timsquad 3.4.0 → 3.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/README.ko.md +4 -0
  2. package/README.md +4 -0
  3. package/dist/commands/audit.d.ts +22 -0
  4. package/dist/commands/audit.d.ts.map +1 -0
  5. package/dist/commands/audit.js +233 -0
  6. package/dist/commands/audit.js.map +1 -0
  7. package/dist/commands/compile.d.ts.map +1 -1
  8. package/dist/commands/compile.js +84 -3
  9. package/dist/commands/compile.js.map +1 -1
  10. package/dist/commands/daemon.d.ts.map +1 -1
  11. package/dist/commands/daemon.js +50 -3
  12. package/dist/commands/daemon.js.map +1 -1
  13. package/dist/commands/full.js +1 -0
  14. package/dist/commands/full.js.map +1 -1
  15. package/dist/commands/git/pr.js +6 -5
  16. package/dist/commands/git/pr.js.map +1 -1
  17. package/dist/commands/git/release.js +2 -7
  18. package/dist/commands/git/release.js.map +1 -1
  19. package/dist/commands/improve.js +2 -2
  20. package/dist/commands/improve.js.map +1 -1
  21. package/dist/commands/init.js +42 -6
  22. package/dist/commands/init.js.map +1 -1
  23. package/dist/commands/log.d.ts.map +1 -1
  24. package/dist/commands/log.js +34 -2
  25. package/dist/commands/log.js.map +1 -1
  26. package/dist/commands/meta-index.d.ts.map +1 -1
  27. package/dist/commands/meta-index.js +30 -0
  28. package/dist/commands/meta-index.js.map +1 -1
  29. package/dist/commands/metrics.d.ts.map +1 -1
  30. package/dist/commands/metrics.js +6 -2
  31. package/dist/commands/metrics.js.map +1 -1
  32. package/dist/commands/retro.d.ts.map +1 -1
  33. package/dist/commands/retro.js +71 -14
  34. package/dist/commands/retro.js.map +1 -1
  35. package/dist/commands/session.js +3 -3
  36. package/dist/commands/session.js.map +1 -1
  37. package/dist/commands/skills.js +4 -7
  38. package/dist/commands/skills.js.map +1 -1
  39. package/dist/commands/status.js +1 -1
  40. package/dist/commands/status.js.map +1 -1
  41. package/dist/commands/upgrade.d.ts.map +1 -1
  42. package/dist/commands/upgrade.js +18 -1
  43. package/dist/commands/upgrade.js.map +1 -1
  44. package/dist/commands/workflow.d.ts +2 -0
  45. package/dist/commands/workflow.d.ts.map +1 -1
  46. package/dist/commands/workflow.js +180 -6
  47. package/dist/commands/workflow.js.map +1 -1
  48. package/dist/daemon/context-writer.d.ts +14 -0
  49. package/dist/daemon/context-writer.d.ts.map +1 -1
  50. package/dist/daemon/context-writer.js +29 -0
  51. package/dist/daemon/context-writer.js.map +1 -1
  52. package/dist/daemon/event-queue.d.ts +4 -0
  53. package/dist/daemon/event-queue.d.ts.map +1 -1
  54. package/dist/daemon/event-queue.js +107 -6
  55. package/dist/daemon/event-queue.js.map +1 -1
  56. package/dist/daemon/file-watcher.d.ts +14 -8
  57. package/dist/daemon/file-watcher.d.ts.map +1 -1
  58. package/dist/daemon/file-watcher.js +78 -41
  59. package/dist/daemon/file-watcher.js.map +1 -1
  60. package/dist/daemon/index.d.ts +1 -0
  61. package/dist/daemon/index.d.ts.map +1 -1
  62. package/dist/daemon/index.js +129 -53
  63. package/dist/daemon/index.js.map +1 -1
  64. package/dist/daemon/jsonl-watcher.d.ts +1 -0
  65. package/dist/daemon/jsonl-watcher.d.ts.map +1 -1
  66. package/dist/daemon/jsonl-watcher.js.map +1 -1
  67. package/dist/daemon/session-notes.d.ts +33 -0
  68. package/dist/daemon/session-notes.d.ts.map +1 -0
  69. package/dist/daemon/session-notes.js +74 -0
  70. package/dist/daemon/session-notes.js.map +1 -0
  71. package/dist/daemon/session-state.d.ts +8 -0
