super-opencode 1.1.2 → 1.2.0

package/.opencode/commands/soc-cleanup.md

@@ -5,9 +5,11 @@ description: "Systematically clean up code, remove dead code, and optimize proje
 # /soc-cleanup
 
 ## 1. Command Overview
+
 The `/soc-cleanup` command is the "Janitor" of the codebase. It safely identifies and removes technical debt, unused exports, and dead code. It operates in two modes: `Safe` (conservative) and `Aggressive` (deep cleaning). Its primary directive is "Do No Harm."
 
 ## 2. Triggers & Routing
+
 The command routes cleanup tasks based on the `--type` flag.
 
 | Trigger Scenario | Flag | Target Agent | Tool Used |
@@ -18,38 +20,45 @@ The command routes cleanup tasks based on the `--type` flag.
 | **Deep Clean** | `--type all` | `[quality]` | All tools |
 
 ## 3. Usage & Arguments
+
 ```bash
 /soc-cleanup [target] [flags]
 ```
 
 ### Arguments
--   **`[target]`**: Directory or file to clean (default: current context).
+
+- **`[target]`**: Directory or file to clean (default: current context).
 
 ### Flags
--   **`--type [code|imports|files|all]`**: **MANDATORY**.
--   **`--safe`**: (Default) Only removes code with 0 references.
--   **`--aggressive`**: Removes code with indirect/suspect references (requires confirmation).
--   **`--preview`**: Lists changes without applying them (Dry Run).
+
+- **`--type [code|imports|files|all]`**: **MANDATORY**.
+- **`--safe`**: (Default) Only removes code with 0 references.
+- **`--aggressive`**: Removes code with indirect/suspect references (requires confirmation).
+- **`--preview`**: Lists changes without applying them (Dry Run).
 
 ## 4. Behavioral Flow (Orchestration)
 
 ### Phase 1: Analysis (The Scanner)
-1.  **Map**: Scans `[target]` for exports and imports.
-2.  **Trace**: Builds a dependency graph.
-3.  **Flag**: Identifies "orphan" nodes (code with no incoming edges).
+
+1. **Map**: Scans `[target]` for exports and imports.
+2. **Trace**: Builds a dependency graph.
+3. **Flag**: Identifies "orphan" nodes (code with no incoming edges).
 
 ### Phase 2: Plan (The Stratagem)
--   If `safe`: Select only orphans with 0 references.
--   If `aggressive`: Select orphans + "soft" references (comments, test-only usage).
+
+- If `safe`: Select only orphans with 0 references.
+- If `aggressive`: Select orphans + "soft" references (comments, test-only usage).
 
 ### Phase 3: Execution (The Broom)
-1.  **Backup**: (Implicit) Relies on Git.
-2.  **Remove**: Deletes lines/files.
-3.  **Verify**: Runs build/tests. If fail -> Revert.
+
+1. **Backup**: (Implicit) Relies on Git.
+2. **Remove**: Deletes lines/files.
+3. **Verify**: Runs build/tests. If fail -> Revert.
 
