specdo 1.0.2

package/dist/protocols/review-to-solid.js

@@ -0,0 +1,309 @@
+/**
+ * Review-To-Solid Protocol
+ *
+ * 来源: content/skills/review-to-solid/SKILL.md (463 行)
+ *
+ * 该协议是方法论型工作流，包含 DomainModule 无法表达的元素：
+ *   1. 7 步闭环工作流 + 步骤 4-5-6 循环回退（修复 → 再审 → 继续修复）
+ *   2. P1/P2/P3 严重度分级
+ *   3. 4 段强制输出契约（Final Verdict / Findings / Fix Summary / Delta Table）
+ *   4. 6 类工件分派（product / architecture / readme / pr / prompt-agent-skill / openspec）
+ *   5. 停止条件与禁止行为
+ *
+ * 设计决策（来自 Phase 1b POC）:
+ *   review-to-solid 不内嵌进 qualityDomain；保留为独立 Protocol，由 Phase 2 `apply` 命令
+ *   按需注入到 apply-brief.md 的 "Execution Discipline" 段。
+ *
+ * POC 决策证据表:
+ * | 证据 | DomainModule 是否可表达 | Protocol 保留方式 | Phase 1b 结论 |
+ * |------|-------------------------|-------------------|---------------|
+ * | 三层审查: 单工件 / 跨工件 / 生产级充分性 | 否。DomainModule 只有 stage 列表，不能表达审查顺序和层级覆盖要求 | workflow.step 3 actions | 独立 Protocol 保留执行顺序 |
+ * | P1/P2/P3 严重度影响是否继续修复 | 否。领域 checklist 不能驱动停止条件 | severityLevels + stopConditions | 独立 Protocol 可表达收敛门槛 |
+ * | 修复循环 review → fix → re-review → iterate | 否。DomainModule 无 loopBackTo 语义 | workflow.step 6 loopBackTo: [4, 5] | 独立 Protocol 保留闭环 |
+ * | Delta Table 是最终输出契约，不是领域知识 | 否。压进 DomainModule 会变成普通 checklist，无法保证输出段和列 | outputContract.Initial-vs-Final Delta Table | 独立 Protocol 满足 Phase 1b POC |
+ *
+ * 与 quality 域的关系:
+ *   quality 域提供"代码评审 / 调试 / 测试 / 性能 / 验证"的 checklist 知识；
+ *   review-to-solid 提供"如何把工件硬化到生产级"的执行纪律。
+ *   两者是知识 vs 流程，互不替代。
+ */
+export const reviewToSolidProtocol = {
+    name: 'review-to-solid',
+    description: 'Closed-loop hardening protocol: review → fix → re-review → converge → produce initial-vs-final delta table for production-grade artifacts.',
+    goal: 'Move an important artifact from "looks finished" to a state where the objective is clear, scope is explicit, ' +
+        'constraints are complete, risks are visible, execution is realistic, verification is concrete, and the artifact ' +
+        'can support production-grade delivery — or clearly explains why it cannot. The default target is production-grade ' +
+        'delivery, not a minimal implementation, demo, or happy-path-only proposal.',
+    triggerPhrases: [
+        'use review-to-solid to converge this plan',
+        'run review-to-solid on this artifact',
+        'review, fix, and re-review this until there are no risks',
+        'converge this document set and give me a comparison table',
+        'review, fix, re-review, and continue until there are no high-risk issues',
+        'harden this plan to production grade',
+        'review until there are no obvious p1/p2 risks',
+        'do not just suggest improvements; fix it',
+        'end with a table that shows what changed',
+    ],
+    suppressionPhrases: [
+        'polish wording',
+        'copy-edit',
+        'copy edit',
+        'review-only',
+        'review only',
+        'quick take a look',
+        'take a quick look',
+        'light review',
+        'single-line typo',
+        'formatting fix',
+    ],
+    doNotUseWhen: [
+        'User asks for a quick "take a look" or light review — use code-reviewer or documentation-writer instead',
+        'User asks to "polish wording" — that is a copy-edit task, not a hardening task',
+        'User explicitly asks for review-only without fixes — honor that scope',
+        'Task is a single-line typo / formatting fix — closed-loop overhead is not justified',
+        'Multi-file work without a hardening or convergence intent — being large does not by itself trigger this protocol',
+    ],
+    workflow: [
+        {
+            step: 1,
+            title: 'Establish the Working Boundary',
+            goal: 'Identify the target artifact, its type, current location, and the delivery standard the user expects ' +
+                'before doing anything else. Wrong-target review wastes the entire loop.',
+            actions: [
+                'Identify what the target artifact is and where the current version lives',
