sinapse-ai 1.20.1 → 1.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (122) hide show
  1. package/.claude/rules/coderabbit-integration.md +6 -0
  2. package/.claude/rules/documentation-first-reference.md +146 -0
  3. package/.claude/rules/documentation-first.md +27 -119
  4. package/.claude/rules/mandatory-delegation-reference.md +93 -0
  5. package/.claude/rules/mandatory-delegation.md +29 -93
  6. package/.claude/rules/project-intelligence-reference.md +159 -0
  7. package/.claude/rules/project-intelligence.md +37 -155
  8. package/.claude/rules/safe-collaboration-reference.md +163 -0
  9. package/.claude/rules/safe-collaboration.md +32 -173
  10. package/.sinapse-ai/core/doctor/checks/index.js +1 -1
  11. package/.sinapse-ai/core/execution/build-orchestrator.js +4 -3
  12. package/.sinapse-ai/core/execution/subagent-dispatcher.js +2 -2
  13. package/.sinapse-ai/core/ideation/ideation-engine.js +2 -1
  14. package/.sinapse-ai/core/orchestration/brownfield-progress.js +219 -0
  15. package/.sinapse-ai/core/orchestration/cli-commands.js +13 -0
  16. package/.sinapse-ai/core/orchestration/doc-first-resolver.js +96 -2
  17. package/.sinapse-ai/core/orchestration/executors/epic-3-executor.js +15 -2
  18. package/.sinapse-ai/core/orchestration/executors/epic-4-executor.js +3 -1
  19. package/.sinapse-ai/core/orchestration/greenfield-handler.js +97 -0
  20. package/.sinapse-ai/core/orchestration/index.js +5 -0
  21. package/.sinapse-ai/core/orchestration/spec-complexity.js +141 -0
  22. package/.sinapse-ai/core/orchestration/workflow-executor.js +17 -1
  23. package/.sinapse-ai/core-config.yaml +30 -0
  24. package/.sinapse-ai/data/entity-registry.yaml +81 -35
  25. package/.sinapse-ai/development/agents/architect.md +3 -15
  26. package/.sinapse-ai/development/agents/data-engineer.md +3 -15
  27. package/.sinapse-ai/development/agents/developer.md +3 -24
  28. package/.sinapse-ai/development/agents/devops.md +4 -25
  29. package/.sinapse-ai/development/agents/quality-gate.md +3 -25
  30. package/.sinapse-ai/development/knowledge-base/token-economy-guide.md +1 -1
  31. package/.sinapse-ai/development/tasks/execute-epic-plan.md +3 -0
  32. package/.sinapse-ai/development/tasks/resolve-github-issue.md +1 -1
  33. package/.sinapse-ai/development/workflows/brownfield-discovery.yaml +16 -0
  34. package/.sinapse-ai/development/workflows/epic-orchestration.yaml +11 -0
  35. package/.sinapse-ai/docs/standards/SINAPSE-LIVRO-DE-OURO-V2.1-COMPLETE.md +6 -2
  36. package/.sinapse-ai/docs/standards/SINAPSE-LIVRO-DE-OURO-V2.2-SUMMARY.md +4 -1
  37. package/.sinapse-ai/install-manifest.yaml +58 -50
  38. package/.sinapse-ai/product/templates/story-tmpl.yaml +11 -6
  39. package/.sinapse-ai/quality/judge-calibration/README.md +75 -0
  40. package/.sinapse-ai/quality/judge-calibration/calibration-log.md +70 -0
  41. package/.sinapse-ai/quality/judge-calibration/golden-set.json +105 -0
  42. package/.sinapse-ai/quality/judge-calibration/scenarios.json +90 -0
  43. package/CHANGELOG.md +55 -10
  44. package/README.en.md +1 -1
  45. package/README.md +6 -6
  46. package/bin/sinapse-minimal.js +5 -4
  47. package/docs/community/README-community-snippet-core.md +1 -1
  48. package/docs/community/README-community-snippet-mcp.md +2 -2
  49. package/docs/framework/README.md +2 -2
  50. package/docs/framework/architecture-overview.md +2 -2
  51. package/docs/framework/core-architecture.md +1 -1
  52. package/docs/framework/feature-process.md +5 -5
  53. package/docs/framework/guiding-principles.md +1 -1
  54. package/docs/framework/roadmap.md +4 -4
  55. package/docs/framework/source-tree.md +1 -1
  56. package/docs/framework/versioning-and-releases.md +1 -1
  57. package/docs/getting-started.md +1 -1
  58. package/docs/guides/agent-selection-guide.md +1 -1
  59. package/docs/guides/agents/traces/README.md +1 -1
  60. package/docs/guides/config-migration-guide.md +1 -1
  61. package/docs/guides/development-setup.md +1 -1
  62. package/docs/guides/docker-mcp-setup.md +5 -5