  72. package/dist/daemon/session-state.d.ts.map +1 -1
  73. package/dist/daemon/session-state.js +33 -0
  74. package/dist/daemon/session-state.js.map +1 -1
  75. package/dist/daemon/shutdown.d.ts.map +1 -1
  76. package/dist/daemon/shutdown.js +3 -1
  77. package/dist/daemon/shutdown.js.map +1 -1
  78. package/dist/index.js +2 -0
  79. package/dist/index.js.map +1 -1
  80. package/dist/lib/agent-generator.d.ts +4 -0
  81. package/dist/lib/agent-generator.d.ts.map +1 -1
  82. package/dist/lib/agent-generator.js +63 -3
  83. package/dist/lib/agent-generator.js.map +1 -1
  84. package/dist/lib/compile-rules.d.ts +2 -0
  85. package/dist/lib/compile-rules.d.ts.map +1 -1
  86. package/dist/lib/compile-rules.js +2 -0
  87. package/dist/lib/compile-rules.js.map +1 -1
  88. package/dist/lib/compiler.d.ts +21 -1
  89. package/dist/lib/compiler.d.ts.map +1 -1
  90. package/dist/lib/compiler.js +113 -3
  91. package/dist/lib/compiler.js.map +1 -1
  92. package/dist/lib/config.d.ts +3 -0
  93. package/dist/lib/config.d.ts.map +1 -1
  94. package/dist/lib/config.js +17 -2
  95. package/dist/lib/config.js.map +1 -1
  96. package/dist/lib/project.d.ts.map +1 -1
  97. package/dist/lib/project.js +8 -3
  98. package/dist/lib/project.js.map +1 -1
  99. package/dist/lib/skill-generator.d.ts +1 -1
  100. package/dist/lib/skill-generator.d.ts.map +1 -1
  101. package/dist/lib/skill-generator.js +39 -3
  102. package/dist/lib/skill-generator.js.map +1 -1
  103. package/dist/lib/ssot-map.d.ts +31 -0
  104. package/dist/lib/ssot-map.d.ts.map +1 -0
  105. package/dist/lib/ssot-map.js +76 -0
  106. package/dist/lib/ssot-map.js.map +1 -0
  107. package/dist/lib/template.js +1 -0
  108. package/dist/lib/template.js.map +1 -1
  109. package/dist/lib/workflow-state.d.ts +1 -1
  110. package/dist/lib/workflow-state.d.ts.map +1 -1
  111. package/dist/lib/workflow-state.js +1 -1
  112. package/dist/lib/workflow-state.js.map +1 -1
  113. package/dist/types/config.d.ts +10 -1
  114. package/dist/types/config.d.ts.map +1 -1
  115. package/dist/types/config.js +22 -17
  116. package/dist/types/config.js.map +1 -1
  117. package/dist/types/index.d.ts +1 -0
  118. package/dist/types/index.d.ts.map +1 -1
  119. package/dist/types/index.js +1 -0
  120. package/dist/types/index.js.map +1 -1
  121. package/dist/types/meta-index.d.ts +8 -0
  122. package/dist/types/meta-index.d.ts.map +1 -1
  123. package/dist/types/project.d.ts +1 -1
  124. package/dist/types/project.d.ts.map +1 -1
  125. package/dist/types/project.js.map +1 -1
  126. package/dist/types/ssot-map.d.ts +28 -0
  127. package/dist/types/ssot-map.d.ts.map +1 -0
  128. package/dist/types/ssot-map.js +6 -0
  129. package/dist/types/ssot-map.js.map +1 -0
  130. package/package.json +4 -4
  131. package/templates/base/agents/base/tsq-architect.md +2 -2
  132. package/templates/base/agents/base/tsq-librarian.md +45 -0
  133. package/templates/base/knowledge/checklists/plan-quality.md +31 -0
  134. package/templates/base/knowledge/checklists/stability-verification.md +14 -0
  135. package/templates/base/skills/_shared/naming-conventions.md +49 -0
  136. package/templates/base/skills/_template/SKILL.md +33 -17
  137. package/templates/base/skills/audit/SKILL.md +66 -0
  138. package/templates/base/skills/coding/SKILL.md +49 -29
  139. package/templates/base/skills/coding/rules/async-patterns.md +81 -0
  140. package/templates/base/skills/coding/rules/code-organization.md +80 -0