+                'Classify artifact type: product-plan / architecture / readme / pr / prompt-agent-skill / openspec / generic-doc',
+                'Determine the delivery standard expected by the user (production-grade by default unless explicitly downgraded)',
+                'Note whether the task involves code, docs, config, release, product, or business decisions',
+                'Surface critical ambiguities that must be clarified before review can be useful',
+            ],
+            exitCriteria: [
+                'Target artifact path / identity is unambiguous',
+                'Artifact type is classified for downstream check selection',
+                'Delivery standard is recorded (production / prototype / demo)',
+            ],
+        },
+        {
+            step: 2,
+            title: 'Preserve the Initial Baseline',
+            goal: 'Snapshot the initial state before any edits so that the final delta table can faithfully describe ' +
+                'what changed. Without a baseline, the closing comparison is unverifiable.',
+            actions: [
+                'Read the current files in scope and capture their state',
+                'Check current git diff and uncommitted changes',
+                'Record first-pass observations as a baseline note (do not edit yet)',
+                'Copy a concise baseline summary into working notes for use in the final delta table',
+            ],
+            exitCriteria: [
+                'Baseline summary is recorded and survives subsequent fixes',
+                'Initial issues are listed before any edit is applied',
+            ],
+        },
+        {
+            step: 3,
+            title: 'First Review — Three Layers',
+            goal: 'Review must come before any edit. Cover three orthogonal layers so that single-artifact polish does not ' +
+                'mask cross-artifact contradictions or production-grade gaps.',
+            actions: [
+                'Layer 1 — Single-artifact quality: objective clarity, scope/non-goals, constraints, risks/edge cases, verification',
+                'Layer 2 — Cross-artifact consistency: aligned goals, propagated decisions, tasks/verification follow design, no terminology drift',
+                'Layer 3 — Production-grade sufficiency: not just "possible to build" but safe to run and maintain; performance, capacity, scalability, observability, security, ops detail',
+                'Order findings by severity (P1 / P2 / P3); say "No findings" explicitly if applicable',
+                'Do not disguise vague suggestions as P1/P2 — severity reflects probability and blast radius',
+            ],
+            exitCriteria: [
+                'Findings list exists with explicit severity per item',
+                'Each finding cites a concrete location (file / section / claim) — not vague impression',
+            ],
+        },
+        {
+            step: 4,
+            title: 'Fix Directly (with Decision-Point Carve-Outs)',
+            goal: 'Apply the smallest defensible fix per finding, except for decisions that the user must own. ' +
+                'Reviewing without fixing is a downgrade unless the user asked for review-only.',
+            actions: [
+                'Fix issues that are factual / structural / verification-related directly (vague verification, missing failure paths, unactionable tasks, doc-vs-behavior drift)',
+                'For decision-heavy items (product positioning / pricing / arch direction / legal-finance-security / external facts): surface options + risk notes + decision points instead of unilaterally finalizing',
+                'Do not expand scope beyond what the user requested',
+                'Do not invent test results, performance data, or external validation',
+                'Do not delete valid existing user content',
+                'Do not sacrifice accuracy for polish',
+            ],
+            exitCriteria: [
+                'Each fixed item is paired with the original finding it addresses',