  63. package/docs/guides/getting-started.md +1 -1
  64. package/docs/guides/git-workflow-guide.md +3 -3
  65. package/docs/guides/ide-integration.md +3 -3
  66. package/docs/guides/ide-sync-guide.md +1 -1
  67. package/docs/guides/mcp/desktop-commander.md +2 -2
  68. package/docs/guides/mcp/docker-gateway-tutorial.md +1 -1
  69. package/docs/guides/mcp-global-setup.md +3 -3
  70. package/docs/guides/memory-intelligence-system.md +10 -10
  71. package/docs/guides/meta-agent-commands.md +1 -1
  72. package/docs/guides/quality-gates.md +1 -1
  73. package/docs/guides/security-hardening.md +1 -1
  74. package/docs/guides/service-discovery.md +1 -1
  75. package/docs/guides/squad-examples/README.md +1 -1
  76. package/docs/guides/squads-guide.md +1 -1
  77. package/docs/guides/testing-guide.md +2 -2
  78. package/docs/guides/user-guide.md +22 -22
  79. package/docs/guides/workflows/BROWNFIELD-DISCOVERY-WORKFLOW.md +3 -3
  80. package/docs/guides/workflows/BROWNFIELD-SERVICE-WORKFLOW.md +1 -1
  81. package/docs/guides/workflows/GREENFIELD-UI-WORKFLOW.md +2 -2
  82. package/docs/guides/workflows/SPEC-PIPELINE-WORKFLOW.md +3 -3
  83. package/docs/guides/workflows/STORY-DEVELOPMENT-CYCLE-WORKFLOW.md +3 -3
  84. package/docs/guides/workflows/pro-developer-workflow.md +2 -2
  85. package/docs/guides/workflows-guide.md +1 -1
  86. package/docs/guides/workflows-overview.md +1 -1
  87. package/docs/installation/npx-install.md +1 -1
  88. package/docs/installation/uninstallation.md +1 -1
  89. package/docs/installation/v4-quick-start.md +1 -1
  90. package/docs/pt/guides/user-guide.md +18 -18
  91. package/docs/pt/security.md +2 -2
  92. package/docs/security/overview.md +2 -2
  93. package/docs/security/security-best-practices.md +1 -1
  94. package/docs/sinapse-agent-flows/architect-system.md +1 -1
  95. package/docs/sinapse-agent-flows/data-engineer-system.md +1 -1
  96. package/docs/sinapse-agent-flows/dev-system.md +1 -1
  97. package/docs/sinapse-agent-flows/devops-system.md +2 -2
  98. package/docs/sinapse-agent-flows/qa-system.md +1 -1
  99. package/docs/sinapse-agent-flows/sm-system.md +2 -2
  100. package/docs/sinapse-agent-flows/snps-orqx-system.md +4 -4
  101. package/docs/sinapse-agent-flows/squad-creator-system.md +1 -1
  102. package/docs/sinapse-workflows/README.md +2 -2
  103. package/docs/sinapse-workflows/brownfield-discovery-workflow.md +3 -3
  104. package/docs/sinapse-workflows/brownfield-service-workflow.md +3 -3
  105. package/docs/sinapse-workflows/greenfield-ui-workflow.md +2 -2
  106. package/docs/sinapse-workflows/spec-pipeline-workflow.md +3 -3
  107. package/docs/sinapse-workflows/story-development-cycle-workflow.md +3 -3
  108. package/docs/troubleshooting.md +1 -1
  109. package/package.json +7 -1
  110. package/scripts/calibrate-judge.js +134 -0
  111. package/scripts/eval-e2e.js +149 -0
  112. package/scripts/validate-all.js +8 -0
  113. package/scripts/validate-article-iv.js +289 -0
  114. package/scripts/validate-constitution.js +58 -0
  115. package/scripts/validate-evals.js +9 -2
  116. package/scripts/validate-story-acs.js +174 -0
  117. package/scripts/validate-tool-descriptions.js +128 -0
  118. package/scripts/wave-gate.js +207 -0
  119. package/squads/claude-code-mastery/agents/project-integrator.md +3 -10
  120. package/squads/claude-code-mastery/knowledge-base/context-window-optimization.md +2 -2
  121. package/squads/claude-code-mastery/knowledge-base/memory-systems-reference.md +1 -1
  122. package/squads/squad-copy/knowledge-base/ai-copy-human-loop-canon.md +1 -1
@@ -0,0 +1,159 @@
1
+ ---
2
+ paths:
3
+ - "package.json"
4
+ - "core-config.yaml"
5
+ - "docs/prd.md"
6
+ - "docs/project-brief.md"
7
+ - "docs/epics/**"
8
+ - "docs/stories/**"
9
+ - ".sinapse-ai/**"
10
+ ---
11
+
12
+ # Project Intelligence — Operational Reference
13
+
14
+ > Companion to `project-intelligence.md` (the always-on core law). This file carries
15
+ > the per-dimension signals, behaviors and examples and loads when you work on
16
+ > project-setup files.
