
+
renma.network-allowed: "false"
|
|
14
|
+
renma.external-upload-allowed: "false"
|
|
15
|
+
renma.secrets-allowed: "false"
|
|
16
|
+
renma.requires-human-approval: "false"
|
|
17
|
+
---
|
|
18
|
+
# Spec Review
|
|
19
|
+
|
|
20
|
+
Use this skill to review a specification before implementation or test design.
|
|
21
|
+
|
|
22
|
+
The skill stays thin. It declares the reusable base context and the purpose-oriented lens, while the detailed knowledge remains in context assets and lens assets.
|
|
23
|
+
|
|
24
|
+
## Required Inputs
|
|
25
|
+
|
|
26
|
+
- The specification or product change to review.
|
|
27
|
+
- Any linked source-of-truth documents or implementation references.
|
|
28
|
+
|
|
29
|
+
## Instructions
|
|
30
|
+
|
|
31
|
+
1. Read the declared context assets.
|
|
32
|
+
2. Apply the declared context lens to focus the review.
|
|
33
|
+
3. Produce unresolved questions, risk notes, and clarification suggestions.
|
|
34
|
+
|
|
35
|
+
## When Not To Use
|
|
36
|
+
|
|
37
|
+
Use an implementation workflow for code changes, a decision owner for final
|
|
38
|
+
approval, or an editorial workflow for copy-only review.
|
|
39
|
+
|
|
40
|
+
## Validation
|
|
41
|
+
|
|
42
|
+
- The output distinguishes known facts from open questions.
|
|
43
|
+
- The output cites the source-of-truth gaps it found.
|
|
44
|
+
- The skill does not copy reusable testing guidance into this file.
|
|
45
|
+
|
|
46
|
+
## Completion Criteria
|
|
47
|
+
|
|
48
|
+
Complete when the output separates facts from unresolved questions, cites each
|
|
49
|
+
source-of-truth gap, records the applied Lens, and is ready for human review.
|
|
@@ -0,0 +1,149 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: example.context-repo.overview
|
|
3
|
+
title: Example Context Repository
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
owner: qa-platform
|
|
6
|
+
status: stable
|
|
7
|
+
tags:
|
|
8
|
+
- example
|
|
9
|
+
- testing
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Example Context Repository
|
|
13
|
+
|
|
14
|
+
This fixture is a focused workflow-authoring and repository-governance example.
|
|
15
|
+
It is statically navigable for a consuming agent that has this repository
|
|
16
|
+
checkout and can follow the relative Markdown links in the Skill. The agent can
|
|
17
|
+
inspect an incomplete request, ask focused clarification questions, apply
|
|
18
|
+
reusable Context, record evidence and assumptions, and produce findings for
|
|
19
|
+
human review. Renma discovers and validates the repository assets; it does not
|
|
20
|
+
open the links or execute the interaction.
|
|
21
|
+
|
|
22
|
+
## Repository Assets
|
|
23
|
+
|
|
24
|
+
- [`skills/testing/spec-review/SKILL.md`](skills/testing/spec-review/SKILL.md)
|
|
25
|
+
is the Agent Skills-compatible entrypoint and interactive usage guide.
|
|
26
|
+
- [`lenses/testing/spec-review-boundary-values.md`](lenses/testing/spec-review-boundary-values.md)
|
|
27
|
+
interprets reusable boundary knowledge for specification review.
|
|
28
|
+
- [`contexts/testing/boundary-value-analysis.md`](contexts/testing/boundary-value-analysis.md)
|
|
29
|
+
is the independently owned source of truth used through the Lens.
|
|
30
|
+
- [`contexts/testing/negative-testing.md`](contexts/testing/negative-testing.md)
|
|
31
|
+
is used directly by the Skill; a Context Lens is not required for every
|
|
32
|
+
Context Asset.
|
|
33
|
+
- [`contexts/domain/payment/idempotency.md`](contexts/domain/payment/idempotency.md)
|
|
34
|
+
is optional and applies only when a review covers retryable payment writes.