+                'Decision-only items are explicitly flagged as awaiting user input rather than silently dropped',
+            ],
+        },
+        {
+            step: 5,
+            title: 'Re-Review After Fixes',
+            goal: 'Verify that fixes actually resolved the original findings without introducing new contradictions. ' +
+                'Skipping re-review is the most common way the loop silently fails.',
+            actions: [
+                'Confirm each previous finding is now resolved or explicitly downgraded with rationale',
+                'Check whether the fix introduced new contradictions across files / sections',
+                'Re-run the three-layer scan focused on changed areas plus their dependents',
+                'Update the running findings list — do not silently drop unresolved items',
+            ],
+            exitCriteria: [
+                'Every original P1/P2 finding has a resolution status: closed / partially-closed / blocked',
+                'New findings discovered during re-review are added to the list, not ignored',
+            ],
+        },
+        {
+            step: 6,
+            title: 'Iterate Until Convergence',
+            goal: 'Loop fix → re-review until stop conditions are met. Multiple rounds are allowed and expected; ' +
+                'one fix pass is rarely enough for a production-grade artifact.',
+            actions: [
+                'If obvious P1/P2 issues remain, return to step 4 with the updated findings list',
+                'Each round must make concrete progress — no "we will revisit this" hand-waving',
+                'If repeated rounds reveal a problem that cannot be resolved with current information, convert it into a documented blocker / open question / user decision rather than looping forever',
+            ],
+            exitCriteria: [
+                'At least one stop condition (see protocol.stopConditions) is satisfied',
+                'Remaining issues are either low-risk presentation items or explicitly-documented blockers',
+            ],
+            loopBackTo: [4, 5],
+        },
+        {
+            step: 7,
+            title: 'Final Output — Verdict + Findings + Fix Summary + Delta Table',
+            goal: 'Close the loop with a structured output that lets the user verify convergence without re-reading the entire artifact. ' +
+                'Missing the delta table means the protocol did not actually run.',
+            actions: [
+                'Write Final Verdict: converged? blocking risk? suitable for next step (implementation / release / signoff)?',
+                'List Final Findings by severity OR write "No remaining high-risk findings"',
+                'Write Fix Summary: what was actually changed this round (do not turn it into a changelog)',
+                'Render Initial-vs-Final Delta Table with the required columns',
+                'If blockers remain, append a Blockers / Open Questions section after the delta table',
+            ],
+            exitCriteria: [
+                'All four required output sections are present',
+                'Delta table only contains rows that reflect real changes — no padded artificial rows',
+            ],
+        },
+    ],
+    severityLevels: {
+        P1: 'Would cause wrong implementation, wrong decisions, wrong acceptance, launch risk, or security risk. ' +
+            'Must be resolved or explicitly converted to a blocker before stopping.',
+        P2: 'Would create likely rework, scope drift, missed critical paths, verification gaps, or maintenance risk. ' +
+            'Must be resolved or explicitly downgraded with rationale.',
+        P3: 'Weak wording, average structure, readability issues, or low-risk maintainability problems. ' +
+            'May remain after convergence if higher-severity items are clean.',
+    },
+    outputContract: [
+        {
+            name: 'Final Verdict',
+            required: true,
+            format: 'plain text, 2–4 short bullets',