17
+
18
+ ## Initial State Audit — signals per dimension
19
+
20
+ The audit collects existence + summary for each dimension. Each is a YES/NO/PARTIAL signal:
21
+
22
+ | # | Dimension | Signals checked |
23
+ |---|---|---|
24
+ | 1 | **Docs** | `docs/project-brief.md`, `docs/prd.md`, `docs/architecture*.md`, `docs/front-end-spec.md`, `docs/epics/`, `docs/stories/` |
25
+ | 2 | **Brand** | `brand/`, `brandbook*`, `assets/brand/`, `public/brand/`, `*logo*`, `BRAND.md`, `BRANDBOOK.md` |
26
+ | 3 | **Design system** | `tokens.json`, `design-tokens.json`, `tailwind.config.*` with custom theme, `components/ui/`, `DESIGN.md`, `DS.md` |
27
+ | 4 | **Components** | `components/`, `src/components/`, `app/`, `pages/` with `.tsx` / `.jsx` / `.vue` files |
28
+ | 5 | **Code** | `package.json`, `tsconfig.json`, `src/`, language-specific markers (`go.mod`, `pyproject.toml`, `Cargo.toml`) |
29
+ | 6 | **Tests** | `jest.config.*`, `vitest.config.*`, `__tests__/`, `tests/`, `*.test.*`, `*.spec.*` |
30
+ | 7 | **Infra** | `.github/workflows/`, `Dockerfile`, `docker-compose.*`, `vercel.json`, `.env.example`, CI configs |
31
+ | 8 | **Git history** | `.git/` exists, `git log` has commits, recent activity (last 30 days), branch count |
32
+
33
+ ### Maturity classification — criteria
34
+
35
+ | Level | Criteria | Recommended workflow |
36
+ |---|---|---|
37
+ | `EMPTY` | 0/8 signals; directory has only `.git/` or nothing | Full greenfield workflow (greenfield-handler.js) |
38
+ | `BOOTSTRAPPED` | Only Infra (7) present (CI, Dockerfile, .env.example) — no code yet | Skip Phase 0 Bootstrap, jump to Phase 1 Discovery |
39
+ | `PARTIAL` | Some Docs/Brand/DS but no Code, OR Code without Docs | **Continue from where it stopped** — never overwrite, merge with existing |
40
+ | `MATURE` | Code + Tests + (Docs OR Infra) — real working project | Brownfield Discovery (10-phase technical debt) before any change |
41
+ | `SINAPSE_MANAGED` | `.sinapse-ai/` exists with `core-config.yaml` | Resume SDC: read `docs/stories/`, find active story, continue |
42
+
43
+ ### Audit output (always presented to user before proceeding)
44
+
45
+ ```
46
+ Estado detectado: {maturity_level}
47
+ Já existe: {list of YES dimensions, e.g., "Brand (logo + brandbook), 1 PRD parcial em docs/, 5 componentes UI"}
48
+ Faltando: {list of NO dimensions critical to the user's request}
49
+ Recomendação: {workflow + concrete first step}
50
+ ```
51
+
52
+ ### Anti-shortcuts (FORBIDDEN)
53
+
54
+ - Skipping the audit because "it looks empty" — always run, always check all 8 dimensions
55
+ - Calling a directory "greenfield" because `package.json` is missing (could have brand assets, half-written PRD, design tokens — all without `package.json`)
56
+ - Calling a directory "brownfield" only because `package.json` exists (could be just bootstrapped infra with zero feature work — different workflow)
57
+ - Overwriting existing partial work without listing it to the user first
58
+ - Ignoring `docs/epics/` and `docs/stories/` from a previous session
59
+
60
+ ## Quick Tech Scan (BROWNFIELD, < 5 seconds)
61
+
62
+ When brownfield detected, silently check:
63
+
64
+ | Check | How | Sets Context |
65
+ |-------|-----|-------------|
66
+ | Framework | package.json dependencies | next/react/vue/angular/express |
67
+ | Language | tsconfig.json exists? | typescript/javascript |
68
+ | Database | supabase/, prisma/, .env | supabase/prisma/drizzle/none |
69
+ | Tests | jest.config, vitest.config | jest/vitest/none |
70
+ | CI | .github/workflows/ | github-actions/none |
71
+
72
+ Report to user in ONE line: "Projeto Next.js + TypeScript + Supabase detectado."
73
+
74
+ ## Behavior Adaptation by State
75
+
76
+ ### Greenfield Behavior
77
+
78
+ A bare `setup → story → implement` loop is **not enough** for greenfield. Large projects need upstream artifacts (project-brief, PRD, architecture, design spec) BEFORE stories. The greenfield branch sub-classifies the request and invokes the right workflow.
79
+
80
+ #### Step 1 — Sub-classify project_type
81
+
82
+ Detect intent and target from the user's first message (PT-BR or EN keywords):
83
+
84
+ | project_type | Triggers |
85
+ |---|---|
86
+ | `site` | site, website, institucional, página, web page |
87
+ | `lp` | landing page, LP, captura, sales page, squeeze page |
88
+ | `app` | app mobile, ios, android, react native, flutter |
89
+ | `platform` | plataforma, dashboard, admin panel, portal interno |
90
+ | `saas` | SaaS, software as a service, app web com login, multi-tenant |
91
+ | `api` | API, backend, REST, GraphQL, microservice |
92
+ | `service` | worker, cron job, ETL, integration, automation |
93
+
94
+ If detection is ambiguous, ask ONE clarifying question with these options as choices.