|
|
35
|
+
|
|
36
|
+
The `metadata.renma.*` dependency values are governance relationships. Generic
|
|
37
|
+
Agent Skills clients are not required to resolve them, so the Skill and Lens
|
|
38
|
+
bodies provide a repository-relative path to every required asset. The Skill
|
|
39
|
+
links the Lens and direct Context Asset, the Lens links Boundary Value Analysis,
|
|
40
|
+
and the Skill links this asset index for its optional payment branch. Agent
|
|
41
|
+
Skills-compatible syntax alone does not make those external assets portable,
|
|
42
|
+
and copying the Skill without the rest of this fixture produces an incomplete
|
|
43
|
+
workflow.
|
|
44
|
+
|
|
45
|
+
The declared relationships demonstrate both supported shapes:
|
|
46
|
+
|
|
47
|
+
```text
|
|
48
|
+
Skill -> Context Lens -> Context Asset
|
|
49
|
+
Skill -> Context Asset
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
These are static repository relationships. They do not make Renma select or
|
|
53
|
+
load Context for a live request.
|
|
54
|
+
|
|
55
|
+
## Responsibility Boundary
|
|
56
|
+
|
|
57
|
+
Renma:
|
|
58
|
+
|
|
59
|
+
- discovers and normalizes the example assets;
|
|
60
|
+
- validates metadata and declared relationships;
|
|
61
|
+
- reports deterministic diagnostics; and
|
|
62
|
+
- exposes Catalog, graph, Trust Graph, Readiness, and Repository Context BOM
|
|
63
|
+
views.
|
|
64
|
+
|
|
65
|
+
The consuming agent:
|
|
66
|
+
|
|
67
|
+
- interprets the user's request and follows the Skill guidance;
|
|
68
|
+
- asks focused clarification questions without inventing missing requirements;
|
|
69
|
+
- opens the explicit repository-relative links in the Skill and Lens;
|
|
70
|
+
- applies the Lens and direct Context relationships where relevant; and
|
|
71
|
+
- records evidence, assumptions, unresolved questions, rationale, and findings.
|
|
72
|
+
|
|
73
|
+
The human:
|
|
74
|
+
|
|
75
|
+
- supplies missing domain knowledge and decision ownership;
|
|
76
|
+
- reviews clarifications, assumptions, findings, and any resulting patch; and
|
|
77
|
+
- accepts, rejects, or corrects the final result.
|
|
78
|
+
|
|
79
|
+
Human review occurs before the findings become accepted requirements or before
|
|
80
|
+
any implementation change is merged.
|
|
81
|
+
|
|
82
|
+
## Inspect With Renma
|
|
83
|
+
|
|
84
|
+
Run these commands from the renma repository root after building the CLI:
|
|
85
|
+
|
|
86
|
+
```bash
|
|
87
|
+
npm run build
|
|
88
|
+
node dist/index.js scan examples/context-repo
|
|
89
|
+
node dist/index.js catalog examples/context-repo --format markdown
|
|
90
|
+
node dist/index.js ownership examples/context-repo --format markdown
|
|
91
|
+
node dist/index.js graph examples/context-repo --view layered --format mermaid
|
|
92
|
+
node dist/index.js trust-graph examples/context-repo --format markdown
|
|
93
|
+
node dist/index.js readiness examples/context-repo --format markdown
|
|
94
|
+
node dist/index.js bom examples/context-repo --format json --omit-generated-at
|
|
95
|
+
node dist/index.js bom examples/context-repo --format markdown
|
|
96
|
+
node dist/index.js inspect examples/context-repo/skills/testing/spec-review/SKILL.md
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
With an installed CLI, replace `node dist/index.js` with `renma`:
|
|
100
|
+
|
|
101
|
+
```bash
|
|
102
|
+
renma scan examples/context-repo
|
|
103
|
+
renma catalog examples/context-repo --format markdown
|
|
104
|
+
renma ownership examples/context-repo --format markdown
|
|
105
|
+
renma graph examples/context-repo --view layered --format mermaid
|
|
106
|
+
renma trust-graph examples/context-repo --format markdown
|
|
107
|
+
renma readiness examples/context-repo --format markdown
|
|
108
|
+
renma bom examples/context-repo --format json --omit-generated-at
|
|
109
|
+
renma bom examples/context-repo --format markdown
|
|
110
|
+
renma inspect examples/context-repo/skills/testing/spec-review/SKILL.md
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
`scan` checks the assets for findings. Catalog and ownership show inventory and
|
|
114
|
+
responsibility. The layered graph makes Skill-to-Lens-to-Context and direct
|
|
115
|
+
Skill-to-Context relationships visible. Trust Graph connects review evidence.
