theslopmachine 0.6.2 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/MANUAL.md +21 -6
- package/README.md +55 -7
- package/RELEASE.md +16 -1
- package/assets/agents/developer.md +41 -1
- package/assets/agents/slopmachine-claude.md +101 -60
- package/assets/agents/slopmachine.md +40 -17
- package/assets/claude/agents/developer.md +42 -5
- package/assets/skills/clarification-gate/SKILL.md +25 -5
- package/assets/skills/claude-worker-management/SKILL.md +290 -57
- package/assets/skills/developer-session-lifecycle/SKILL.md +83 -38
- package/assets/skills/development-guidance/SKILL.md +21 -1
- package/assets/skills/evaluation-triage/SKILL.md +34 -23
- package/assets/skills/final-evaluation-orchestration/SKILL.md +88 -50
- package/assets/skills/hardening-gate/SKILL.md +17 -3
- package/assets/skills/integrated-verification/SKILL.md +3 -3
- package/assets/skills/planning-gate/SKILL.md +32 -3
- package/assets/skills/planning-guidance/SKILL.md +72 -13
- package/assets/skills/retrospective-analysis/SKILL.md +2 -2
- package/assets/skills/scaffold-guidance/SKILL.md +129 -124
- package/assets/skills/submission-packaging/SKILL.md +33 -27
- package/assets/skills/verification-gates/SKILL.md +44 -14
- package/assets/slopmachine/backend-evaluation-prompt.md +1 -1
- package/assets/slopmachine/frontend-evaluation-prompt.md +5 -5
- package/assets/slopmachine/scaffold-playbooks/android-kotlin-compose.md +81 -0
- package/assets/slopmachine/scaffold-playbooks/android-kotlin-views.md +191 -0
- package/assets/slopmachine/scaffold-playbooks/android-native-java.md +203 -0
- package/assets/slopmachine/scaffold-playbooks/angular-default.md +181 -0
- package/assets/slopmachine/scaffold-playbooks/backend-baseline.md +142 -0
- package/assets/slopmachine/scaffold-playbooks/backend-family-matrix.md +80 -0
- package/assets/slopmachine/scaffold-playbooks/database-module-matrix.md +80 -0
- package/assets/slopmachine/scaffold-playbooks/django-default.md +166 -0
- package/assets/slopmachine/scaffold-playbooks/docker-baseline.md +189 -0
- package/assets/slopmachine/scaffold-playbooks/docker-shared-contract.md +334 -0
- package/assets/slopmachine/scaffold-playbooks/electron-vite-default.md +124 -0
- package/assets/slopmachine/scaffold-playbooks/expo-react-native-default.md +73 -0
- package/assets/slopmachine/scaffold-playbooks/fastapi-default.md +134 -0
- package/assets/slopmachine/scaffold-playbooks/frontend-baseline.md +160 -0
- package/assets/slopmachine/scaffold-playbooks/frontend-family-matrix.md +134 -0
- package/assets/slopmachine/scaffold-playbooks/generic-unknown-tech-guide.md +136 -0
- package/assets/slopmachine/scaffold-playbooks/go-chi-default.md +160 -0
- package/assets/slopmachine/scaffold-playbooks/ios-linux-portable.md +93 -0
- package/assets/slopmachine/scaffold-playbooks/ios-native-objective-c.md +151 -0
- package/assets/slopmachine/scaffold-playbooks/ios-native-swift.md +188 -0
- package/assets/slopmachine/scaffold-playbooks/laravel-default.md +216 -0
- package/assets/slopmachine/scaffold-playbooks/livewire-default.md +265 -0
- package/assets/slopmachine/scaffold-playbooks/overlay-module-matrix.md +130 -0
- package/assets/slopmachine/scaffold-playbooks/platform-family-matrix.md +79 -0
- package/assets/slopmachine/scaffold-playbooks/selection-matrix.md +72 -0
- package/assets/slopmachine/scaffold-playbooks/spring-boot-default.md +182 -0
- package/assets/slopmachine/scaffold-playbooks/tauri-default.md +80 -0
- package/assets/slopmachine/scaffold-playbooks/vue-vite-default.md +162 -0
- package/assets/slopmachine/scaffold-playbooks/web-default.md +96 -0
- package/assets/slopmachine/templates/AGENTS.md +41 -3
- package/assets/slopmachine/templates/CLAUDE.md +111 -0
- package/assets/slopmachine/test-coverage-prompt.md +561 -0
- package/assets/slopmachine/utils/claude_create_session.mjs +3 -2
- package/assets/slopmachine/utils/claude_live_channel.mjs +188 -0
- package/assets/slopmachine/utils/claude_live_common.mjs +411 -0
- package/assets/slopmachine/utils/claude_live_hook.py +47 -0
- package/assets/slopmachine/utils/claude_live_launch.mjs +187 -0
- package/assets/slopmachine/utils/claude_live_status.mjs +25 -0
- package/assets/slopmachine/utils/claude_live_stop.mjs +46 -0
- package/assets/slopmachine/utils/claude_live_turn.mjs +277 -0
- package/assets/slopmachine/utils/claude_resume_session.mjs +3 -2
- package/assets/slopmachine/utils/claude_wait_for_rate_limit_reset.mjs +23 -0
- package/assets/slopmachine/utils/claude_wait_for_rate_limit_reset.sh +5 -0
- package/assets/slopmachine/utils/claude_worker_common.mjs +361 -4
- package/assets/slopmachine/utils/cleanup_delivery_artifacts.py +4 -0
- package/assets/slopmachine/utils/export_ai_session.mjs +1 -1
- package/assets/slopmachine/utils/normalize_claude_session.py +153 -0
- package/assets/slopmachine/utils/package_claude_session.mjs +123 -0
- package/assets/slopmachine/utils/prepare_strict_audit_workspace.mjs +65 -0
- package/package.json +1 -1
- package/src/constants.js +42 -3
- package/src/init.js +173 -28
- package/src/install.js +156 -8
- package/src/send-data.js +56 -57
|
@@ -0,0 +1,182 @@
|
|
|
1
|
+
# Spring Boot Default Scaffold Playbook
|
|
2
|
+
|
|
3
|
+
Use this playbook when the prompt explicitly asks for Spring Boot, Java backend conventions, or a JVM-first backend baseline.