95
+
96
+ #### Step 2 — Map to required workflow
97
+
98
+ | project_type | Workflow file | Phase 1 agents |
99
+ |---|---|---|
100
+ | `site` / `lp` / `app` | `.sinapse-ai/development/workflows/greenfield-ui.yaml` | analyst → project-lead → ux-design-expert → architect → product-lead |
101
+ | `platform` / `saas` | `.sinapse-ai/development/workflows/greenfield-fullstack.yaml` | analyst → project-lead → ux-design-expert → architect → product-lead |
102
+ | `api` / `service` | `.sinapse-ai/development/workflows/greenfield-service.yaml` | analyst → project-lead → architect → product-lead |
103
+
104
+ Execution mechanism: `.sinapse-ai/core/orchestration/greenfield-handler.js` orchestrates Phase 0 (Bootstrap) → Phase 1 (Discovery 5-agent) → Phase 2 (Sharding) → Phase 3 (Dev Cycle).
105
+
106
+ #### Step 3 — Apply DS grounding (UI projects)
107
+
108
+ For `site` / `lp` / `app` / `platform` / `saas`, the DS Resolver runs before any visual output (see `~/.claude/rules/design-system-grounding.md`). Internal projects use the SINAPSE Brandbook; external clients use the client's brand or the high-quality fallback.
109
+
110
+ #### Step 4 — Forbidden shortcut
111
+
112
+ The greenfield branch NEVER skips to "implement" without:
113
+ - `docs/project-brief.md` validated
114
+ - `docs/prd.md` validated
115
+ - `docs/{front-end-spec | service-architecture}.md` validated
116
+ - `docs/architecture.md` (or `fullstack-architecture.md`) validated
117
+ - Stories in `docs/stories/` with status ≥ Ready
118
+
119
+ #### Auto-apply infra templates
120
+
121
+ Independent of project_type: PR template, CI, `.env.example`, CODEOWNERS, gitignore. These run during Phase 0 (Bootstrap) of the greenfield workflow.
122
+
123
+ ### Continuation Behavior (PARTIAL maturity)
124
+
125
+ When the audit detects partial work — e.g., a brandbook without a site, a PRD without code, components without architecture, an abandoned epic — the framework MUST treat it as a continuation, not a bootstrap.
126
+
127
+ - **Inventory first:** list every existing artifact and tell the user what's there
128
+ - **Identify gaps:** what's missing to ship the user's stated goal?
129
+ - **Propose continuation plan:** which greenfield phase resumes from here? which brownfield steps apply?
130
+ - **Merge, never replace:** existing brand/DS/components are inputs to the workflow, not throwaway scaffolding
131
+ - **Preserve epic + story state:** if `docs/epics/` or `docs/stories/` exist, resume their lifecycle (Draft → Ready → InProgress → Done)
132
+
133
+ Example: user says "criar um site" but the audit finds a `brand/` folder with logo + brandbook. The framework reports:
134
+ > Estado: `PARTIAL`. Já existe: brand assets (logo + brandbook). Faltando: PRD, design spec, código. Recomendação: greenfield-ui.yaml começando da Phase 1, usando seu brandbook como input.
135
+
136
+ ### Brownfield Behavior (MATURE maturity)
137
+ - Prioritize: understanding existing code before changing anything
138
+ - First action: read README, package.json, folder structure
139
+ - Workflow: quick scan → understand → then proceed with user request
140
+ - NEVER rewrite or refactor without understanding existing patterns
141
+ - Respect existing conventions (naming, folder structure, testing framework)
142
+ - For non-trivial changes: invoke Brownfield Discovery (10-phase technical debt assessment)
143
+
144
+ ### SINAPSE-Managed Behavior
145
+ - Check for active story in docs/stories/
146
+ - Resume where last session left off
147
+ - Follow SDC workflow (story → implement → QA → push)
148
+
149
+ ## Anti-Patterns (FORBIDDEN) — full list
150
+
151
+ - Asking user "is this a new or existing project?"
152
+ - Asking user to set `projectType` in config
153
+ - Starting implementation in brownfield without reading existing code first
154
+ - Applying greenfield templates to a brownfield project (overwriting existing CI/configs)
155
+ - Ignoring existing patterns and imposing SINAPSE conventions forcefully
156
+ - Treating greenfield as "setup → story → implement" without sub-classifying project_type
157
+ - Skipping `greenfield-handler.js` (or its workflow file) on a `site` / `lp` / `platform` / `saas` / `api` request
158
+ - Letting a domain orchestrator (design, brand) generate visual output before greenfield Phase 1 produces project-brief.md + prd.md + design spec
159
+ - Generating UI without DS grounding (see `~/.claude/rules/design-system-grounding.md`)
@@ -1,168 +1,50 @@
1
1
  # Project Intelligence — Auto-Detection (NON-NEGOTIABLE)
2
2
 
3
3
  > Applies to ALL agents, ALL sessions. Users NEVER configure project type manually.
4
+ > This is the always-on CORE (the law). The per-dimension signals, per-state
5
+ > behaviors (greenfield / continuation / brownfield / SINAPSE-managed) and examples
6
+ > live in `project-intelligence-reference.md` and load when you work on
7
+ > project-setup files.
4
8
 
5
- ## Initial State Audit (ALWAYS FIRST — runs before classification)
9
+ ## Initial State Audit (ALWAYS FIRST — NON-NEGOTIABLE preflight)
6
10
 
7
- > **This is a NON-NEGOTIABLE preflight step.** Without it, the framework treats every fresh-looking directory as "greenfield" and ignores partial work that's already there (existing brand, components, half-written PRD, abandoned epics, an in-progress design system, brownfield code with no `package.json`, etc.). The audit costs ~2 seconds and prevents the framework from overwriting or duplicating work.