|
|
116
|
+
Readiness summarizes repository health. BOM combines declared repository
|
|
117
|
+
evidence into authoritative JSON or a Markdown review projection. `inspect`
|
|
118
|
+
shows the structure of the workflow entrypoint.
|
|
119
|
+
|
|
120
|
+
The example is structurally ready: its Skill and Lens validate, every declared
|
|
121
|
+
relationship resolves, and every cataloged asset has an owner. `scan` also
|
|
122
|
+
keeps advisory missing-security-policy findings visible for the fixture's
|
|
123
|
+
Skill and Context Assets. The example does not invent security policy merely to
|
|
124
|
+
produce an empty finding list; fixture owners would need to review and declare
|
|
125
|
+
that policy.
|
|
126
|
+
|
|
127
|
+
## Intentionally Not Demonstrated
|
|
128
|
+
|
|
129
|
+
This fixture does not add or imply a Renma runtime state machine, automatic
|
|
130
|
+
question generation, live Skill or Context selection, prompt assembly, agent
|
|
131
|
+
execution, automatic file rewriting, telemetry collection, or automatic human
|
|
132
|
+
approval. The interactive behavior belongs to the consuming agent and the
|
|
133
|
+
final judgment belongs to the human. Renma metadata does not make the workflow
|
|
134
|
+
self-contained or cause a generic Agent Skills client to load external assets.
|
|
135
|
+
|
|
136
|
+
The declared relationship shape is:
|
|
137
|
+
|
|
138
|
+
```mermaid
|
|
139
|
+
flowchart TD
|
|
140
|
+
node_0["skill: skill.testing.spec-review"]
|
|
141
|
+
node_1["lens: lens.testing.spec-review.boundary-values"]
|
|
142
|
+
node_2["context: context.domain.payment.idempotency"]
|
|
143
|
+
node_3["context: context.testing.negative-testing"]
|
|
144
|
+
node_4["context: context.testing.boundary-value-analysis"]
|
|
145
|
+
node_0 -->|requires_lens| node_1
|
|
146
|
+
node_0 -->|optional| node_2
|
|
147
|
+
node_0 -->|requires| node_3
|
|
148
|
+
node_1 -->|applies_to| node_4
|
|
149
|
+
```
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: context.domain.payment.idempotency
|
|
3
|
+
title: Payment Idempotency
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
owner: payments-platform
|
|
6
|
+
status: stable
|
|
7
|
+
tags:
|
|
8
|
+
- payment
|
|
9
|
+
- reliability
|
|
10
|
+
when_to_use:
|
|
11
|
+
- Reviewing payment write retry behavior or duplicate request handling
|
|
12
|
+
when_not_to_use:
|
|
13
|
+
- Reviewing non-payment retries or read-only request behavior
|
|
14
|
+
---
|
|
15
|
+
|
|
16
|
+
# Payment Idempotency
|
|
17
|
+
|
|
18
|
+
Payment writes should be safe to retry. A request with the same idempotency key should produce one durable outcome, even if the client times out and sends the request again.
|
|
19
|
+
|
|
20
|
+
Review payment specs for key scope, duplicate handling, timeout behavior, and whether the response explains the original result.
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: context.testing.boundary-value-analysis
|
|
3
|
+
title: Boundary Value Analysis
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
owner: qa-platform
|
|
6
|
+
status: stable
|
|
7
|
+
tags:
|
|
8
|
+
- testing
|
|
9
|
+
when_to_use:
|
|
10
|
+
- Designing test cases around numeric, date, count, length, or pagination limits
|
|
11
|
+
when_not_to_use:
|
|
12
|
+
- Testing invalid inputs that are not tied to explicit boundary values
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Boundary Value Analysis
|
|
16
|
+
|
|
17
|
+
Boundary value analysis checks the values just below, at, and just above important limits. Use it for limits such as quantity, length, date range, retry count, price, and pagination size.
|
|
18
|
+
|
|
19
|
+
Prefer examples that name the limit and the expected behavior. A good case says what happens at the minimum, the maximum, and the first invalid value outside each edge.