  141. package/templates/base/skills/coding/rules/error-handling.md +76 -0
  142. package/templates/base/skills/coding/rules/type-safety.md +85 -0
  143. package/templates/base/skills/controller/SKILL.md +50 -84
  144. package/templates/base/skills/controller/delegation/developer.md +25 -0
  145. package/templates/base/skills/controller/delegation/librarian.md +33 -0
  146. package/templates/base/skills/controller/delegation/reviewer.md +19 -0
  147. package/templates/base/skills/controller/memory/.gitkeep +0 -0
  148. package/templates/base/skills/controller/triggers/phase-complete.md +25 -0
  149. package/templates/base/skills/controller/triggers/sequence-complete.md +15 -0
  150. package/templates/base/skills/controller/triggers/ssot-changed.md +14 -0
  151. package/templates/base/skills/controller/triggers/task-complete.md +14 -0
  152. package/templates/base/skills/database/SKILL.md +8 -25
  153. package/templates/base/skills/database/rules/query-optimization.md +32 -0
  154. package/templates/base/skills/database/rules/supabase-patterns.md +94 -0
  155. package/templates/base/skills/librarian/SKILL.md +53 -0
  156. package/templates/base/skills/main-session-constraints/SKILL.md +62 -0
  157. package/templates/base/skills/methodology/tdd/SKILL.md +6 -0
  158. package/templates/base/skills/product-audit/SKILL.md +115 -0
  159. package/templates/base/skills/product-audit/checklists/01-security.md +86 -0
  160. package/templates/base/skills/product-audit/checklists/02-performance.md +67 -0
  161. package/templates/base/skills/product-audit/checklists/03-seo.md +46 -0
  162. package/templates/base/skills/product-audit/checklists/04-accessibility.md +66 -0
  163. package/templates/base/skills/product-audit/checklists/05-ui-ux.md +50 -0
  164. package/templates/base/skills/product-audit/checklists/06-architecture.md +53 -0
  165. package/templates/base/skills/product-audit/checklists/07-functional-requirements.md +55 -0
  166. package/templates/base/skills/product-audit/rules/audit-protocol.md +136 -0
  167. package/templates/base/skills/product-audit/rules/false-positive-guard.md +81 -0
  168. package/templates/base/skills/product-audit/rules/scoring-criteria.md +113 -0
  169. package/templates/base/skills/product-audit/templates/improvement-plan-template.md +60 -0
  170. package/templates/base/skills/product-audit/templates/report-template.md +88 -0
  171. package/templates/base/skills/prompt-engineering/SKILL.md +54 -73
  172. package/templates/base/skills/retrospective/SKILL.md +70 -95
  173. package/templates/base/skills/retrospective/references/improvement-template.md +26 -0
  174. package/templates/base/skills/review/SKILL.md +72 -0
  175. package/templates/base/skills/security/SKILL.md +50 -37
  176. package/templates/base/skills/security/rules/auth-patterns.md +62 -0
  177. package/templates/base/skills/security/rules/dependency-security.md +69 -0
  178. package/templates/base/skills/security/rules/input-validation.md +68 -0
  179. package/templates/base/skills/security/rules/secrets-management.md +65 -0
  180. package/templates/base/skills/spec/SKILL.md +60 -0
  181. package/templates/base/skills/stability-verification/SKILL.md +64 -0
  182. package/templates/base/skills/stability-verification/references/release-checklist.md +34 -0
  183. package/templates/base/skills/stability-verification/references/security-fix-patterns.md +112 -0
  184. package/templates/base/skills/stability-verification/rules/verification-layers.md +67 -0