11
+ Before classifying anything, silently audit **8 dimensions** (existence + summary):
12
+ **Docs · Brand · Design system · Components · Code · Tests · Infra · Git history.**
13
+ Never skip it "because it looks empty" — partial work (brand without code, a
14
+ half-written PRD, abandoned epics) is exactly what the audit protects.
8
15
 
9
- ### Eight dimensions to check (silent, parallel)
16
+ ## Maturity Classification (from the 8 signals)
10
17
 
11
- The audit collects existence + summary for each dimension. Each is a YES/NO/PARTIAL signal:
12
-
13
- | # | Dimension | Signals checked |
14
- |---|---|---|
15
- | 1 | **Docs** | `docs/project-brief.md`, `docs/prd.md`, `docs/architecture*.md`, `docs/front-end-spec.md`, `docs/epics/`, `docs/stories/` |
16
- | 2 | **Brand** | `brand/`, `brandbook*`, `assets/brand/`, `public/brand/`, `*logo*`, `BRAND.md`, `BRANDBOOK.md` |
17
- | 3 | **Design system** | `tokens.json`, `design-tokens.json`, `tailwind.config.*` with custom theme, `components/ui/`, `DESIGN.md`, `DS.md` |
18
- | 4 | **Components** | `components/`, `src/components/`, `app/`, `pages/` with `.tsx` / `.jsx` / `.vue` files |
19
- | 5 | **Code** | `package.json`, `tsconfig.json`, `src/`, language-specific markers (`go.mod`, `pyproject.toml`, `Cargo.toml`) |
20
- | 6 | **Tests** | `jest.config.*`, `vitest.config.*`, `__tests__/`, `tests/`, `*.test.*`, `*.spec.*` |
21
- | 7 | **Infra** | `.github/workflows/`, `Dockerfile`, `docker-compose.*`, `vercel.json`, `.env.example`, CI configs |
22
- | 8 | **Git history** | `.git/` exists, `git log` has commits, recent activity (last 30 days), branch count |
23
-
24
- ### Maturity classification
25
-
26
- Combining the 8 signals produces 1 of 5 maturity levels:
27
-
28
- | Level | Criteria | Recommended workflow |
18
+ | Level | Meaning | Path |
29
19
  |---|---|---|
30
- | `EMPTY` | 0/8 signals; directory has only `.git/` or nothing | Full greenfield workflow (greenfield-handler.js) |
31
- | `BOOTSTRAPPED` | Only Infra (7) present (CI, Dockerfile, .env.example) — no code yet | Skip Phase 0 Bootstrap, jump to Phase 1 Discovery |
32
- | `PARTIAL` | Some Docs/Brand/DS but no Code, OR Code without Docs | **Continue from where it stopped** — never overwrite, merge with existing |
33
- | `MATURE` | Code + Tests + (Docs OR Infra) — real working project | Brownfield Discovery (10-phase technical debt) before any change |
34
- | `SINAPSE_MANAGED` | `.sinapse-ai/` exists with `core-config.yaml` | Resume SDC: read `docs/stories/`, find active story, continue |
35
-
36
- ### Audit output (always presented to user before proceeding)
20
+ | `EMPTY` | 0/8 signals | Full greenfield workflow |
21
+ | `BOOTSTRAPPED` | only Infra present | Greenfield from Phase 1 (skip Bootstrap) |
22
+ | `PARTIAL` | some Docs/Brand/DS without Code, or Code without Docs | **Continue** — never overwrite, merge with existing |
23
+ | `MATURE` | Code + Tests + (Docs OR Infra) | Brownfield Discovery before any change |
24
+ | `SINAPSE_MANAGED` | `.sinapse-ai/` + `core-config.yaml` | Resume SDC from active story |
25
+
26
+ **Audit output is always presented to the user before proceeding** (one structured
27
+ PT-BR paragraph: estado detectado · já existe · faltando · recomendação). Only
28
+ after this report does the framework classify + invoke workflows.
29
+
30
+ ## The Law
31
+
32
+ - **Auto-detect, never ask** "is this a new or existing project?" or make the user
33
+ set `projectType`.
34
+ - **Brownfield:** understand existing code BEFORE changing anything; respect
35
+ existing conventions; never impose SINAPSE conventions forcefully.
36
+ - **Partial work is sacred:** inventory first, merge — never replace; preserve
37
+ epic/story state from previous sessions.
38
+ - **Greenfield is NOT "setup → story → implement":** sub-classify the project type
39
+ and run the required greenfield workflow with its upstream artifacts.
37
40
 
38
- After running the audit, the framework reports in ONE structured paragraph (PT-BR):
39
-
40
- ```
41
- Estado detectado: {maturity_level}
42
- Já existe: {list of YES dimensions, e.g., "Brand (logo + brandbook), 1 PRD parcial em docs/, 5 componentes UI"}
43
- Faltando: {list of NO dimensions critical to the user's request}
44
- Recomendação: {workflow + concrete first step}
45
- ```
46
-
47
- Only AFTER this report (and any user adjustment) does the framework proceed to classification + workflow invocation.
