theslopmachine 0.7.2 → 0.7.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/assets/skills/claude-worker-management/SKILL.md +1 -1
- package/assets/skills/development-guidance/SKILL.md +1 -0
- package/assets/skills/hardening-gate/SKILL.md +1 -0
- package/assets/skills/planning-guidance/SKILL.md +1 -0
- package/assets/skills/scaffold-guidance/SKILL.md +1 -0
- package/assets/skills/verification-gates/SKILL.md +1 -0
- package/assets/slopmachine/scaffold-playbooks/docker-shared-contract.md +4 -0
- package/assets/slopmachine/templates/AGENTS.md +1 -0
- package/assets/slopmachine/templates/CLAUDE.md +1 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -192,7 +192,7 @@ When resuming a long-lived lane:
|
|
|
192
192
|
|
|
193
193
|
For evaluator-driven remediation inside a `bugfix-N` session opened by a `partial pass` audit:
|
|
194
194
|
|
|
195
|
-
- lead with the concrete evaluator finding or
|
|
195
|
+
- lead with the concrete evaluator finding or reviewed issue statement
|
|
196
196
|
- state the expected fix and the affected non-regression surfaces
|
|
197
197
|
- require proof for the issue path plus the nearby happy path and security/ownership boundary when relevant
|
|
198
198
|
- say to stop after the named issue set rather than reopening unrelated refactors
|
|
@@ -82,6 +82,7 @@ Use this skill during `P4 Development` before prompting the developer.
|
|
|
82
82
|
- fast local iteration is allowed during development even when the final delivered runtime and broad verification contract must be Docker-contained
|
|
83
83
|
- do not let temporary local tooling or host-only setup assumptions leak into the final README, wrapper scripts, or declared delivery contract
|
|
84
84
|
- local verification is for speed during development; the README-documented runtime and broad test commands are the final contract that must pass at the later gate when they are part of the README promise
|
|
85
|
+
- do not add runtime/test scripts, Compose services, or Docker entrypoints that shell out to host package managers or assume host-installed toolchains for the final delivered path; move those dependencies into Dockerfiles or container build definitions before the slice is considered complete
|
|
85
86
|
- do not run browser E2E, Playwright, full test suites, `./run_tests.sh`, or Docker runtime commands during ordinary development slices
|
|
86
87
|
- for frontend-bearing projects, rely on targeted local tests such as unit, component, route, page, or state-focused tests instead of browser E2E during ordinary slice work
|
|
87
88
|
- for `fullstack` and `web` projects, treat frontend unit tests as a real expected deliverable rather than optional polish; do not rely on package manifests or tooling presence as a substitute for real test files
|
|
@@ -60,6 +60,7 @@ Hardening should treat these as the main review buckets before final evaluation
|
|
|
60
60
|
- enforce env-file discipline during hardening
|
|
61
61
|
- run documentation verification against the real codebase and runtime behavior, not just document existence
|
|
62
62
|
- if `README.md` declares containerized runtime or broad test commands, verify that the final delivered output really supports those exact commands and that the docs do not overpromise beyond what the repo actually does
|
|
63
|
+
- verify that every dependency needed by the README-documented `docker compose up --build` and `./run_tests.sh` paths is declared in Dockerfiles or other repo-controlled container build definitions rather than relying on host-installed packages or runtimes
|
|
63
64
|
- audit README compliance against the strict post-bugfix README review shape:
|
|
64
65
|
- project type near the top
|
|
65
66
|
- startup instructions
|
|
@@ -163,6 +163,7 @@ Selected-stack defaults:
|
|
|
163
163
|
- `./run_tests.sh` must exist for every project as the platform-independent broad test wrapper
|
|
164
164
|
- `./run_tests.sh` must be able to run on a clean Linux VM that only has Docker and curl available by default
|
|
165
165
|
- do not require host package managers, host language runtimes, or host test tooling for the broad test path unless the stack absolutely forces it and the exception is explicitly justified
|
|
166
|
+
- define all runtime and broad-test dependencies in Dockerfiles, image build stages, or other repo-controlled container build definitions; do not rely on hidden host packages even when the developer machine happens to have them
|
|
166
167
|
- `./run_tests.sh` must prepare or install anything required inside its own controlled execution path when that setup is needed for a clean environment
|
|
167
168
|
- for web projects, `./run_tests.sh` must run the full test path through Docker rather than a purely local test invocation
|
|
168
169
|
- when host-level setup would otherwise be required, prefer a Dockerized `./run_tests.sh` path even outside traditional web stacks so the broad verification remains portable
|
|
@@ -90,6 +90,7 @@ At scaffold time, do not require:
|
|
|
90
90
|
- create `./run_tests.sh` during scaffold for every project
|
|
91
91
|
- create `./run_app.sh` during scaffold for non-web platforms when it helps expose the host-side or platform-specific local flow, but keep `docker compose up --build` and containerized `./run_tests.sh` as required baseline commands
|
|
92
92
|
- if the project has database dependencies, create `./init_db.sh` during scaffold as the only project-standard database initialization path