+            description: 'State concisely: whether the current version is basically converged, whether any blocking risk remains, ' +
+                'and whether it is suitable for the next step (implementation / release / review / open source / launch / signoff).',
+        },
+        {
+            name: 'Final Findings',
+            required: true,
+            format: 'severity-grouped list (P1 / P2 / P3) OR the literal string "No remaining high-risk findings"',
+            description: 'List remaining findings ordered by severity. If no high-risk issues remain, write "No remaining high-risk findings" explicitly. ' +
+                'Do not pad with vague suggestions promoted to P1/P2.',
+        },
+        {
+            name: 'Fix Summary',
+            required: true,
+            format: 'short bullet list of behavior-level changes',
+            description: 'Summarize what was actually fixed in this round. Behavior-level descriptions, not file-level changelog. ' +
+                'One line per coherent fix.',
+        },
+        {
+            name: 'Initial-vs-Final Delta Table',
+            required: true,
+            format: 'markdown table with exactly the columns: | Area | Initial Issue | Adjustment | Current Status | Impact |',
+            description: 'Compare initial baseline (from step 2) to current state. Area examples: goal alignment, scope boundaries, ' +
+                'design completeness, task structure, verification design, failure handling, acceptance criteria, executability, ' +
+                'performance and capacity, scalability, security and permissions, production operations, long-term maintainability, ' +
+                'user value, business viability. Only include rows for areas that actually changed — do not pad.',
+        },
+        {
+            name: 'Blockers / Open Questions',
+            required: false,
+            format: 'numbered list, each item linking back to the finding it derives from',
+            description: 'Only present when issues remain that need user input or external facts. Each blocker must state: what is unknown, ' +
+                'what answer would unblock progress, and which finding it ties back to.',
+        },
+    ],
+    stopConditions: [
+        'No obvious P1 or P2 risks remain in the artifact',
+        'All remaining issues are low-risk wording or presentation improvements (P3 only)',
+        'A critical ambiguity, missing input, or user decision still blocks progress, AND the blocker has been clearly documented in the output',
+    ],
+    prohibitions: [
+        'Do not only review without fixing unless the user explicitly asked for review-only',
+        'Do not fix one file while ignoring consistency with related artifacts',
+        'Do not declare completion without re-review (skipping step 5/6)',
+        'Do not say "this is fine" while obvious P1/P2 risks remain',
+        'Do not omit the final Initial-vs-Final Delta Table',
+        'Do not skip goal creation or equivalent goal-driven thinking for complex / multi-file / high-risk hardening',
+        'Do not wrap up without a clear "initial vs current" comparison',
+        'Do not default to "let us do a minimal version first" unless the user explicitly accepts a prototype or demo',
+        'Do not restrict this protocol to OpenSpec / SuperSpec scenarios — it applies to any production-grade artifact',
+        'Do not let this protocol take over normal one-pass review, code review, or light editing tasks',
+        'Do not make unverifiable decisions on behalf of the user in strategic / legal / financial / security / compliance artifacts',
+        'Do not invent test results, performance numbers, or external validation evidence',
+        'Do not delete valid existing user content under the guise of "cleanup"',
+        'Do not pad the delta table with artificial rows that do not reflect real changes',
+    ],
+    artifactChecklists: {
+        'product-plan': [
+            'Users, scenarios, and pain points are concrete — not generic personas',