48
-
49
- ### Anti-shortcuts (FORBIDDEN)
41
+ ## Anti-Patterns (FORBIDDEN)
50
42
 
51
- - Skipping the audit because "it looks empty" always run, always check all 8 dimensions
52
- - Calling a directory "greenfield" because `package.json` is missing (could have brand assets, half-written PRD, design tokens — all without `package.json`)
53
- - Calling a directory "brownfield" only because `package.json` exists (could be just bootstrapped infra with zero feature work — different workflow)
43
+ - Skipping the audit; calling a directory greenfield/brownfield from one signal
54
44
  - Overwriting existing partial work without listing it to the user first
55
45
  - Ignoring `docs/epics/` and `docs/stories/` from a previous session
46
+ - Applying greenfield templates over an existing project's CI/configs
56
47
 
57
- ## Classification (after audit)
58
-
59
- Use the maturity level from the audit to pick the path:
60
-
61
- ```
62
- maturity == EMPTY → Full greenfield (see Greenfield Behavior below)
63
- maturity == BOOTSTRAPPED → Greenfield Phase 1 onward (skip Bootstrap)
64
- maturity == PARTIAL → Continuation Behavior (below)
65
- maturity == MATURE → Brownfield Behavior (below)
66
- maturity == SINAPSE_MANAGED → SINAPSE-Managed Behavior (below)
67
- ```
68
-
69
- ## Quick Tech Scan (BROWNFIELD, < 5 seconds)
70
-
71
- When brownfield detected, silently check:
72
-
73
- | Check | How | Sets Context |
74
- |-------|-----|-------------|
75
- | Framework | package.json dependencies | next/react/vue/angular/express |
76
- | Language | tsconfig.json exists? | typescript/javascript |
77
- | Database | supabase/, prisma/, .env | supabase/prisma/drizzle/none |
78
- | Tests | jest.config, vitest.config | jest/vitest/none |
79
- | CI | .github/workflows/ | github-actions/none |
80
-
81
- Report to user in ONE line: "Projeto Next.js + TypeScript + Supabase detectado."
82
-
83
- ## Behavior Adaptation by State
84
-
85
- ### Greenfield Behavior
86
-
87
- A bare `setup → story → implement` loop is **not enough** for greenfield. Large projects need upstream artifacts (project-brief, PRD, architecture, design spec) BEFORE stories. The greenfield branch sub-classifies the request and invokes the right workflow.
88
-
89
- #### Step 1 — Sub-classify project_type
90
-
91
- Detect intent and target from the user's first message (PT-BR or EN keywords):
92
-
93
- | project_type | Triggers |
94
- |---|---|
95
- | `site` | site, website, institucional, página, web page |
96
- | `lp` | landing page, LP, captura, sales page, squeeze page |
97
- | `app` | app mobile, ios, android, react native, flutter |
98
- | `platform` | plataforma, dashboard, admin panel, portal interno |
99
- | `saas` | SaaS, software as a service, app web com login, multi-tenant |
100
- | `api` | API, backend, REST, GraphQL, microservice |
101
- | `service` | worker, cron job, ETL, integration, automation |
102
-
103
- If detection is ambiguous, ask ONE clarifying question with these options as choices.
104
-
105
- #### Step 2 — Map to required workflow
106
-
107
- | project_type | Workflow file | Phase 1 agents |
108
- |---|---|---|
109
- | `site` / `lp` / `app` | `.sinapse-ai/development/workflows/greenfield-ui.yaml` | analyst → project-lead → ux-design-expert → architect → product-lead |
110
- | `platform` / `saas` | `.sinapse-ai/development/workflows/greenfield-fullstack.yaml` | analyst → project-lead → ux-design-expert → architect → product-lead |
111
- | `api` / `service` | `.sinapse-ai/development/workflows/greenfield-service.yaml` | analyst → project-lead → architect → product-lead |
112
-
113
- Execution mechanism: `.sinapse-ai/core/orchestration/greenfield-handler.js` orchestrates Phase 0 (Bootstrap) → Phase 1 (Discovery 5-agent) → Phase 2 (Sharding) → Phase 3 (Dev Cycle).
114
-
115
- #### Step 3 — Apply DS grounding (UI projects)
116
-
117
- For `site` / `lp` / `app` / `platform` / `saas`, the DS Resolver runs before any visual output (see `~/.claude/rules/design-system-grounding.md`). Internal projects use the SINAPSE Brandbook; external clients use the client's brand or the high-quality fallback.
118
-
119
- #### Step 4 — Forbidden shortcut
120
-
121
- The greenfield branch NEVER skips to "implement" without:
122
- - `docs/project-brief.md` validated
123
- - `docs/prd.md` validated
124
- - `docs/{front-end-spec | service-architecture}.md` validated
125
- - `docs/architecture.md` (or `fullstack-architecture.md`) validated
126
- - Stories in `docs/stories/` with status ≥ Ready
127
-
128
- #### Auto-apply infra templates
129
-
130
- Independent of project_type: PR template, CI, `.env.example`, CODEOWNERS, gitignore. These run during Phase 0 (Bootstrap) of the greenfield workflow.