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: context.testing.negative-testing
|
|
3
|
+
title: Negative Testing
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
owner: qa-platform
|
|
6
|
+
status: stable
|
|
7
|
+
tags:
|
|
8
|
+
- testing
|
|
9
|
+
when_to_use:
|
|
10
|
+
- Designing validation, unsupported-state, or error-handling test cases
|
|
11
|
+
when_not_to_use:
|
|
12
|
+
- Designing accepted boundary-value cases for valid limits
|
|
13
|
+
---
|
|
14
|
+
|
|
15
|
+
# Negative Testing
|
|
16
|
+
|
|
17
|
+
Negative testing verifies that invalid inputs and unsupported states fail clearly. It should confirm the user sees a useful error, the system avoids partial work, and any retry or recovery path is explicit.
|
|
18
|
+
|
|
19
|
+
Useful negative cases include missing required fields, malformed values, expired sessions, duplicate submissions, permission failures, and upstream service errors.
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: lens.testing.spec-review.boundary-values
|
|
3
|
+
type: context_lens
|
|
4
|
+
title: Spec Review Boundary Values Lens
|
|
5
|
+
version: 1
|
|
6
|
+
owner: qa-platform
|
|
7
|
+
status: stable
|
|
8
|
+
tags:
|
|
9
|
+
- testing
|
|
10
|
+
- spec-review
|
|
11
|
+
purpose: spec_review
|
|
12
|
+
applies_to:
|
|
13
|
+
- context.testing.boundary-value-analysis
|
|
14
|
+
focus:
|
|
15
|
+
- missing limits
|
|
16
|
+
- inclusive and exclusive boundaries
|
|
17
|
+
- empty and zero values
|
|
18
|
+
- overflow and retry limits
|
|
19
|
+
expected_outputs:
|
|
20
|
+
- focused clarification questions
|
|
21
|
+
- boundary-related review findings
|
|
22
|
+
- unresolved source-of-truth gaps
|
|
23
|
+
---
|
|
24
|
+
|
|
25
|
+
# Spec Review Boundary Values Lens
|
|
26
|
+
|
|
27
|
+
Interpret [Boundary Value Analysis](../../contexts/testing/boundary-value-analysis.md)
|
|
28
|
+
for specification review. Identify missing limits, whether endpoints are
|
|
29
|
+
inclusive or exclusive, behavior for empty and zero values, overflow behavior,
|
|
30
|
+
and retry limits.
|
|
31
|
+
|
|
32
|
+
Ask focused questions when the specification does not define those decisions.
|
|
33
|
+
Record unresolved source-of-truth gaps instead of inventing a boundary. This
|
|
34
|
+
Lens guides the consuming agent's interpretation; Renma validates its metadata
|
|
35
|
+
and relationship to the Context Asset but does not apply the Lens at runtime.
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: spec-review
|
|
3
|
+
description: Review an incomplete product or test specification through focused clarification. Use when requirements need evidence-backed review notes; do not use for implementation or final approval.
|
|
4
|
+
metadata:
|
|
5
|
+
renma.id: skill.testing.spec-review
|
|
6
|
+
renma.title: Spec Review
|
|
7
|
+
renma.version: "0.1.0"
|
|
8
|
+
renma.owner: qa-platform
|
|
9
|
+
renma.status: experimental
|
|
10
|
+
renma.tags: '["testing","spec-review"]'
|
|
11
|
+
renma.requires-context: '["contexts/testing/negative-testing.md"]'
|
|
12
|
+
renma.optional-context: '["context.domain.payment.idempotency"]'
|
|
13
|
+
renma.requires-lens: '["lens.testing.spec-review.boundary-values"]'
|
|
14
|
+
---
|
|
15
|
+
|
|
16
|
+
# Spec Review
|
|
17
|
+
|
|
18
|
+
## Routing
|
|
19
|
+
|
|
20
|
+
Use for incomplete specification clarification and evidence-backed review. The
|
|
21
|
+
agent follows this Skill; Renma validates it and its declared relationships.
|
|
22
|
+
|
|
23
|
+
## Required Inputs
|
|
24
|
+
|
|
25
|
+
- The incomplete request, available criteria, examples, and references.
|
|
26
|
+
- Known constraints, integrations, user states, and owners.