+            'Revenue model, cost structure, and risk assumptions are explicit',
+            'Key metrics, validation experiments, and failure criteria are explicit',
+            'Wishes are not presented as facts',
+            'Competition, channels, conversion, retention, or commercial loop are not silently missing',
+        ],
+        architecture: [
+            'Architecture boundaries, module responsibilities, and data flow are clear',
+            'Key technical choices have real trade-off reasoning (rejected alternatives + why)',
+            'Failure handling, degradation, rollback, and observability are covered',
+            'Security, permissions, and data consistency are explicit',
+            'Tasks and verification can actually drive engineering implementation, not just describe intent',
+        ],
+        readme: [
+            'A new user can tell what the project is in under 30 seconds',
+            'The minimum success path appears early',
+            'Command side effects, outputs, and failure handling are explained',
+            'Install / upgrade / migration guidance does not contradict itself',
+            'Text contains no over-marketing or vague AI-flavored filler',
+        ],
+        pr: [
+            'Change scope is clear — what is in vs out of this PR',
+            'Risk, rollback, compatibility, and validation evidence are explicit',
+            'Executed vs unexecuted checks are clearly separated — no implied success',
+            'User impact, data impact, or operational impact is not silently missing',
+        ],
+        'prompt-agent-skill': [
+            'Trigger conditions are clear — when does this fire and when does it not',
+            'Inputs, outputs, boundaries, and prohibitions are explicit',
+            'Does not encourage overreach, fake verification, or false promises',
+            'Can work independently downstream — not bound to a specific session',
+            'Not over-bound to one project or one filesystem path',
+        ],
+        openspec: [
+            'proposal.md clearly explains purpose, scope, non-goals, and risk',
+            'design.md explains implementation path, boundaries, failure paths, and constraints',
+            'tasks.md satisfies the current system\'s execution-ready contract, including stable task refs such as 1.1 / 2.1 where decomposition is needed',
+            'specs/<capability>/spec.md files cover critical behavior, constraints, and acceptance semantics',
+            'Proposal goals are carried through by design / specs / tasks consistently',
+            'Task verification requirements align with specs — no contradictions',
+        ],
+    },
+    generalConstraints: [
+        'Default to Chinese when responding to the end user',
+        'Put findings before summary',
+        'Do not tell a story',
+        'Do not add hollow encouragement',
+        'Do not treat "we can revisit this later" as completion',
+        'For document tasks, prioritize contract clarity, consistency, executability, and verifiability',
+        'Explicitly reject any attempt to downgrade a production-grade goal into a demo, minimal implementation, or basic sample',
+    ],
+};
+//# sourceMappingURL=review-to-solid.js.map

package/dist/protocols/review-to-solid.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"review-to-solid.js","sourceRoot":"","sources":["../../src/protocols/review-to-solid.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAIH,MAAM,CAAC,MAAM,qBAAqB,GAAa;IAC7C,IAAI,EAAE,iBAAiB;IACvB,WAAW,EACT,4IAA4I;IAE9I,IAAI,EACF,+GAA+G;QAC/G,kHAAkH;QAClH,oHAAoH;QACpH,4EAA4E;IAE9E,cAAc,EAAE;QACd,2CAA2C;QAC3C,sCAAsC;QACtC,0DAA0D;QAC1D,2DAA2D;QAC3D,0EAA0E;QAC1E,sCAAsC;QACtC,+CAA+C;QAC/C,0CAA0C;QAC1C,0CAA0C;KAC3C;IAED,kBAAkB,EAAE;QAClB,gBAAgB;QAChB,WAAW;QACX,WAAW;QACX,aAAa;QACb,aAAa;QACb,mBAAmB;QACnB,mBAAmB;QACnB,cAAc;QACd,kBAAkB;QAClB,gBAAgB;KACjB;IAED,YAAY,EAAE;QACZ,yGAAyG;QACzG,gFAAgF;QAChF,uEAAuE;QACvE,qFAAqF;QACrF,kHAAkH;KACnH;IAED,QAAQ,EAAE;QACR;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,gCAAgC;YACvC,IAAI,EACF,uGAAuG;gBACvG,yEAAyE;YAC3E,OAAO,EAAE;gBACP,0EAA0E;gBAC1E,iHAAiH;gBACjH,iHAAiH;gBACjH,4FAA4F;gBAC5F,iFAAiF;aAClF;YACD,YAAY,EAAE;gBACZ,gDAAgD;gBAChD,4DAA4D;gBAC5D,+DAA+D;aAChE;SACF;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,+BAA+B;YACtC,IAAI,EACF,oGAAoG;gBACpG,2EAA2E;YAC7E,OAAO,EAAE;gBACP,yDAAyD;gBACzD,gDAAgD;gBAChD,qEAAqE;gBACrE,qFAAqF;aACtF;YACD,YAAY,EAAE;gBACZ,4DAA4D;gBAC5D,sDAAsD;aACvD;SACF;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,6BAA6B;YACpC,IAAI,EACF,0GAA0G;gBAC1G,8DAA8D;YAChE,OAAO,EAAE;gBACP,oHAAoH;gBACpH,mIAAmI;gBACnI,4KAA4K;gBAC5K,uFAAuF;gBACvF,6FAA6F;aAC9F;YACD,YAAY,EAAE;gBACZ,sDAAsD;gBACtD,wFAAwF;aACzF;SACF;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,+CAA+C;YACtD,IAAI,EACF,8FAA8F;gBAC9F,gFAAgF;YAClF,OAAO,EAAE;gBACP,iKAAiK;gBACjK,wMAAwM;gBACxM,oDAAoD;gBACpD,sEAAsE;gBACtE,2CAA2C;gBAC3C,sCAAsC;aACvC;YACD,YAAY,EAAE;gBACZ,kEAAkE;gBAClE,gGAAgG;aACjG;SACF;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,uBAAuB;YAC9B,IAAI,EACF,oGAAoG;gBACpG,oEAAoE;YACtE,OAAO,EAAE;gBACP,uFAAuF;gBACvF,6EAA6E;gBAC7E,4EAA4E;gBAC5E,0EAA0E;aAC3E;YACD,YAAY,EAAE;gBACZ,2FAA2F;gBAC3F,6EAA6E;aAC9E;SACF;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,2BAA2B;YAClC,IAAI,EACF,gGAAgG;gBAChG,gEAAgE;YAClE,OAAO,EAAE;gBACP,iFAAiF;gBACjF,gFAAgF;gBAChF,wLAAwL;aACzL;YACD,YAAY,EAAE;gBACZ,wEAAwE;gBACxE,2FAA2F;aAC5F;YACD,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;SACnB;QACD;YACE,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,+DAA+D;YACtE,IAAI,EACF,wHAAwH;gBACxH,kEAAkE;YACpE,OAAO,EAAE;gBACP,6GAA6G;gBAC7G,4EAA4E;gBAC5E,2FAA2F;gBAC3F,+DAA+D;gBAC/D,sFAAsF;aACvF;YACD,YAAY,EAAE;gBACZ,+CAA+C;gBAC/C,sFAAsF;aACvF;SACF;KACF;IAED,cAAc,EAAE;QACd,EAAE,EACA,sGAAsG;YACtG,wEAAwE;QAC1E,EAAE,EACA,0GAA0G;YAC1G,2DAA2D;QAC7D,EAAE,EACA,6FAA6F;YAC7F,kEAAkE;KACrE;IAED,cAAc,EAAE;QACd;YACE,IAAI,EAAE,eAAe;YACrB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,+BAA+B;YACvC,WAAW,EACT,0GAA0G;gBAC1G,oHAAoH;SACvH;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,8FAA8F;YACtG,WAAW,EACT,kIAAkI;gBAClI,sDAAsD;SACzD;QACD;YACE,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,6CAA6C;YACrD,WAAW,EACT,0GAA0G;gBAC1G,4BAA4B;SAC/B;QACD;YACE,IAAI,EAAE,8BAA8B;YACpC,QAAQ,EAAE,IAAI;YACd,MAAM,EACJ,0GAA0G;YAC5G,WAAW,EACT,4GAA4G;gBAC5G,kHAAkH;gBAClH,qHAAqH;gBACrH,iGAAiG;SACpG;QACD;YACE,IAAI,EAAE,2BAA2B;YACjC,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,sEAAsE;YAC9E,WAAW,EACT,oHAAoH;gBACpH,wEAAwE;SAC3E;KACF;IAED,cAAc,EAAE;QACd,kDAAkD;QAClD,kFAAkF;QAClF,wIAAwI;KACzI;IAED,YAAY,EAAE;QACZ,oFAAoF;QACpF,uEAAuE;QACvE,iEAAiE;QACjE,4DAA4D;QAC5D,oDAAoD;QACpD,6GAA6G;QAC7G,gEAAgE;QAChE,8GAA8G;QAC9G,+GAA+G;QAC/G,gGAAgG;QAChG,6HAA6H;QAC7H,kFAAkF;QAClF,wEAAwE;QACxE,kFAAkF;KACnF;IAED,kBAAkB,EAAE;QAClB,cAAc,EAAE;YACd,uEAAuE;YACvE,kEAAkE;YAClE,wEAAwE;YACxE,mCAAmC;YACnC,2FAA2F;SAC5F;QACD,YAAY,EAAE;YACZ,2EAA2E;YAC3E,mFAAmF;YACnF,wEAAwE;YACxE,0DAA0D;YAC1D,gGAAgG;SACjG;QACD,MAAM,EAAE;YACN,6DAA6D;YAC7D,wCAAwC;YACxC,mEAAmE;YACnE,mEAAmE;YACnE,6DAA6D;SAC9D;QACD,EAAE,EAAE;YACF,sDAAsD;YACtD,qEAAqE;YACrE,0EAA0E;YAC1E,yEAAyE;SAC1E;QACD,oBAAoB,EAAE;YACpB,yEAAyE;YACzE,4DAA4D;YAC5D,oEAAoE;YACpE,qEAAqE;YACrE,sDAAsD;SACvD;QACD,QAAQ,EAAE;YACR,kEAAkE;YAClE,oFAAoF;YACpF,+IAA+I;YAC/I,iGAAiG;YACjG,2EAA2E;YAC3E,qEAAqE;SACtE;KACF;IAED,kBAAkB,EAAE;QAClB,oDAAoD;QACpD,6BAA6B;QAC7B,qBAAqB;QACrB,iCAAiC;QACjC,wDAAwD;QACxD,gGAAgG;QAChG,yHAAyH;KAC1H;CACF,CAAC"}

package/dist/utils/prompt.d.ts

@@ -0,0 +1,37 @@
+/**
+ * prompt — 轻量交互工具（基于 Node 内置 readline）
+ *
+ * 设计目标：
+ *   1. specdo 砍掉 @inquirer/core / @inquirer/prompts 11 个依赖中的部分
+ *      复杂提示库，仅保留文本输入交互场景
+ *   2. 任何命令在 CI / 非 TTY / `--non-interactive` 标记下必须能跳过
+ *      交互，由 `--answers <json>` 等替代输入
+ *   3. 提供同步可测试的实现：测试可通过传入 `input` / `output` 流模拟
+ *      用户输入，避免 mock readline
+ */
+/** 判断当前进程是否处于"非交互"环境（CI / 无 TTY / 显式禁用） */
+export declare function isNonInteractive(env?: NodeJS.ProcessEnv): boolean;
+export interface AskQuestionOptions {
+    /** 自定义输入流（测试时可注入） */
+    input?: NodeJS.ReadableStream;
+    /** 自定义输出流（测试时可注入） */
+    output?: NodeJS.WritableStream;
+}
+/**