 ## 5. Output Guidelines (The Contract)
 
 ### Cleanup Report
+
 ```markdown
 ## Cleanup Report: [Target]
 
@@ -69,39 +78,52 @@ The command routes cleanup tasks based on the `--type` flag.
 ## 6. Examples
 
 ### A. Safe Import Cleanup
+
 ```bash
 /soc-cleanup src/ --type imports --safe
 ```
+
 *Effect:* Removes unused `import` statements and sorts remaining ones.
 
 ### B. Dead Code Preview
+
 ```bash
 /soc-cleanup --type code --preview
 ```
+
 *Effect:* Lists all exported functions that are never imported, but does not delete them.
 
 ## 7. Dependencies & Capabilities
 
 ### Agents
--   **Quality**: `@[.opencode/agents/quality.md]` - Primary agent for code analysis.
--   **Architect**: `@[.opencode/agents/architect.md]` - For structural cleanup.
+
+- **Quality**: `@[.opencode/agents/quality.md]` - Primary agent for code analysis.
+- **Architect**: `@[.opencode/agents/architect.md]` - For structural cleanup.
 
 ### Skills
--   **Safety Check**: `@[.opencode/skills/security-audit/SKILL.md]` - ensuring cleanup doesn't remove security gates.
--   **Reflexion**: `@[.opencode/skills/reflexion/SKILL.md]` - Recovering if cleanup breaks the build.
+
+- **Safety Check**: `@[.opencode/skills/security-audit/SKILL.md]` - ensuring cleanup doesn't remove security gates.
+- **Reflexion**: `@[.opencode/skills/reflexion/SKILL.md]` - Recovering if cleanup breaks the build.
 
 ### MCP Integration
--   **`context7`**: Verifying if "unused" code is actually a framework entry point (e.g., Next.js pages).
--   **`filesystem`**: Moving and deleting files.
+
+- **`context7`**: Verifying if "unused" code is actually a framework entry point (e.g., Next.js pages).
+- **`filesystem`**: Moving and deleting files.
 
 ## 8. Boundaries
 
 **Will:**
--   Remove unused imports.
--   Delete files with 0 references (in `aggressive` mode).
--   Consolidate duplicate logic (if explicitly identified).
+
+- Remove unused imports.
+- Delete files with 0 references (in `aggressive` mode).
+- Consolidate duplicate logic (if explicitly identified).
 
 **Will Not:**
--   **Delete "Commented Out" Code**: Unless explicitly told to.
--   **Touch Config Files**: (e.g., `tsconfig.json`) without explicit intent.
--   **Break Public APIs**: Will not remove exports from `index.ts` files in libraries.
+
+- **Delete "Commented Out" Code**: Unless explicitly told to.
+- **Touch Config Files**: (e.g., `tsconfig.json`) without explicit intent.
+- **Break Public APIs**: Will not remove exports from `index.ts` files in libraries.
+
+## User Instruction
+
+The user have executed the `/soc-cleanup` command by parsing the user's arguments provided in `<user-instruction>$ARGUMENTS</user-instruction>`, then route to the appropriate agent based on the extracted `--type` flag (code, imports, files, or all), scan the specified target (or current directory if none specified) to build a dependency graph and identify orphan code, apply the selected safety mode (`--safe` for zero-reference removal only or `--aggressive` for broader cleanup including soft references), generate a preview of changes if `--preview` is specified, and execute the cleanup while verifying that tests and builds still pass.

package/.opencode/commands/soc-deploy.md

@@ -0,0 +1,271 @@
+---
+description: "Deployment orchestration, release management, and infrastructure provisioning"
+---
+
+# /soc-deploy
+
+## 1. Command Overview
+
+The `/soc-deploy` command is the "Release Commander." It orchestrates the entire deployment pipeline—from environment provisioning to production release. It ensures deployments are repeatable, safe, and observable. It integrates CI/CD workflows, infrastructure as code, and rollback procedures to minimize deployment risk.
+
+## 2. Triggers & Routing
+
+The command activates deployment modes based on target environment and strategy.
+
+| Trigger Scenario | Flag | Target Agent | Context Injected |
+| :--- | :--- | :--- | :--- |
+| **Environment Setup** | `--action provision` | `[devops-agent]` | Cloud Provider, Regions, Resources |
+| **CI/CD Pipeline** | `--action pipeline` | `[devops-agent]` | Build Steps, Tests, Gates |