|
|
27
|
+
|
|
28
|
+
## Repository Context
|
|
29
|
+
|
|
30
|
+
This Skill is statically navigable inside this repository checkout. The
|
|
31
|
+
consuming agent must open these relative links; Renma validates the matching
|
|
32
|
+
asset IDs and relationships but does not load or inject their contents:
|
|
33
|
+
|
|
34
|
+
- [Spec Review Boundary Values Lens](../../../lenses/testing/spec-review-boundary-values.md)
|
|
35
|
+
- [Negative Testing](../../../contexts/testing/negative-testing.md)
|
|
36
|
+
- [Example asset index](../../../README.md#repository-assets), which locates the
|
|
37
|
+
optional Payment Idempotency Context Asset for retryable payment writes
|
|
38
|
+
|
|
39
|
+
Copying this `SKILL.md` without its linked assets is not a complete workflow.
|
|
40
|
+
|
|
41
|
+
## Hard Constraints
|
|
42
|
+
|
|
43
|
+
- Do not invent requirements, sources, or ownership. Ask a focused question;
|
|
44
|
+
when an answer is unavailable, record the gap and decision owner for human
|
|
45
|
+
review.
|
|
46
|
+
|
|
47
|
+
## Clarification Workflow
|
|
48
|
+
|
|
49
|
+
1. Inspect the request and available references.
|
|
50
|
+
2. Separate facts from missing information, ambiguity, and conflicts.
|
|
51
|
+
3. Ask about the most consequential gap. Record each answer and its source.
|
|
52
|
+
4. Repeat until intended behavior, acceptance criteria, boundaries, error or
|
|
53
|
+
retry behavior, and remaining decision owners are clear enough for review.
|
|
54
|
+
Keep unavailable answers as unresolved questions.
|
|
55
|
+
5. Open the linked Lens and Context Assets. Apply the Lens to boundary-value
|
|
56
|
+
analysis, use Negative Testing directly, and use Payment Idempotency only
|
|
57
|
+
for retryable payment writes.
|
|
58
|
+
6. Record facts and sources, clarifications, assumptions, open questions,
|
|
59
|
+
applied Context and rationale, and findings with evidence and impact.
|
|
60
|
+
7. Present the record to a human, who accepts, rejects, or corrects it.
|
|
61
|
+
|
|
62
|
+
## Validation
|
|
63
|
+
|
|
64
|
+
The review is ready for human judgment when each acceptance criterion has a
|
|
65
|
+
positive path, a negative or unsupported-state path where relevant, and each
|
|
66
|
+
material boundary or retry case. Unresolved issues remain explicit.
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
---
|
|
2
|
+
id: tool.appium.mobile-testing
|
|
3
|
+
title: Appium Mobile Testing
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
owner: qa-platform
|
|
6
|
+
status: stable
|
|
7
|
+
tags:
|
|
8
|
+
- testing
|
|
9
|
+
- mobile
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
# Appium Mobile Testing
|
|
13
|
+
|
|
14
|
+
Use Appium for end-to-end mobile checks when the behavior depends on native platform UI, device permissions, or app lifecycle events. Keep scenarios narrow and pair them with faster lower-level tests when possible.
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
name: Renma CI Report
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
|
|
6
|
+
jobs:
|
|
7
|
+
renma-ci-report:
|
|
8
|
+
runs-on: ubuntu-latest
|
|
9
|
+
permissions:
|
|
10
|
+
contents: read
|
|
11
|
+
|
|
12
|
+
steps:
|
|
13
|
+
- uses: actions/checkout@v4
|
|
14
|
+
with:
|
|
15
|
+
fetch-depth: 0
|
|
16
|
+
|
|
17
|
+
- uses: actions/setup-node@v4
|
|
18
|
+
with:
|
|
19
|
+
node-version: 22
|
|
20
|
+
|
|
21
|
+
- run: npm ci
|
|
22
|
+
|
|
23
|
+
- run: npm run build
|
|
24
|
+
|
|
25
|
+
- name: Generate Renma CI report
|
|
26
|
+
run: |
|
|
27
|
+
node dist/index.js ci-report . \
|
|
28
|
+
--from origin/${{ github.base_ref }} \
|
|
29
|
+
--to HEAD \
|
|
30
|
+
--format markdown > renma-ci-report.md
|
|
31
|
+
|
|
32
|
+
- uses: actions/upload-artifact@v4
|
|
33
|
+
if: always()
|
|
34
|
+
with:
|
|
35
|
+
name: renma-ci-report
|
|
36
|
+
path: renma-ci-report.md
|