+ * 同步式（async）从交互终端读取一行输入。
+ *
+ * 调用前请先用 isNonInteractive 判断；非交互环境下应避免调用本函数。
+ */
+export declare function askQuestion(question: string, options?: AskQuestionOptions): Promise<string>;
+/**
+ * 解析 `--answers <json>` 参数为 Record<string,string>。
+ *
+ * 接受格式：
+ *   - `'{"security:0":"yes","security:1":"no"}'`：直接 JSON 对象
+ *   - `'[]'` / `'{}'`：返回空对象
+ *
+ * 异常：JSON 解析失败、非对象、值非字符串均抛 Error，调用方应捕获后以
+ * exit code 1 结束并提示用户。
+ */
+export declare function parseAnswersJson(raw: string): Record<string, string>;
+//# sourceMappingURL=prompt.d.ts.map

package/dist/utils/prompt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt.d.ts","sourceRoot":"","sources":["../../src/utils/prompt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,2CAA2C;AAC3C,wBAAgB,gBAAgB,CAAC,GAAG,GAAE,MAAM,CAAC,UAAwB,GAAG,OAAO,CAK9E;AAED,MAAM,WAAW,kBAAkB;IACjC,qBAAqB;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IAC9B,qBAAqB;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;CAChC;AAED;;;;GAIG;AACH,wBAAsB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,MAAM,CAAC,CAcrG;AAED;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAwBpE"}

package/dist/utils/prompt.js

@@ -0,0 +1,81 @@
+/**
+ * prompt — 轻量交互工具（基于 Node 内置 readline）
+ *
+ * 设计目标：
+ *   1. specdo 砍掉 @inquirer/core / @inquirer/prompts 11 个依赖中的部分
+ *      复杂提示库，仅保留文本输入交互场景
+ *   2. 任何命令在 CI / 非 TTY / `--non-interactive` 标记下必须能跳过
+ *      交互，由 `--answers <json>` 等替代输入
+ *   3. 提供同步可测试的实现：测试可通过传入 `input` / `output` 流模拟
+ *      用户输入，避免 mock readline
+ */
+import * as readline from 'node:readline';
+/** 判断当前进程是否处于"非交互"环境（CI / 无 TTY / 显式禁用） */
+export function isNonInteractive(env = process.env) {
+    if (env.SPECDO_NON_INTERACTIVE === '1' || env.SPECDO_NON_INTERACTIVE === 'true')
+        return true;
+    if (env.CI === 'true' || env.CI === '1')
+        return true;
+    if (!process.stdin.isTTY)
+        return true;
+    return false;
+}
+/**
+ * 同步式（async）从交互终端读取一行输入。
+ *
+ * 调用前请先用 isNonInteractive 判断；非交互环境下应避免调用本函数。
+ */
+export async function askQuestion(question, options = {}) {
+    const rl = readline.createInterface({
+        input: options.input ?? process.stdin,
+        output: options.output ?? process.stdout,
+    });
+    try {
+        return await new Promise((resolve) => {
+            rl.question(question.endsWith(' ') ? question : question + ' ', (answer) => {
+                resolve(answer.trim());
+            });
+        });
+    }
+    finally {
+        rl.close();
+    }
+}
+/**
+ * 解析 `--answers <json>` 参数为 Record<string,string>。
+ *
+ * 接受格式：
+ *   - `'{"security:0":"yes","security:1":"no"}'`：直接 JSON 对象
+ *   - `'[]'` / `'{}'`：返回空对象
+ *
+ * 异常：JSON 解析失败、非对象、值非字符串均抛 Error，调用方应捕获后以
+ * exit code 1 结束并提示用户。
+ */
+export function parseAnswersJson(raw) {
+    const MAX_ANSWERS_BYTES = 50_000; // 50 KB
+    if (raw.length > MAX_ANSWERS_BYTES) {
+        throw new Error(`--answers payload too large (${raw.length} bytes; max ${MAX_ANSWERS_BYTES})`);
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch (err) {
+        throw new Error(`--answers JSON parse failed: ${err.message}`);
+    }
+    if (parsed === null || typeof parsed !== 'object' || Array.isArray(parsed)) {
+        throw new Error('--answers must be a JSON object whose values are strings');
+    }
+    // Use null-prototype object to avoid __proto__ / constructor key pitfalls
+    const result = Object.create(null);
+    for (const [key, value] of Object.entries(parsed)) {
+        if (key === '__proto__' || key === 'constructor' || key === 'prototype')
+            continue;
+        if (typeof value !== 'string') {
+            throw new Error(`--answers value for key "${key}" must be a string`);
+        }
+        result[key] = value;
+    }
+    return result;
+}
+//# sourceMappingURL=prompt.js.map