131
-
132
- ### Continuation Behavior (PARTIAL maturity)
133
-
134
- When the audit detects partial work — e.g., a brandbook without a site, a PRD without code, components without architecture, an abandoned epic — the framework MUST treat it as a continuation, not a bootstrap.
135
-
136
- - **Inventory first:** list every existing artifact and tell the user what's there
137
- - **Identify gaps:** what's missing to ship the user's stated goal?
138
- - **Propose continuation plan:** which greenfield phase resumes from here? which brownfield steps apply?
139
- - **Merge, never replace:** existing brand/DS/components are inputs to the workflow, not throwaway scaffolding
140
- - **Preserve epic + story state:** if `docs/epics/` or `docs/stories/` exist, resume their lifecycle (Draft → Ready → InProgress → Done)
141
-
142
- Example: user says "criar um site" but the audit finds a `brand/` folder with logo + brandbook. The framework reports:
143
- > Estado: `PARTIAL`. Já existe: brand assets (logo + brandbook). Faltando: PRD, design spec, código. Recomendação: greenfield-ui.yaml começando da Phase 1, usando seu brandbook como input.
144
-
145
- ### Brownfield Behavior (MATURE maturity)
146
- - Prioritize: understanding existing code before changing anything
147
- - First action: read README, package.json, folder structure
148
- - Workflow: quick scan → understand → then proceed with user request
149
- - NEVER rewrite or refactor without understanding existing patterns
150
- - Respect existing conventions (naming, folder structure, testing framework)
151
- - For non-trivial changes: invoke Brownfield Discovery (10-phase technical debt assessment)
152
-
153
- ### SINAPSE-Managed Behavior
154
- - Check for active story in docs/stories/
155
- - Resume where last session left off
156
- - Follow SDC workflow (story → implement → QA → push)
157
-
158
- ## Anti-Patterns (FORBIDDEN)
159
-
160
- - Asking user "is this a new or existing project?"
161
- - Asking user to set `projectType` in config
162
- - Starting implementation in brownfield without reading existing code first
163
- - Applying greenfield templates to a brownfield project (overwriting existing CI/configs)
164
- - Ignoring existing patterns and imposing SINAPSE conventions forcefully
165
- - Treating greenfield as "setup → story → implement" without sub-classifying project_type
166
- - Skipping `greenfield-handler.js` (or its workflow file) on a `site` / `lp` / `platform` / `saas` / `api` request
167
- - Letting a domain orchestrator (design, brand) generate visual output before greenfield Phase 1 produces project-brief.md + prd.md + design spec
168
- - Generating UI without DS grounding (see `~/.claude/rules/design-system-grounding.md`)
48
+ > **Detail (loads on setup work):** signals checked per dimension, quick tech scan
49
+ > table, per-state behaviors (greenfield steps 1-4, continuation, brownfield,
50
+ > SINAPSE-managed), examples see `project-intelligence-reference.md`.
@@ -0,0 +1,163 @@
1
+ ---
2
+ paths:
3
+ - "**/*"
4
+ ---
5
+
6
+ # Safe Collaboration — Operational Reference
7
+
8
+ > Companion to `safe-collaboration.md` (the always-on core law). This file carries the
9
+ > operational detail and loads when you work on files — i.e., when a commit/push is coming.
10
+
11
+ ## Automatic Safety Protocol (every session)
12
+
13
+ ### 1. Session Start — Auto-Sync (MANDATORY)
14
+
15
+ Before ANY work begins in a session, the agent MUST:
16
+
17
+ ```
18
+ 1. git fetch origin
19
+ 2. Check if local main is behind origin/main
20
+ 3. If behind → git pull origin main (fast-forward only)
21
+ 4. If diverged → STOP, inform user, resolve safely
22
+ 5. Create work branch if not already on one
23
+ 6. Verify branch protection is active on main
24
+ ```
25
+
26
+ ### 2. Branch Naming — Automatic
27
+
28
+ The agent creates the branch. The user never needs to name it.