|
|
4
|
+
|
|
5
|
+
## Goal
|
|
6
|
+
|
|
7
|
+
Create a Spring Boot scaffold baseline that:
|
|
8
|
+
|
|
9
|
+
- starts from the official Spring Initializr bootstrap path
|
|
10
|
+
- keeps defaults pinned and boring
|
|
11
|
+
- proves one real API plus one real persistence path
|
|
12
|
+
- exposes `docker compose up --build` as the runtime contract
|
|
13
|
+
- exposes `./run_tests.sh` as the broad containerized verification path
|
|
14
|
+
- stays baseline-only and honest about exclusions
|
|
15
|
+
|
|
16
|
+
Verified lab: `/Users/yohannesakd/code/eaglepoint/demonstration/scaffold-lab/spring-boot-baseline`
|
|
17
|
+
|
|
18
|
+
## Chosen baseline defaults
|
|
19
|
+
|
|
20
|
+
- Spring Boot `3.5.13`
|
|
21
|
+
- Java `21`
|
|
22
|
+
- Maven Wrapper `3.9.14`
|
|
23
|
+
- dependencies: `web`, `actuator`, `data-jpa`, `validation`, `h2`
|
|
24
|
+
- database pattern: file-backed H2 stored in Docker-managed volumes
|
|
25
|
+
|
|
26
|
+
Why these defaults:
|
|
27
|
+
|
|
28
|
+
- Spring Initializr is the official bootstrap path and yields the wrapper, parent BOM, and baseline Maven layout cleanly
|
|
29
|
+
- Spring Boot `3.5.x` is the safer practical line than jumping straight to Boot `4.x` for a neutral baseline
|
|
30
|
+
- Java `21` is a current LTS choice with wide container availability
|
|
31
|
+
- H2 file mode gives real persistence without introducing credentials or a second infrastructure service
|
|
32
|
+
|
|
33
|
+
## Official bootstrap command
|
|
34
|
+
|
|
35
|
+
Use the official starter generator, then adapt only what is needed for Docker, DB wiring, tests, and README honesty:
|
|
36
|
+
|
|
37
|
+
```bash
|
|
38
|
+
curl -fsSL "https://start.spring.io/starter.zip?type=maven-project&language=java&bootVersion=3.5.13&baseDir=spring-boot-baseline&groupId=com.eaglepoint&artifactId=spring-boot-baseline&name=spring-boot-baseline&description=Verified%20Spring%20Boot%20baseline%20lab&packageName=com.eaglepoint.springbaseline&packaging=jar&javaVersion=21&dependencies=web,actuator,data-jpa,h2,validation" -o /tmp/spring-boot-baseline.zip
|
|
39
|
+
unzip -q /tmp/spring-boot-baseline.zip -d .
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
## Safe config / database pattern
|
|
43
|
+
|
|
44
|
+
- do not require `.env`
|
|
45
|
+
- import optional runtime config from `/runtime/config/application-runtime.properties`
|
|
46
|
+
- generate that file at container startup and before containerized tests
|
|
47
|
+
- point Spring Data at `jdbc:h2:file:/runtime/db/spring-boot-baseline...`
|
|
48
|
+
- keep runtime config and DB files in named Docker volumes
|
|
49
|
+
- expose only the app port to loopback with a random host port
|
|
50
|
+
|
|
51
|
+
This is the recommended local-only baseline when the prompt does not require Postgres/MySQL yet.
|
|
52
|
+
|
|
53
|
+
## Docker / Compose pattern
|
|
54
|
+
|
|
55
|
+
- `compose.yaml` with one `app` service and one `test` service behind the `test` profile
|
|
56
|
+
- multi-stage Dockerfile: Maven test/build stages plus a smaller runtime stage
|
|
57
|
+
- real app healthcheck against `http://127.0.0.1:8080/actuator/health`
|
|
58
|
+
- host port binding: `127.0.0.1::8080`
|
|
59
|
+
- named volumes for runtime config and file-backed H2 state
|
|
60
|
+
|
|
61
|
+
## Minimum API surface
|
|
62
|
+
|
|
63
|
+
At scaffold time include at least:
|
|
64
|
+
|
|
65
|
+
- `GET /health` proving app boot and DB query success
|
|
66
|
+
- `POST /items` creating one persisted record
|
|
67
|
+
- `GET /items` listing persisted records
|
|
68
|
+
|
|
69
|
+
This is enough to prove API routing, JSON handling, persistence, and Docker readiness without pretending the app is product-ready.
|
|
70
|
+
|
|
71
|
+
## Minimum test floor
|
|
72
|
+
|
|
73
|
+
- `./run_tests.sh` must start the app container, wait for health, and smoke the real routes with `curl`
|
|
74
|
+
- the test container must run `./mvnw -q verify`
|
|
75
|
+
- JUnit tests should use `@SpringBootTest(webEnvironment = RANDOM_PORT)` or equivalent so HTTP and DB wiring are both exercised
|
|
76
|
+
|
|
77
|
+
## README requirements
|
|
78
|
+
|
|
79
|
+
`README.md` must explicitly state:
|
|
80
|
+
|
|
81
|
+
- that the scaffold is baseline-only
|
|
82
|
+
- the pinned Spring Boot / Java / Maven defaults
|
|
83
|
+
- required runtime command: `docker compose up --build`
|
|
84
|
+
- required broad test command: `./run_tests.sh`
|
|
85
|
+
- how the runtime config file is generated without `.env`
|
|
86
|
+
- why H2 file mode is the chosen default database pattern
|
|
87
|
+
- what is intentionally excluded
|
|
88
|
+
|
|
89
|
+
## Verification commands actually run
|
|
90
|
+
|
|
91
|
+
Experimentally verified: **yes**.