package/dist/utils/prompt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt.js","sourceRoot":"","sources":["../../src/utils/prompt.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAE1C,2CAA2C;AAC3C,MAAM,UAAU,gBAAgB,CAAC,MAAyB,OAAO,CAAC,GAAG;IACnE,IAAI,GAAG,CAAC,sBAAsB,KAAK,GAAG,IAAI,GAAG,CAAC,sBAAsB,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IAC7F,IAAI,GAAG,CAAC,EAAE,KAAK,MAAM,IAAI,GAAG,CAAC,EAAE,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACrD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACtC,OAAO,KAAK,CAAC;AACf,CAAC;AASD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB,EAAE,UAA8B,EAAE;IAClF,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;QAClC,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK;QACrC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM;KACzC,CAAC,CAAC;IACH,IAAI,CAAC;QACH,OAAO,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,EAAE;YAC3C,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,GAAG,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE;gBACzE,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACzB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;YAAS,CAAC;QACT,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,iBAAiB,GAAG,MAAM,CAAC,CAAC,QAAQ;IAC1C,IAAI,GAAG,CAAC,MAAM,GAAG,iBAAiB,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,CAAC,MAAM,eAAe,iBAAiB,GAAG,CAAC,CAAC;IACjG,CAAC;IACD,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,gCAAiC,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5E,CAAC;IACD,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3E,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IACD,0EAA0E;IAC1E,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3D,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAiC,CAAC,EAAE,CAAC;QAC7E,IAAI,GAAG,KAAK,WAAW,IAAI,GAAG,KAAK,aAAa,IAAI,GAAG,KAAK,WAAW;YAAE,SAAS;QAClF,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,4BAA4B,GAAG,oBAAoB,CAAC,CAAC;QACvE,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACtB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/package.json

@@ -0,0 +1,80 @@
+{
+  "name": "specdo",
+  "version": "1.0.2",
+  "description": "Self-contained CLI for spec-driven development with built-in domain knowledge",
+  "keywords": [
+    "specdo",
+    "spec-driven",
+    "specification",
+    "cli",
+    "tdd",
+    "domain-driven",
+    "workflow",
+    "changelog"
+  ],
+  "license": "MIT",
+  "author": "SpecDo Contributors",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/MoonCoder-HAPPY/SpecDo.git"
+  },
+  "homepage": "https://github.com/MoonCoder-HAPPY/SpecDo#readme",
+  "bugs": {
+    "url": "https://github.com/MoonCoder-HAPPY/SpecDo/issues"
+  },
+  "type": "module",
+  "publishConfig": {
+    "access": "public"
+  },
+  "bin": {
+    "specdo": "bin/specdo.js"
+  },
+  "files": [
+    "dist",
+    "bin",
+    "docs",
+    "README.md",
+    "CHANGELOG.md",
+    "LICENSE",
+    "SECURITY.md",
+    "CONTRIBUTING.md",
+    "CODE_OF_CONDUCT.md"
+  ],
+  "scripts": {
+    "clean": "node scripts/clean-artifacts.mjs",
+    "lint": "eslint src/ build.js build-activation.test.mjs vitest.config.ts scripts/release-check.mjs scripts/pack-dry-run.mjs scripts/verify-packed-cli.mjs scripts/clean-artifacts.mjs scripts/clean-artifacts.test.mjs",
+    "build": "node build.js",
+    "dev": "tsc --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "test:coverage": "vitest --coverage",
+    "prepare": "husky",
+    "prepack": "pnpm run build",
+    "release:check": "node scripts/clean-artifacts.mjs && pnpm lint && pnpm exec tsc --noEmit && pnpm test -- --maxWorkers=1 && pnpm run build && node scripts/release-check.mjs && node scripts/pack-dry-run.mjs && node scripts/verify-packed-cli.mjs && bash ./scripts/smoke-test.sh",
+    "prepublishOnly": "pnpm run release:check"
+  },
+  "lint-staged": {
+    "src/**/*.ts": [
+      "eslint --fix"
+    ]
+  },
+  "engines": {
+    "node": ">=20.19.0"
+  },
+  "devDependencies": {
+    "@types/node": "^24.2.0",
+    "@vitest/coverage-v8": "^4.1.8",
+    "eslint": "^9.39.2",
+    "husky": "^9.1.7",
+    "lint-staged": "^17.0.5",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.50.1",
+    "vitest": "^3.2.4"
+  },
+  "dependencies": {
+    "chalk": "^5.5.0",
+    "commander": "^14.0.0",
+    "yaml": "^2.8.2",
+    "zod": "^4.0.17"
+  }
+}