29
+
30
+ | Who | Branch Pattern | Example |
31
+ |-----|---------------|---------|
32
+ | Caio's session | `caio/{type}/{short-desc}` | `caio/feat/installer-ux` |
33
+ | Matheus's session | `soier/{type}/{short-desc}` | `soier/fix/agent-config` |
34
+ | AI agent | `agent/{squad}/{agent-id}/{type}-{desc}` | `agent/core/pixel/feat-dark-mode` |
35
+ | Unknown | `dev/{type}/{short-desc}` | `dev/feat/new-feature` |
36
+
37
+ Types: `feat`, `fix`, `refactor`, `docs`, `chore`, `test`
38
+
39
+ **User Detection (priority order):**
40
+ 1. `git config user.name` -> lookup in mapping table (case-insensitive)
41
+ 2. `$USERNAME` (Windows) or `$USER` (Unix) -> lookup in mapping table
42
+ 3. Fallback: `dev/`
43
+
44
+ **Mapping Table:**
45
+
46
+ | git config / env var contains | Branch prefix |
47
+ |-------------------------------|---------------|
48
+ | caio (case-insensitive) | `caio/` |
49
+ | matheus OR soier | `soier/` |
50
+ | (anything else) | `dev/` |
51
+
52
+ ### 3. Before Every Commit — Safety Checks (MANDATORY)
53
+
54
+ ```
55
+ 1. git status — verify only expected files changed
56
+ 2. git diff --stat — show summary to user
57
+ 3. SECRET SCAN — reject if ANY of these are staged:
58
+ - .env files (except .env.example with placeholders)
59
+ - Files containing API keys, tokens, passwords in plaintext
60
+ - Private keys (RSA, SSH, PGP)
61
+ - Database connection strings with credentials
62
+ - Webhook URLs with embedded tokens
63
+ 4. Commit with conventional message + story reference
64
+ ```
65
+
66
+ **If secrets detected → BLOCK commit, warn user, remove file from staging.**
67
+
68
+ ### 4. Before Push — Conflict Prevention (MANDATORY)
69
+
70
+ ```
71
+ 1. git fetch origin main
72
+ 2. git merge origin/main --no-edit (into feature branch)
73
+ 3. If conflicts → AGENT resolves them (not the user)
74
+ - For simple conflicts (whitespace, imports): auto-resolve
75
+ - For complex conflicts: show both versions, ask user which to keep
76
+ 4. Run tests after merge
77
+ 5. Only then: git push origin {branch}
78
+ ```
79
+
80
+ ### 5. PR Creation — Automatic
81
+
82
+ After push, the agent MUST:
83
+ ```
84
+ 1. gh pr create with clear title and description (uses PR template)
85
+ 2. Auto-assign reviewer based on who is pushing:
86
+ - Maintainer's PR → can merge directly (admin bypass)
87
+ - Collaborator's PR → assign maintainer as reviewer (required approval)
88
+ 3. Inform the user: "PR criado"
89
+ ```
90
+
91
+ ### 6. After PR Merge — Cleanup
92
+
93
+ ```
94
+ 1. git checkout main
95
+ 2. git pull origin main
96
+ 3. Delete local feature branch
97
+ 4. Inform user: "Branch limpa, pronto para proximo trabalho"
98
+ ```
99
+
100
+ ## Conflict Resolution Rules
101
+
102
+ | Scenario | Agent Action |
103
+ |----------|-------------|
104
+ | Same file, different sections | Auto-merge (git handles) |
105
+ | Same file, same lines | Show diff, ask user which version to keep |
106
+ | Package.json version conflict | Always take higher version |
107
+ | Generated files (lock, build) | Regenerate after merge |
108
+ | Story/doc files | Merge both contents (additive) |
109
+
110
+ **NEVER use `--force` push. Use `--force-with-lease` ONLY as last resort with user confirmation.**
111
+
112
+ ## Communication Protocol
113
+
114
+ When working in parallel, agents MUST inform users about:
115
+
116
+ | Event | Message |
117
+ |-------|---------|
118
+ | Session start | "Atualizando seu projeto... X mudancas novas do {outro}." |
119
+ | Branch created | "Criada area segura para trabalhar: `caio/feat/xxx`" |
120
+ | Pre-push conflict found | "{outro} mudou {file}. Resolvendo automaticamente..." |
121
+ | Secret detected | "BLOQUEADO: encontrei {tipo} em {file}. Removendo antes de salvar." |
122
+ | PR created | "Enviei para revisao. {outro} precisa aprovar no GitHub." |
123
+ | PR merged by other | "{outro} aprovou suas mudancas. Atualizando seu projeto..." |
124
+
125
+ ## Destructive Operations — BLOCKED BY DEFAULT
126
+
127
+ These operations require EXPLICIT user confirmation before execution:
128
+
129
+ | Operation | Risk | Confirmation Required |
130
+ |-----------|------|----------------------|
131
+ | `git push --force` / `--force-with-lease` | Overwrite remote history | YES + explain risk |
132
+ | `git reset --hard` | Destroy local uncommitted work | YES + explain risk |
133
+ | `git branch -D` | Delete branch with unmerged commits | YES + explain risk |
134
+ | `git clean -f` | Delete untracked files permanently | YES + explain risk |
135
+ | Delete remote branch | Affects other collaborators | YES |
136
+
137
+ ## For Projects Using SINAPSE (not just sinapse-ai repo)
138
+
139
+ These same rules apply to ANY project where SINAPSE agents operate:
140
+ 1. Auto-branch before work
141
+ 2. Auto-sync before starting
142
+ 3. Secret scan before every commit
143
+ 4. Auto-resolve simple conflicts
144
+ 5. Auto-PR with reviewer assignment
145
+ 6. User never touches git directly
146
+
147
+ ## User Cheat Sheet (the ONLY things users do manually)
148
+
149
+ ```
150
+ ! git push origin main ← when agent can't push (hook block)
151
+ ! npm publish ← when publishing to NPM
152
+ ```
153
+
154
+ Everything else: **ask the agent to do it.**
155
+
156
+ ## PR Quality Standards
157
+
158
+ | Metric | Target | Warning |
159
+ |--------|--------|---------|
160
+ | PR size | < 200 lines | > 400 lines |
161
+ | PR cycle time | < 1 day | > 3 days |
162
+
163
+ **DORA Targets (Elite):** Deploy multiple/day, lead time < 1 day, failure rate < 4%, recovery < 1 hour.