|
|
92
|
+
|
|
93
|
+
Commands run in `/Users/yohannesakd/code/eaglepoint/demonstration/scaffold-lab/spring-boot-baseline`:
|
|
94
|
+
|
|
95
|
+
```bash
|
|
96
|
+
docker compose build
|
|
97
|
+
docker compose up --build -d && docker compose ps && docker compose port app 8080
|
|
98
|
+
python3 - <<'PY'
|
|
99
|
+
import json, time, urllib.request
|
|
100
|
+
base = 'http://127.0.0.1:32785'
|
|
101
|
+
last_error = None
|
|
102
|
+
for _ in range(60):
|
|
103
|
+
try:
|
|
104
|
+
with urllib.request.urlopen(base + '/health', timeout=5) as response:
|
|
105
|
+
payload = json.load(response)
|
|
106
|
+
if payload.get('status') == 'ok' and payload.get('database') == 'ok':
|
|
107
|
+
print('HEALTH', json.dumps(payload, separators=(',', ':')))
|
|
108
|
+
break
|
|
109
|
+
except Exception as exc:
|
|
110
|
+
last_error = exc
|
|
111
|
+
time.sleep(2)
|
|
112
|
+
else:
|
|
113
|
+
raise SystemExit(f'Health endpoint never became ready: {last_error}')
|
|
114
|
+
|
|
115
|
+
req = urllib.request.Request(base + '/items', data=b'{"name":"manual-smoke-item"}', headers={'Content-Type': 'application/json'}, method='POST')
|
|
116
|
+
with urllib.request.urlopen(req, timeout=5) as response:
|
|
117
|
+
created = json.load(response)
|
|
118
|
+
print('CREATE', json.dumps(created, separators=(',', ':')))
|
|
119
|
+
with urllib.request.urlopen(base + '/items', timeout=5) as response:
|
|
120
|
+
items = json.load(response)
|
|
121
|
+
print('LIST', json.dumps(items, separators=(',', ':')))
|
|
122
|
+
PY
|
|
123
|
+
docker compose down --volumes --remove-orphans
|
|
124
|
+
./run_tests.sh
|
|
125
|
+
python3 - <<'PY'
|
|
126
|
+
import json
|
|
127
|
+
import signal
|
|
128
|
+
import subprocess
|
|
129
|
+
import time
|
|
130
|
+
import urllib.request
|
|
131
|
+
|
|
132
|
+
cwd = '/Users/yohannesakd/code/eaglepoint/demonstration/scaffold-lab/spring-boot-baseline'
|
|
133
|
+
proc = subprocess.Popen(['docker', 'compose', 'up', '--build'], cwd=cwd)
|
|
134
|
+
error = None
|
|
135
|
+
try:
|
|
136
|
+
deadline = time.time() + 240
|
|
137
|
+
while time.time() < deadline:
|
|
138
|
+
try:
|
|
139
|
+
port_output = subprocess.check_output(['docker', 'compose', 'port', 'app', '8080'], cwd=cwd, stderr=subprocess.DEVNULL, text=True).strip()
|
|
140
|
+
if port_output:
|
|
141
|
+
host, port = port_output.rsplit(':', 1)
|
|
142
|
+
base_url = f'http://127.0.0.1:{port}'
|
|
143
|
+
with urllib.request.urlopen(base_url + '/health', timeout=3) as response:
|
|
144
|
+
payload = json.load(response)
|
|
145
|
+
if payload.get('status') == 'ok' and payload.get('database') == 'ok':
|
|
146
|
+
print(f'interactive compose reached ready health at {base_url}')
|
|
147
|
+
break
|
|
148
|
+
except Exception as exc:
|
|
149
|
+
error = exc
|
|
150
|
+
time.sleep(2)
|
|
151
|
+
else:
|
|
152
|
+
raise RuntimeError(f'interactive docker compose up --build never reached readiness: {error}')
|
|
153
|
+
finally:
|
|
154
|
+
proc.send_signal(signal.SIGINT)
|
|
155
|
+
try:
|
|
156
|
+
proc.wait(timeout=30)
|
|
157
|
+
except subprocess.TimeoutExpired:
|
|
158
|
+
proc.kill()
|
|
159
|
+
proc.wait(timeout=30)
|
|
160
|
+
subprocess.run(['docker', 'compose', 'down', '--volumes', '--remove-orphans'], cwd=cwd, check=True)
|
|
161
|
+
PY
|
|
162
|
+
docker compose --profile test run --rm test sh -lc 'sh /workspace/scripts/bootstrap_config.sh && ./mvnw -U test'
|
|
163
|
+
docker compose down --volumes --remove-orphans
|
|
164
|
+
```
|
|
165
|
+
|
|
166
|
+
Observed results:
|
|
167
|
+
|
|
168
|
+
- `docker compose up --build -d` published the app on `127.0.0.1:32785`
|
|
169
|
+
- smoke verification returned healthy JSON plus a persisted `manual-smoke-item`
|
|
170
|
+
- `./run_tests.sh` passed and printed `Spring Boot baseline smoke and container tests passed at http://127.0.0.1:32787`
|
|
171
|
+
- interactive `docker compose up --build` reached ready health at `http://127.0.0.1:32789`
|
|
172
|
+
- `docker compose --profile test run --rm test ... ./mvnw -U test` reported `Tests run: 2, Failures: 0, Errors: 0, Skipped: 0` and `BUILD SUCCESS`
|
|
173
|
+
|
|
174
|
+
## Acceptance checklist
|
|
175
|
+
|
|
176
|
+
Baseline is acceptable when:
|
|
177
|
+
|
|
178
|
+
- `docker compose up --build` works
|
|
179
|
+
- `./run_tests.sh` works
|
|
180
|
+
- a real API route and a real persistence route are verified
|
|
181
|
+
- the Docker path does not require `.env`
|
|
182
|
+
- the README is honest about scope and exclusions
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# Tauri Default Scaffold Playbook
|
|
2
|
+
|
|
3
|
+
Use this playbook only when the prompt explicitly requires Tauri or the existing repo is already Tauri-based.