+| **Production Deploy** | `--action deploy` | `[devops-agent]` + `[security]` | Release Checklist, Rollback Plan |
+| **Rollback** | `--action rollback` | `[devops-agent]` | Previous Stable Version |
+| **Monitoring Setup** | `--action monitor` | `[devops-agent]` | Alerts, Dashboards, SLOs |
+
+## 3. Usage & Arguments
+
+```bash
+/soc-deploy [target] [flags]
+```
+
+### Arguments
+
+- **`[target]`**: Deployment target (e.g., "staging", "production", "v2.1.0", "infrastructure").
+
+### Flags
+
+- **`--action [provision|pipeline|deploy|rollback|monitor]`**: **MANDATORY**. Specifies deployment phase.
+- **`--environment [dev|staging|prod]`**: Target environment (required for deploy/rollback).
+- **`--strategy [blue-green|canary|rolling|recreate]`**: Deployment strategy (default: rolling).
+- **`--version [semver]`**: Version tag to deploy (e.g., "v2.1.0").
+- **`--dry-run`**: Simulate deployment without executing (validate configuration).
+- **`--skip-tests`**: Skip test execution in pipeline (emergency use only).
+- **`--auto-rollback`**: Automatically rollback on health check failure.
+
+## 4. Behavioral Flow (Orchestration)
+
+### Phase 1: Pre-Flight Checks
+
+1. **Validate**: Check all required flags and configurations.
+2. **Health Check**: Verify current environment status.
+3. **Permission Check**: Ensure deployment credentials are valid.
+4. **Gate Check**: Verify all pre-deployment requirements met (tests passed, approvals granted).
+
+### Phase 2: Deployment Execution
+
+#### Environment Provisioning (`--action provision`):
+- Generate Terraform/CloudFormation configs.
+- Create resource groups/VPCs.
+- Set up databases, caches, queues.
+- Configure networking and security groups.
+- Output infrastructure state files.
+
+#### Pipeline Configuration (`--action pipeline`):
+- Define build stages (lint → test → build → scan).
+- Configure artifact storage.
+- Set up deployment gates (manual approval for prod).
+- Integrate security scanning (SAST, dependency check).
+- Configure notifications (Slack, email).
+
+#### Production Deploy (`--action deploy`):
+- **Blue-Green**: Deploy to new environment, run smoke tests, switch traffic.
+- **Canary**: Deploy to 5% of traffic, monitor metrics, gradually increase.
+- **Rolling**: Replace instances one by one with health checks.
+- **Recreate**: Stop old version, start new version (downtime acceptable).
+
+#### Rollback (`--action rollback`):
+- Identify previous stable version.
+- Execute rollback strategy (reverse of deployment).
+- Verify system health post-rollback.
+- Generate incident report.
+
+### Phase 3: Post-Deployment
+
+- **Verification**: Run smoke tests and health checks.
+- **Monitoring**: Activate alerts and dashboards.
+- **Notification**: Notify team of deployment status.
+- **Documentation**: Update deployment log and runbooks.
+
+## 5. Output Guidelines (The Contract)
+
+### Deployment Report Template
+
+```markdown
+# Deployment Report: [Version] → [Environment]
+
+## Summary
+**Action**: Production Deploy  
+**Version**: v2.1.0  
+**Strategy**: Blue-Green  
+**Status**: ✅ SUCCESS / ❌ FAILED / ⚠️ ROLLBACK  
+**Duration**: 12 minutes  
+**Started**: 2026-01-30 14:30 UTC  
+**Completed**: 2026-01-30 14:42 UTC
+
+## Pre-Deployment Checklist
+- [x] All tests passing (CI/CD green)
+- [x] Security scan passed (0 critical, 2 medium)
+- [x] Database migrations reviewed
+- [x] Rollback plan documented
+- [x] On-call engineer notified
+
+## Deployment Steps
+
+| Step | Action | Status | Duration |
+|:-----|:-------|:------:|:--------:|
+| 1 | Provision green environment | ✅ | 3m |
+| 2 | Deploy v2.1.0 to green | ✅ | 2m |
+| 3 | Run smoke tests | ✅ | 2m |
+| 4 | Database migration | ✅ | 1m |
+| 5 | Switch traffic (blue→green) | ✅ | 30s |
+| 6 | Verify production health | ✅ | 3m |
+| 7 | Decommission blue | ✅ | 1m |
+
+## Health Checks
+
+| Check | Target | Actual | Status |
+|:------|:-------|:-------|:------:|
+| Response Time | <200ms | 145ms | ✅ |
+| Error Rate | <0.1% | 0.02% | ✅ |
+| CPU Usage | <70% | 45% | ✅ |
+| Memory Usage | <80% | 62% | ✅ |
+
+## Rollback Information
+**Previous Version**: v2.0.8  