|
|
93
|
+
- define the runtime and broad-test dependency set in Dockerfiles or other repo-controlled container build definitions during scaffold; do not assume host package managers, host SDKs, or host language runtimes beyond Docker and documented baseline prerequisites
|
|
93
94
|
- make the scaffold handoff compact and checklist-driven rather than a long narrative dump
|
|
94
95
|
|
|
95
96
|
## Minimal real test floor
|
|
@@ -48,6 +48,7 @@ Use this skill after development begins whenever you are reviewing work, decidin
|
|
|
48
48
|
- for Android, mobile, desktop, and iOS-targeted projects, allow `./run_app.sh` as an additional platform helper but not as a replacement for the required Docker command
|
|
49
49
|
- require `./run_tests.sh` to be self-sufficient enough to run from a clean Linux VM that only has Docker and curl available by default
|
|
50
50
|
- do not accept a broad test path that depends on host package managers or preinstalled host language runtimes when Docker can provide the execution environment instead
|
|
51
|
+
- do not accept Docker runtime/test paths that rely on undeclared host packages, SDKs, compilers, CLIs, or language runtimes; all such dependencies must be defined in Dockerfiles or other repo-controlled container build definitions
|
|
51
52
|
- for web projects, require `./run_tests.sh` to be the Dockerized broad test path used only for the limited broad verification moments rather than as the ordinary development verification path
|
|
52
53
|
- when host-level setup would otherwise be required, prefer a Dockerized `./run_tests.sh` path even outside traditional web stacks so the broad verification remains portable
|
|
53
54
|
- for non-web projects, require `./run_tests.sh` to remain containerized and usable as the platform-equivalent broad test path used for final broad verification
|
|
@@ -49,6 +49,7 @@ That proof differs by family, but it must always be **meaningful**:
|
|
|
49
49
|
At minimum, `docker compose up --build` must prove all of the following:
|
|
50
50
|
|
|
51
51
|
- images build from source in the repo
|
|
52
|
+
- all system packages, language runtimes, CLIs, compilers, and SDKs required by the runtime path are declared in Dockerfiles or image build stages rather than assumed from the host
|
|
52
53
|
- declared runtime or support services start without hidden host setup
|
|
53
54
|
- readiness can be observed through healthchecks, predictable logs, or explicit successful artifact production
|
|
54
55
|
- the stack reaches a meaningful healthy state without manual container surgery
|
|
@@ -71,6 +72,9 @@ It must prove that the scaffold can be verified from a clean-enough developer or
|
|
|
71
72
|
- run smoke checks against the actual baseline contract
|
|
72
73
|
- clean up one-off test containers and temporary runtime state
|
|
73
74
|
|
|
75
|
+
`docker compose up --build` and `./run_tests.sh` must never depend on host-installed language runtimes, package managers, CLIs, compilers, SDKs, or other local system packages beyond Docker and the documented baseline host prerequisites.
|
|
76
|
+
If a dependency is needed for runtime or broad verification, define it in Dockerfiles, image build stages, or other repo-controlled container build definitions.
|
|
77
|
+
|
|
74
78
|
`./run_tests.sh` must not be a fake wrapper that only prints TODOs, only runs lint when runtime proof is expected, or silently skips the meaningful part of verification.
|
|
75
79
|
|
|
76
80
|
Minimum proof by family:
|
|
@@ -88,6 +88,7 @@ This file is the repo-local engineering rulebook for `slopmachine` projects.
|
|
|
88
88
|
- `./run_tests.sh` should use the same startup-value model as `docker compose up --build` rather than a separate pre-seeded test-secret path.
|
|
89
89
|
- If local-development runtime values must persist across restarts, keep them only in Docker-managed runtime state rather than committed repo files.
|
|
90
90
|
- If such a bootstrap script exists, document in the script and in `README.md` that it is for local development bootstrap only and is not the production secret-management path.
|
|
91
|
+
- Do not let `docker compose up --build` or `./run_tests.sh` depend on host-installed packages, SDKs, language runtimes, CLIs, or toolchains beyond Docker and the documented baseline host prerequisites; define those dependencies in Dockerfiles or other repo-controlled container build definitions.
|
|
91
92
|
|
|
92
93
|
## Product Integrity Rules
|
|
93
94
|
|
|
@@ -88,6 +88,7 @@ This file is the repo-local engineering rulebook for `slopmachine-claude` projec
|
|
|
88
88
|
- `./run_tests.sh` should use the same startup-value model as `docker compose up --build` rather than a separate pre-seeded test-secret path.
|
|
89
89
|
- If local-development runtime values must persist across restarts, keep them only in Docker-managed runtime state rather than committed repo files.
|
|
90
90
|
- If such a bootstrap script exists, document in the script and in `README.md` that it is for local development bootstrap only and is not the production secret-management path.
|
|
91
|
+
- Do not let `docker compose up --build` or `./run_tests.sh` depend on host-installed packages, SDKs, language runtimes, CLIs, or toolchains beyond Docker and the documented baseline host prerequisites; define those dependencies in Dockerfiles or other repo-controlled container build definitions.
|
|
91
92
|
|
|
92
93
|
## Product Integrity Rules
|
|
93
94
|
|