|
|
4
|
+
|
|
5
|
+
## Current status
|
|
6
|
+
|
|
7
|
+
This family is now **experimentally verified** for an honest Linux Docker baseline.
|
|
8
|
+
|
|
9
|
+
Verified lab:
|
|
10
|
+
|
|
11
|
+
- `/Users/yohannesakd/code/eaglepoint/demonstration/scaffold-lab/tauri-baseline`
|
|
12
|
+
|
|
13
|
+
## What was achieved in the verified lab
|
|
14
|
+
|
|
15
|
+
The verified lab now proves all of the following:
|
|
16
|
+
|
|
17
|
+
- Tauri + Vite + TypeScript scaffold exists
|
|
18
|
+
- Rust shell under `src-tauri/` exists
|
|
19
|
+
- Dockerfile and Compose report-service strategy exist
|
|
20
|
+
- `run_tests.sh` exists
|
|
21
|
+
- built frontend assets exist under `dist/`
|
|
22
|
+
- verification helper scripts exist under `.docker/`
|
|
23
|
+
- README documents a plausible Linux Docker verification boundary
|
|
24
|
+
- `docker compose up --build --wait` reaches a stable healthy report service
|
|
25
|
+
- containerized `./run_tests.sh` passes
|
|
26
|
+
- a Linux `.deb` bundle is generated and preserved under the verified artifact path
|
|
27
|
+
- the packaged Tauri binary passes the documented headless smoke path
|
|
28
|
+
|
|
29
|
+
## Safe default stack
|
|
30
|
+
|
|
31
|
+
- Tauri `2.x`
|
|
32
|
+
- Vite `8.x`
|
|
33
|
+
- TypeScript `6.x`
|
|
34
|
+
- Rust stable compatible with the chosen Tauri version
|
|
35
|
+
|
|
36
|
+
## Runtime contract
|
|
37
|
+
|
|
38
|
+
- required Docker command: `docker compose up --build`
|
|
39
|
+
- required broad test command: `./run_tests.sh`
|
|
40
|
+
- both are now confirmed working in the verified lab
|
|
41
|
+
|
|
42
|
+
## Intended Docker strategy
|
|
43
|
+
|
|
44
|
+
This family should follow the desktop shared contract with a Tauri-specific interpretation:
|
|
45
|
+
|
|
46
|
+
1. build frontend assets inside Docker
|
|
47
|
+
2. compile the Rust/Tauri shell inside Docker
|
|
48
|
+
3. produce a meaningful Linux-side artifact or bundle
|
|
49
|
+
4. run one honest Linux smoke/proof path if feasible
|
|
50
|
+
5. converge Compose to a stable report/support service rather than a one-shot exited container
|
|
51
|
+
|
|
52
|
+
## Honest Linux proof boundary
|
|
53
|
+
|
|
54
|
+
For the verified Linux baseline, Docker honestly proves only:
|
|
55
|
+
|
|
56
|
+
- Tauri frontend builds
|
|
57
|
+
- Rust shell compiles
|
|
58
|
+
- Linux-side bundle/build path works
|
|
59
|
+
- any documented smoke path actually runs
|
|
60
|
+
|
|
61
|
+
It should **not** claim full cross-platform desktop UX proof outside Linux.
|
|
62
|
+
|
|
63
|
+
## Verified rerun evidence
|
|
64
|
+
|
|
65
|
+
The successful rerun established these concrete facts:
|
|
66
|
+
|
|
67
|
+
- the multi-stage Docker build completed end-to-end
|
|
68
|
+
- `npm run test:unit` passed
|
|
69
|
+
- `npx tauri build --bundles deb --ci` passed
|
|
70
|
+
- `cargo test --release --manifest-path src-tauri/Cargo.toml` passed
|
|
71
|
+
- the headless smoke path passed under `dbus-run-session` + `Xvfb`
|
|
72
|
+
- verification artifacts were copied out of the cache-mounted build target into `.verified/`
|
|
73
|
+
- the final Compose service reached `Healthy`
|
|
74
|
+
- `./run_tests.sh` returned a verified summary endpoint
|
|
75
|
+
|
|
76
|
+
## Guidance
|
|
77
|
+
|
|
78
|
+
- treat Tauri as explicit opt-in only
|
|
79
|
+
- do not auto-select it for open-ended desktop work yet because Electron remains the lighter generic default
|
|
80
|
+
- it is now safe to treat this family as experimentally verified rather than partial
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
# Vue Vite Default Scaffold Playbook
|
|
2
|
+
|
|
3
|
+
Use this when the prompt explicitly wants a Vue frontend on top of Vite and does not already require a broader runtime such as Nuxt.