+**Rollback Command**: `/soc-deploy rollback --environment prod --version v2.0.8`  
+**Estimated Rollback Time**: 5 minutes  
+**Rollback Triggered**: No
+
+## Post-Deployment Actions
+- [x] Monitoring dashboards verified
+- [x] Error logs checked (no anomalies)
+- [x] Team notified in #deployments
+- [x] Runbooks updated
+- [ ] Post-deploy review scheduled (24h)
+
+## Issues & Notes
+- Minor: 2 medium-severity dependency warnings (non-blocking)
+- Note: Database migration required brief read-only mode (45s)
+```
+
+### Pipeline Configuration Output
+
+```yaml
+# .github/workflows/deploy.yml (Generated)
+name: Deploy Pipeline
+
+on:
+  push:
+    tags: ['v*']
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Lint
+        run: npm run lint
+      - name: Type Check
+        run: npm run typecheck
+      
+  test:
+    runs-on: ubuntu-latest
+    needs: validate
+    steps:
+      - name: Unit Tests
+        run: npm test
+      - name: Coverage
+        run: npm run test:coverage
+        
+  security:
+    runs-on: ubuntu-latest
+    needs: validate
+    steps:
+      - name: SAST Scan
+        uses: github/codeql-action@v2
+      - name: Dependency Check
+        run: npm audit --audit-level moderate
+        
+  deploy:
+    runs-on: ubuntu-latest
+    needs: [test, security]
+    environment: production
+    steps:
+      - name: Deploy to Production
+        run: |
+          /soc-deploy prod --action deploy --version ${{ github.ref_name }}
+```
+
+## 6. Examples
+
+### A. Production Deployment
+
+```bash
+/soc-deploy production --action deploy --version v2.1.0 --strategy blue-green --auto-rollback
+```
+
+*Effect:* Deploys v2.1.0 to production using blue-green strategy with automatic rollback on health check failure.
+
+### B. Infrastructure Provisioning
+
+```bash
+/soc-deploy "staging-infrastructure" --action provision --provider aws --region us-east-1
+```
+
+*Effect:* Provisions all staging environment infrastructure on AWS us-east-1 (VPC, databases, caches, load balancers).
+
+### C. Emergency Rollback
+
+```bash
+/soc-deploy production --action rollback --version v2.0.8
+```
+
+*Effect:* Immediately rolls back production to v2.0.8, verifies health, and generates incident report.
+
+### D. Pipeline Setup
+
+```bash
+/soc-deploy "ci-cd" --action pipeline --provider github-actions
+```
+
+*Effect:* Generates complete CI/CD pipeline configuration for GitHub Actions with build, test, security, and deploy stages.
+
+## 7. Dependencies & Capabilities
+
+### Agents
+
+- **DevOps Lead**: `[devops-agent]` - Infrastructure provisioning, pipeline setup, deployment execution.
+- **Security Validator**: `[security]` - Pre-deployment security checks and approval.
+- **PM Coordination**: `[pm-agent]` - Deployment scheduling and approval workflows.
+
+### Skills
+
+- **Security Audit**: `@[.opencode/skills/security-audit/SKILL.md]` - Validates deployment security.
+- **Self Check**: `@[.opencode/skills/self-check/SKILL.md]` - Pre-deployment verification.
+- **Confidence Check**: `@[.opencode/skills/confidence-check/SKILL.md]` - Validates deployment readiness.
+- **Package Manager**: `@[.opencode/skills/package-manager/SKILL.md]` - Ensures correct package manager for builds.
+
+### MCP Integration
+
+- **`tavily`**: Research cloud provider best practices and pricing.
+- **`context7`**: Access Terraform, Kubernetes, or cloud provider documentation.
+- **`generate_image`**: Create infrastructure architecture diagrams.
+
+## 8. Boundaries
+
+**Will:**
+
+- Provision infrastructure using IaC (Terraform/CloudFormation).
+- Configure CI/CD pipelines with proper gates and stages.
+- Execute deployments using various strategies (blue-green, canary, rolling).
+- Perform automated rollbacks on failure.
+- Set up monitoring and alerting for deployed services.
+
+**Will Not:**
+
+- **Execute Without Approval**: Production deployments require explicit approval (unless `--auto-approve` flag used).
+- **Modify Production Directly**: Always uses IaC and pipelines—no manual SSH changes.
+- **Skip Security Scans**: Can override with `--skip-security` but flags as high risk.