|
|
4
|
+
|
|
5
|
+
## Decision summary
|
|
6
|
+
|
|
7
|
+
- **chosen default:** Vue 3 + Vite + TypeScript via `create-vue`
|
|
8
|
+
- **why:** official Vue-owned bootstrap path, easy to keep baseline-only, and straightforward to verify with Docker plus Vitest component tests
|
|
9
|
+
- **verified runtime:** `docker compose up --build`
|
|
10
|
+
- **verified broad test path:** `./run_tests.sh`
|
|
11
|
+
- **experimentally verified lab:** `/Users/yohannesakd/code/eaglepoint/demonstration/scaffold-lab/vue-vite-baseline`
|
|
12
|
+
|
|
13
|
+
## Official bootstrap matrix
|
|
14
|
+
|
|
15
|
+
| Stack | Official/bootstrap path | Good fit | Why not the default prototype here |
|
|
16
|
+
| --- | --- | --- | --- |
|
|
17
|
+
| Vue + Vite via `create-vue` | `npm create vue@latest <project-name> -- --ts --vitest --eslint --bare` | Best Vue-first SPA baseline with first-party feature flags | Chosen default |
|
|
18
|
+
| Vite Vue TypeScript template | `npm create vite@latest <project-name> -- --template vue-ts` | Good fallback when only a raw Vue/Vite template is needed | Slightly less aligned with Vue's recommended starter path |
|
|
19
|
+
| Nuxt | `npm exec nuxi@latest init <project-name>` | Best when SSR, file routing, or server APIs are required | Larger runtime model than a baseline SPA needs |
|
|
20
|
+
|
|
21
|
+
## Evidence basis for the matrix
|
|
22
|
+
|
|
23
|
+
- Vue docs recommend `npm create vue@latest` for scaffolding a Vue SPA locally.
|
|
24
|
+
- The `create-vue` repository describes itself as the recommended way to start a Vite-powered Vue project and documents feature flags such as `--ts`, `--vitest`, `--eslint`, and `--bare`.
|
|
25
|
+
- Vite docs document `npm create vite@latest <project-name> -- --template vue` / `vue-ts` as the direct template path and surface the Vue starter as the official Vue option.
|
|
26
|
+
|
|
27
|
+
For a **Vue-specific frontend baseline**, the safest verified prototype is the smallest official Vue-owned starter that still prewires type-checking, linting, and unit tests. That is `create-vue` with `--ts --vitest --eslint --bare` here.
|
|
28
|
+
|
|
29
|
+
## Chosen default stack and version pins
|
|
30
|
+
|
|
31
|
+
Verified prototype pins:
|
|
32
|
+
|
|
33
|
+
- Node image: `node:22.21.1-alpine3.22`
|
|
34
|
+
- Vue: `3.5.32`
|
|
35
|
+
- Vite: `8.0.8`
|
|
36
|
+
- TypeScript: `6.0.2`
|
|
37
|
+
- `@vitejs/plugin-vue`: `6.0.6`
|
|
38
|
+
- Vitest: `4.1.4`
|
|
39
|
+
- `@vue/test-utils`: `2.4.6`
|
|
40
|
+
- ESLint: `10.2.0`
|
|
41
|
+
- `@vue/eslint-config-typescript`: `14.7.0`
|
|
42
|
+
- `@vitest/eslint-plugin`: `1.6.15`
|
|
43
|
+
- `oxlint`: `1.57.0`
|
|
44
|
+
- `vue-tsc`: `3.2.6`
|
|
45
|
+
- `jsdom`: `29.0.2`
|
|
46
|
+
|
|
47
|
+
Compatibility pins used in this verified lab:
|
|
48
|
+
|
|
49
|
+
- `@emnapi/core`: `1.9.2`
|
|
50
|
+
- `@emnapi/runtime`: `1.9.2`
|
|
51
|
+
- `@rolldown/binding-darwin-arm64`: `1.0.0-rc.15` as an optional dependency for current macOS arm64 local installs
|
|
52
|
+
|
|
53
|
+
## Safe defaults
|
|
54
|
+
|
|
55
|
+
- no `.env` file required
|
|
56
|
+
- no secrets committed
|
|
57
|
+
- baseline-only SPA, not a feature-complete product
|
|
58
|
+
- no router, state store, API client, SSR, or E2E browser tooling by default
|
|
59
|
+
- Docker host port bound to `127.0.0.1` with a random host port to reduce local collisions
|
|
60
|
+
- healthcheck required before the smoke step proceeds
|
|
61
|
+
- exact dependency versions pinned in `package.json` and `package-lock.json`
|
|
62
|
+
|
|
63
|
+
## Docker / Compose pattern
|
|
64
|
+
|
|
65
|
+
Recommended baseline pattern:
|
|
66
|
+
|
|
67
|
+
1. **multi-stage Dockerfile**
|
|
68
|
+
- shared `npm ci` base
|
|
69
|
+
- `development` target runs `vite` on `0.0.0.0:5173`
|
|
70
|
+
- `verify` target runs `npm run verify`
|
|
71
|
+
2. **Compose services**
|
|
72
|
+
- `web` service for `docker compose up --build`
|
|
73
|
+
- `test` service behind a `test` profile for containerized verification
|
|
74
|
+
3. **port strategy**
|
|
75
|
+
- expose only the app port
|
|
76
|
+
- prefer `127.0.0.1::5173` so parallel local worktrees do not collide
|
|
77
|
+
4. **health strategy**
|
|
78
|
+
- wait for `wget http://127.0.0.1:5173` healthcheck before curl smoke tests
|
|
79
|
+
|
|
80
|
+
## Testing baseline
|
|
81
|
+
|
|
82
|
+
Minimum real testing floor for this playbook:
|
|
83
|
+
|
|
84
|
+
- Vitest component tests
|
|
85
|
+
- Vue Test Utils rendering assertions
|
|
86
|
+
- one small interaction test (`Show verification commands` toggle)
|
|
87
|
+
- one containerized smoke check that confirms the app shell is served through Compose
|
|
88
|
+
- one containerized broad path that runs lint + unit tests + production build
|
|
89
|
+
|
|
90
|
+
Suggested scripts:
|
|
91
|
+
|
|
92
|
+
- `npm run test:unit`
|
|
93
|
+
- `npm run verify`
|
|
94
|
+
- `./run_tests.sh`
|
|
95
|
+
|
|
96
|
+
`./run_tests.sh` should:
|
|
97
|
+
|
|
98
|
+
1. build Docker images
|
|
99
|
+
2. start `web`
|
|
100
|
+
3. wait for health
|
|
101
|
+
4. `curl` the served HTML shell
|
|
102
|
+
5. run the `test` profile container
|
|
103
|
+
6. tear down cleanly
|
|
104
|
+
|
|
105
|
+
## README requirements
|
|
106
|
+
|
|
107
|
+
The scaffold `README.md` should explicitly state:
|
|
108
|
+
|
|
109
|
+
- that this is a **baseline scaffold**
|
|
110
|
+
- chosen stack and why it was picked
|
|
111
|
+
- exact bootstrap command used
|
|
112
|
+
- `docker compose up --build`
|
|
113
|
+
- `./run_tests.sh`
|
|
114
|
+
- any optional local iteration commands
|
|
115
|
+
- what is included now vs intentionally deferred
|
|
116
|
+
- no `.env` / no secrets policy
|
|
117
|
+
- main files worth reusing later
|
|
118
|
+
|
|
119
|
+
## Verification commands actually run in the verified prototype
|
|
120
|
+
|
|
121
|
+
User-facing commands verified:
|
|
122
|
+
|
|
123
|
+
```bash
|
|
124
|
+
npm create vue@latest vue-vite-baseline -- --ts --vitest --eslint --bare
|
|
125
|
+
npm install
|
|
126
|
+
npm run verify
|
|
127
|
+
docker compose up --build
|
|
128
|
+
./run_tests.sh
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
Supporting commands used during verification:
|
|
132
|
+
|
|
133
|
+
```bash
|
|
134
|
+
docker compose port web 5173
|
|
135
|
+
curl -fsS http://127.0.0.1:<mapped-port>
|
|
136
|
+
docker compose down --remove-orphans
|
|
137
|
+
```
|
|
138
|
+
|
|
139
|
+
Observed verification results in the prototype lab:
|
|
140
|
+
|
|
141
|
+
- local `npm run verify`: passed
|
|
142
|
+
- containerized `./run_tests.sh`: passed
|
|
143
|
+
- runtime `docker compose up --build`: passed and served the app shell
|
|
144
|
+
|
|
145
|
+
## Known caveats
|
|
146
|
+
|
|
147
|
+
- The curl smoke check validates the served HTML shell, not hydrated browser DOM behavior. Keep Vitest component tests for actual UI assertions.
|
|
148
|
+
- `create-vue` is interactive by default; the verified baseline uses feature flags so the scaffold stays reproducible and baseline-only.
|
|
149
|
+
- Nuxt remains a documented alternative, not the verified prototype, because its runtime model is intentionally broader than a baseline SPA.
|
|
150
|
+
|
|
151
|
+
## What to reuse later
|
|
152
|
+
|
|
153
|
+
Reuse these parts directly for later Vue frontend prompts:
|
|
154
|
+
|
|
155
|
+
- the official `create-vue` bootstrap path with baseline-only flags
|
|
156
|
+
- the multi-stage Dockerfile pattern
|
|
157
|
+
- random localhost host-port mapping
|
|
158
|
+
- healthcheck + curl smoke test flow
|
|
159
|
+
- `./run_tests.sh` as the canonical broad-path wrapper
|
|
160
|
+
- the README honesty checklist
|
|
161
|
+
|
|
162
|
+
Do **not** treat this playbook as a signal to pre-add routing, Pinia, auth, API clients, or E2E browsers unless the prompt explicitly needs them.
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
# Web Default Scaffold Playbook
|
|
2
|
+
|
|
3
|
+
Use this playbook for web frontend, backend, or fullstack requests unless the prompt or existing repo clearly requires a different runtime model.
|
|
4
|
+
|
|
5
|
+
## Goal
|
|
6
|
+
|
|
7
|
+
Create a simple web baseline that:
|
|
8
|
+
|
|
9
|
+
- uses the requested framework or safest default bootstrap path
|
|
10
|
+
- runs through one honest primary runtime contract
|
|
11
|
+
- exposes one portable broad test command
|
|
12
|
+
- wires required baseline technologies without starting product-specific feature work
|
|
13
|
+
|
|
14
|
+
## Runtime contract
|
|
15
|
+
|
|
16
|
+
- required runtime command: `docker compose up --build`
|
|
17
|
+
- required broad test command: `./run_tests.sh`
|
|
18
|
+
- both commands must be real and working
|
|
19
|
+
|
|
20
|
+
## Bootstrap rule
|
|
21
|
+
|
|
22
|
+
- use the official or best-known bootstrap command for the requested web framework
|
|
23
|
+
- if the prompt leaves the framework open, choose the safest maintained default for the requested surface
|
|
24
|
+
- after bootstrap, adapt only enough to make the runtime, test path, config path, and README honest
|
|
25
|
+
|
|
26
|
+
## Required scripts
|
|
27
|
+
|
|
28
|
+
- `./run_tests.sh`
|
|
29
|
+
- `./init_db.sh` when the project has database dependencies
|
|
30
|
+
|
|
31
|
+
## Safe defaults
|
|
32
|
+
|
|
33
|
+
- no `.env` files in the repo
|
|
34
|
+
- no hardcoded secrets
|
|
35
|
+
- Docker runtime is mandatory for web delivery
|
|
36
|
+
- only app-facing services exposed to host by default
|
|
37
|
+
- internal services kept off host ports unless genuinely needed
|
|
38
|
+
- `COMPOSE_PROJECT_NAME` namespaced cleanly when Docker is used
|
|
39
|
+
|
|
40
|
+
## Baseline structure
|
|
41
|
+
|
|
42
|
+
- app/runtime entrypoints are real
|
|
43
|
+
- test tooling is installed
|
|
44
|
+
- config flow is explicit
|
|
45
|
+
- logging/validation baseline exists where the stack obviously needs it
|
|
46
|
+
- repo `README.md` is honest from day one
|
|
47
|
+
|
|
48
|
+
## `./run_tests.sh`
|
|
49
|
+
|
|
50
|
+
For the default Docker-first model, `./run_tests.sh` should own the portable broad path and remain runnable on a clean Linux machine with Docker and curl.