+- **Store Secrets**: References secret managers but never logs or stores credentials.
+
+## User Instruction
+
+The user have executed the `/soc-deploy` command by parsing the user's arguments provided in `<user-instruction>$ARGUMENTS</user-instruction>`, then route to the appropriate deployment action (provision, pipeline, deploy, rollback, or monitor), perform pre-flight checks including permissions, health status, and deployment gates, execute the requested deployment phase using infrastructure-as-code principles and the specified strategy, run health checks and verification tests, if deployment fails and `--auto-rollback` is set, execute rollback procedure, generate comprehensive deployment report with all steps, health metrics, and rollback information, and update deployment logs and notify stakeholders of completion status.

package/.opencode/commands/soc-design.md

@@ -5,9 +5,11 @@ description: "Design system architecture, APIs, and component interfaces with co
 # /soc-design
 
 ## 1. Command Overview
+
 The `/soc-design` command orchestrates the creation of technical specifications, architecture diagrams, and API contracts. It transitions a project from "brainstorming" to "blueprint." It delegates specific design tasks to the `architect`, `backend`, or `frontend` agents, ensuring all designs are validated against the "Ultrathink" protocol before any code is written.
 
 ## 2. Triggers & Routing
+
 The command routes to specialized sub-agents based on the `--type` flag.
 
 | Trigger Scenario | Flag | Target Agent | Context Injected |
@@ -18,40 +20,47 @@ The command routes to specialized sub-agents based on the `--type` flag.
 | **UI Component** | `--type component` | `[frontend]` | Accessibility (WCAG), Design Tokens |
 
 ## 3. Usage & Arguments
+
 ```bash
 /soc-design [target] [flags]
 ```
 
 ### Arguments
--   **`[target]`**: The feature, system, or component to design (e.g., "User Auth", "Payment Gateway").
+
+- **`[target]`**: The feature, system, or component to design (e.g., "User Auth", "Payment Gateway").
 
 ### Flags
--   **`--type [type]`**: **MANDATORY**. One of `architecture`, `api`, `database`, `component`.
--   **`--format [format]`**:
-    -   `spec`: Textual specification with requirements (default).
-    -   `diagram`: Mermaid or ASCII visualization.
-    -   `code`: Interface definitions (TypeScript interfaces, SQL DDL).
+
+- **`--type [type]`**: **MANDATORY**. One of `architecture`, `api`, `database`, `component`.
+- **`--format [format]`**:
+  - `spec`: Textual specification with requirements (default).
+  - `diagram`: Mermaid or ASCII visualization.
+  - `code`: Interface definitions (TypeScript interfaces, SQL DDL).
 
 ## 4. Behavioral Flow (Orchestration)
 
 ### Phase 1: Context Analysis
-1.  **Read**: Examines existing `task.md`, `README.md`, and any previous brainstorming artifacts.
-2.  **Constraint Check**: Identifies tech stack limitations (e.g., "We are using Next.js on Vercel").
+
+1. **Read**: Examines existing `task.md`, `README.md`, and any previous brainstorming artifacts.
+2. **Constraint Check**: Identifies tech stack limitations (e.g., "We are using Next.js on Vercel").
 
 ### Phase 2: Design Generation
+
 The command prompts the target agent:
 > "Agent **[Name]**, create a **[Type]** design for **[Target]**.
 > Standard: **Intentional Minimalism**.
 > Output: **[Format]**."
 
 ### Phase 3: Validation (Reflexion)
--   Does the design violate "Zero Trust"?
--   Is the schema normalized?
--   Are the UI components accessible?
+
+- Does the design violate "Zero Trust"?
+- Is the schema normalized?
+- Are the UI components accessible?
 
 ## 5. Output Guidelines (The Contract)
 
 ### A. Architecture Decision Record (ADR)
+
 ```markdown
 # ADR: [Title]
 ## Context
@@ -63,6 +72,7 @@ The command prompts the target agent:
 ```
 
 ### B. API Specification
+
 ```typescript
 interface CreateUserRequest {
   email: string; // @format email
@@ -71,6 +81,7 @@ interface CreateUserRequest {
 ```
 
 ### C. Database Schema (Prisma/SQL)
+
 ```prisma
 model User {
   id    String @id @default(cuid())
@@ -81,41 +92,55 @@ model User {
 ## 6. Examples
 