|
|
51
|
+
|
|
52
|
+
Typical baseline coverage:
|
|
53
|
+
|
|
54
|
+
- install/build health
|
|
55
|
+
- lint or typecheck when applicable
|
|
56
|
+
- one or more real baseline tests
|
|
57
|
+
- app or API smoke-level verification
|
|
58
|
+
|
|
59
|
+
## Minimal real test floor
|
|
60
|
+
|
|
61
|
+
At scaffold, include at least:
|
|
62
|
+
|
|
63
|
+
- one real unit or route/component test
|
|
64
|
+
- one real smoke-level proof that the chosen framework wiring works
|
|
65
|
+
- one real broad-path build/test invocation in `./run_tests.sh`
|
|
66
|
+
|
|
67
|
+
Do not leave the broad path mostly empty.
|
|
68
|
+
|
|
69
|
+
## README floor
|
|
70
|
+
|
|
71
|
+
`README.md` must already state:
|
|
72
|
+
|
|
73
|
+
- scaffold status versus implemented scope
|
|
74
|
+
- required Docker command: `docker compose up --build`
|
|
75
|
+
- broad test command
|
|
76
|
+
- main repo layout
|
|
77
|
+
- any mock/local-only or scaffold honesty boundaries
|
|
78
|
+
|
|
79
|
+
## Common pitfalls
|
|
80
|
+
|
|
81
|
+
- pretending a non-Docker web runtime is acceptable as the final baseline contract
|
|
82
|
+
- checked-in `.env` files
|
|
83
|
+
- hardcoded secret literals in Compose or startup scripts
|
|
84
|
+
- exposing every service port to host by default
|
|
85
|
+
- generating a giant scaffold with almost no real tests
|
|
86
|
+
|
|
87
|
+
## Acceptance checklist
|
|
88
|
+
|
|
89
|
+
Scaffold is acceptable when:
|
|
90
|
+
|
|
91
|
+
- `docker compose up --build` works
|
|
92
|
+
- `./run_tests.sh` works
|
|
93
|
+
- required baseline technologies are wired
|
|
94
|
+
- minimal real tests exist
|
|
95
|
+
- README is honest
|
|
96
|
+
- no `.env` or hardcoded secret residue exists
|
|
@@ -16,6 +16,28 @@ This file is the repo-local engineering rulebook for `slopmachine` projects.
|
|
|
16
16
|
- Work in meaningful vertical slices.
|
|
17
17
|
- Do not call work complete while it is still shaky.
|
|
18
18
|
- Reuse and extend shared cross-cutting patterns instead of inventing incompatible local ones.
|
|
19
|
+
- Before coding, identify the actors or personas touched by the change and the concrete path to success for each one.
|
|
20
|
+
- Make important business rules explicit before coding: defaults, limits, allowed transitions, uniqueness, conflicts, reversals, retries, and ownership rules when they matter.
|
|
21
|
+
- When the product has meaningful workflow state, define or confirm the relevant state machine before treating the flow as implemented.
|
|
22
|
+
- Keep a concrete out-of-scope boundary in mind so you do not overbuild speculative features.
|
|
23
|
+
- Do not introduce convenience-based `v1` scope cuts, role simplifications, or workflow omissions unless they were explicitly authorized.
|
|
24
|
+
- When backend or fullstack API endpoints are added or changed, prefer real HTTP tests for the exact `METHOD + PATH` over controller or service bypasses when practical.
|
|
25
|
+
- If mocked HTTP tests or unit-only tests still exist for an API surface, do not overstate them as equivalent to true no-mock endpoint coverage.
|
|
26
|
+
|
|
27
|
+
## Requirements Fidelity
|
|
28
|
+
|
|
29
|
+
- Preserve the full prompt intent, including implied business constraints.
|
|
30
|
+
- Do not weaken required actor models, operator flows, security controls, or lifecycle behavior for implementation convenience.
|
|
31
|
+
- If a requirement is ambiguous, choose the safest prompt-faithful behavior or surface the ambiguity instead of guessing lazily.
|
|
32
|
+
- If the feature depends on business rules, make those rules traceable in code, tests, and `README.md` rather than leaving them implicit.
|
|
33
|
+
|
|
34
|
+
## Architecture Rules
|
|
35
|
+
|
|
36
|
+
- For backend or fullstack projects, route configuration through a central config module instead of scattering direct environment reads through business logic.
|
|
37
|
+
- Keep database operations, business logic, transport layers, and UI surfaces separated clearly enough for static review.
|
|
38
|
+
- Use a shared logging path and shared validation/error-normalization path when the project is large enough for those concerns to matter.
|
|
39
|
+
- When a third-party service is required but real integration is not explicitly demanded, prefer an internal stub or adaptor boundary over shipping brittle real credentials or uncontrolled external dependencies.
|
|
40
|
+
- If a feature requires auth or privileged access, enforce it across route, controller or handler, and object scope where applicable.
|
|
19
41
|
|
|
20
42
|
## Runtime And Verification
|
|
21
43
|
|
|
@@ -26,8 +48,9 @@ This file is the repo-local engineering rulebook for `slopmachine` projects.
|
|
|
26
48
|
- During ordinary development slices, do not run Docker runtime commands, browser E2E, Playwright, full test suites, or `./run_tests.sh`.
|
|
27
49
|
- Use targeted local tests during ordinary development slices and leave browser E2E plus broad-gate commands for later comprehensive verification.
|
|
28
50
|
- When API tests are material, make them hit real endpoints and print simple useful response evidence such as status codes and message/body summaries.
|
|
29
|
-
- For web projects,
|
|
30
|
-
-
|
|
51
|
+
- For web projects, require the runtime contract to be `docker compose up --build`.
|
|
52
|
+
- For Android, mobile, desktop, and iOS-targeted projects, also require a meaningful `docker compose up --build` command even when platform-specific runtime proof differs from web semantics.
|
|
53
|
+
- For non-web projects, `./run_app.sh` may exist as a helper wrapper, but it does not replace the required Docker command.
|
|
31
54
|
- If the project has database dependencies, keep `./init_db.sh` as the only project-standard database initialization path.
|
|
32
55
|
|
|
33
56
|
## Documentation Rules
|
|
@@ -35,17 +58,21 @@ This file is the repo-local engineering rulebook for `slopmachine` projects.
|
|
|
35
58
|
- Keep `README.md` accurate.
|
|
36
59
|
- The README must explain what the project is, what it does, how to run it, how to test it, the main repo contents, and any important information a new developer needs immediately.
|
|
37
60
|
- The README must also explain the delivered architecture and major implementation structure clearly enough for review and handoff.
|
|
38
|
-
- The README must
|
|
61
|
+
- The README must include project type near the top, startup instructions, access method, verification method, and demo credentials for every role or the exact statement `No authentication required`.
|
|
62
|
+
- The README must clearly document the required Docker command `docker compose up --build` and any additional helper runtime wrapper such as `./run_app.sh` when present.
|
|
39
63
|
- The README must clearly document `./run_tests.sh` as the broad test command.
|
|
64
|
+
- For backend, fullstack, and web projects, the README should also contain the exact legacy compatibility string `docker-compose up` somewhere in startup guidance without replacing the canonical runtime contract.
|
|
40
65
|
- The README must stand on its own for basic codebase use.
|
|
41
66
|
- Keep `README.md` as the only documentation file inside the repo unless the user explicitly asks for something else.
|
|
42
67
|
- Treat `README.md` as the primary documentation surface inside the repo.
|
|
43
68
|
- The repo should be statically reviewable by a fresh reviewer: entry points, routes, config, test commands, and major module boundaries should be traceable from repository artifacts.
|
|
69
|
+
- The README should name the important actors, the main success paths, major limitations or out-of-scope boundaries, and any non-obvious business rules that affect usage.
|
|
44
70
|
- If the project uses mock, stub, fake, interception, or local-data behavior, the README must disclose that scope accurately.
|
|
45
71
|
- If mock or interception behavior is enabled by default, the README must say so clearly.
|
|
46
72
|
- Feature flags, debug/demo surfaces, default enabled states, and mock/interception defaults must be disclosed in `README.md` when they exist.
|
|
47
73
|
- Do not let a mock-only or local-data-only project look like undisclosed real backend or production integration.
|
|
48
74
|
- Do not hide missing failure handling behind fake-success paths.
|
|
75
|
+
- Before final delivery, remove local-only setup traces and host-only dependency assumptions from the README and wrapper scripts.
|
|
49
76
|
|
|
50
77
|
## Secret And Runtime Rules
|
|
51
78
|
|
|
@@ -67,6 +94,17 @@ This file is the repo-local engineering rulebook for `slopmachine` projects.
|
|
|
67
94
|
- Do not leave placeholder, setup, debug, or demo content in product-facing UI.
|
|
68
95
|
- If a real user-facing or admin-facing surface is required, build that surface instead of bypassing it with API shortcuts.
|
|
69
96
|
- Treat missing real surfaces as incomplete implementation.
|
|
97
|
+
- If multiple roles or personas exist, implement the real role-aware surfaces and permissions rather than collapsing them into a single generic flow.
|
|
98
|
+
- Do not replace prompt-required interaction models, lifecycle behavior, or data-integrity rules with easier substitutes unless explicitly authorized.
|
|
99
|
+
|
|
100
|
+
## Security And Reliability Rules
|
|
101
|
+
|
|
102
|
+
- When multiple roles or privileged actions exist, use RBAC or stronger scoped authorization as required by the actual product behavior.
|
|
103
|
+
- Enforce object-level authorization when users should only see or mutate their own records.
|
|
104
|
+
- Keep sensitive data out of logs, errors, screenshots, and seeded runtime values.
|
|
105
|
+
- Return normalized user-safe errors; do not expose raw stack traces or internal file paths in normal product surfaces.
|
|
106
|
+
- Make request logging, exception logging, and background failure logging meaningful enough for operators to understand what failed without leaking secrets.
|
|
107
|
+
- If offline, queueing, retries, jobs, or resumability matter, implement explicit states and recovery behavior instead of vague best-effort logic.
|
|
70
108
|
|
|
71
109
|
## Rulebook Files
|
|
72
110
|
|