 ### A. System Architecture
+
 ```bash
 /soc-design user-management --type architecture --format diagram
 ```
+
 *Effect:* Triggers `architect` to draw a high-level system diagram including Auth0, Postgres, and Next.js linkage.
 
 ### B. API Design
+
 ```bash
 /soc-design payment-api --type api --format spec
 ```
+
 *Effect:* Triggers `backend` to define `POST /api/payments` with request/response schemas and error codes.
 
 ## 7. Dependencies & Capabilities
+
 ### Agents
--   **Architecture**: `@[.opencode/agents/architect.md]` - System design and patterns.
--   **API/DB**: `@[.opencode/agents/backend.md]` - Schema and interface definitions.
--   **UI/UX**: `@[.opencode/agents/frontend.md]` - Component and interaction design.
--   **Research**: `@[.opencode/agents/researcher.md]` - Competitive analysis and best practices.
+
+- **Architecture**: `@[.opencode/agents/architect.md]` - System design and patterns.
+- **API/DB**: `@[.opencode/agents/backend.md]` - Schema and interface definitions.
+- **UI/UX**: `@[.opencode/agents/frontend.md]` - Component and interaction design.
+- **Research**: `@[.opencode/agents/researcher.md]` - Competitive analysis and best practices.
 
 ### Skills
--   **Simplification**: `@[.opencode/skills/simplification/SKILL.md]` - Ensuring designs are not over-engineered.
--   **Reflexion**: `@[.opencode/skills/reflexion/SKILL.md]` - Critiquing design decisions.
+
+- **Simplification**: `@[.opencode/skills/simplification/SKILL.md]` - Ensuring designs are not over-engineered.
+- **Reflexion**: `@[.opencode/skills/reflexion/SKILL.md]` - Critiquing design decisions.
 
 ### MCP Integration
--   **`generate_image`**: Used to create UI mockups, architectural diagrams, and visual flows.
--   **`context7`**: Accessing latest documentation for chosen frameworks (e.g., "Next.js App Router patterns").
--   **`tavily`**: Researching industry standards and existing solutions.
+
+- **`generate_image`**: Used to create UI mockups, architectural diagrams, and visual flows.
+- **`context7`**: Accessing latest documentation for chosen frameworks (e.g., "Next.js App Router patterns").
+- **`tavily`**: Researching industry standards and existing solutions.
 
 ## 8. Boundaries
 
 **Will:**
--   Create comprehensive design specifications.
--   Generate interface definitions (contracts).
--   Validate designs against architectural constraints.
+
+- Create comprehensive design specifications.
+- Generate interface definitions (contracts).
+- Validate designs against architectural constraints.
 
 **Will Not:**
--   **Write Implementation Code**: Use `/soc-implement` for that.
--   **Deploy Infrastructure**: Use Terraform/SOC agents for that.
--   **Guess Requirements**: If ambiguous, it will ask for clarification.
+
+- **Write Implementation Code**: Use `/soc-implement` for that.
+- **Deploy Infrastructure**: Use Terraform/SOC agents for that.
+- **Guess Requirements**: If ambiguous, it will ask for clarification.
+
+## User Instruction
+
+The user have executed the `/soc-design` command by parsing the user's arguments provided in `<user-instruction>$ARGUMENTS</user-instruction>`, then route to the appropriate specialized agent based on the extracted `--type` flag (architecture, api, database, or component), examine existing project context from `task.md`, `README.md`, and brainstorming artifacts to understand constraints, prompt the target agent to create comprehensive design specifications in the requested format (spec, diagram, or code), validate the design against architectural constraints and best practices including the Ultrathink protocol, and generate the appropriate output—whether an Architecture Decision Record (ADR), API specification with TypeScript interfaces, database schema definition, or UI component design with accessibility considerations.