  185. package/templates/base/skills/stability-verification/rules/verification-workflow.md +69 -0
  186. package/templates/base/skills/stability-verification/scripts/verify.sh +294 -0
  187. package/templates/base/skills/testing/SKILL.md +33 -25
  188. package/templates/base/skills/testing/references/e2e-stability.md +33 -0
  189. package/templates/base/skills/tsq-cli/SKILL.md +73 -0
  190. package/templates/base/skills/tsq-cli/references/cli-reference.md +92 -0
  191. package/templates/base/skills/tsq-protocol/SKILL.md +41 -25
  192. package/templates/base/skills/typescript/SKILL.md +3 -9
  193. package/templates/base/timsquad/ssot/test-spec.template.md +11 -1
  194. package/templates/base/timsquad/ssot-map.template.yaml +41 -0
  195. package/templates/platforms/claude-code/rules/api-conventions.md +12 -0
  196. package/templates/platforms/claude-code/rules/build-gate.md +28 -0
  197. package/templates/platforms/claude-code/rules/completion-verification.md +30 -0
  198. package/templates/platforms/claude-code/rules/context-monitor.md +23 -0
  199. package/templates/platforms/claude-code/rules/librarian-constraints.md +11 -0
  200. package/templates/platforms/claude-code/rules/plan-review.md +45 -0
  201. package/templates/platforms/claude-code/rules/quality-guards.md +43 -0
  202. package/templates/platforms/claude-code/rules/session-notes.md +18 -0
  203. package/templates/platforms/claude-code/rules/skill-suggest.md +27 -0
  204. package/templates/platforms/claude-code/rules/test-conventions.md +13 -0
  205. package/templates/platforms/claude-code/scripts/build-gate.sh +73 -0
  206. package/templates/platforms/claude-code/scripts/change-scope-guard.sh +113 -0
  207. package/templates/platforms/claude-code/scripts/completion-guard.sh +122 -24
  208. package/templates/platforms/claude-code/scripts/context-restore.sh +68 -0
  209. package/templates/platforms/claude-code/scripts/e2e-commit-gate.sh +70 -0
  210. package/templates/platforms/claude-code/scripts/e2e-marker.sh +51 -0
  211. package/templates/platforms/claude-code/scripts/phase-guard.sh +5 -5
  212. package/templates/platforms/claude-code/scripts/pre-compact.sh +70 -0
  213. package/templates/platforms/claude-code/scripts/safe-guard.sh +83 -0
  214. package/templates/platforms/claude-code/scripts/skill-inject.sh +216 -0
  215. package/templates/platforms/claude-code/scripts/skill-rules.json +95 -0
  216. package/templates/platforms/claude-code/scripts/skill-suggest.sh +105 -0
  217. package/templates/platforms/claude-code/scripts/subagent-inject.sh +53 -0
  218. package/templates/platforms/claude-code/settings.json +71 -9
@@ -0,0 +1,294 @@
1
+ #!/bin/bash
2
+ # Stability Verification — 6-Layer 자동 검증 오케스트레이터
3
+ #
4
+ # Usage: bash verify.sh [--layer L0-L5] [--skip L0-L5] [--report]
5
+ # Exit: 0=PASS, 1=FAIL
6
+ #
7
+ # 출처: OWASP, ShellCheck Wiki, npm security best practices
8
+
9
+ set -e
10
+
11
+ # ── Colors ──
12
+ RED='\033[0;31m'
13
+ GREEN='\033[0;32m'
14
+ YELLOW='\033[1;33m'
15
+ CYAN='\033[0;36m'
16
+ NC='\033[0m'
17
+
18
+ # ── Args ──
19
+ ONLY_LAYER=""
20
+ SKIP_LAYERS=""
21
+ REPORT_MODE=false
22
+ while [[ $# -gt 0 ]]; do
23
+ case $1 in
24
+ --layer) ONLY_LAYER="$2"; shift 2 ;;
25
+ --skip) SKIP_LAYERS="$SKIP_LAYERS $2"; shift 2 ;;
26
+ --report) REPORT_MODE=true; shift ;;
27
+ *) shift ;;
28
+ esac
29
+ done
30
+
31
+ # ── Helpers ──
32
+ PASS=0
33
+ FAIL=0
34
+ WARN=0
35
+
36
+ layer_header() {
37
+ echo -e "\n${CYAN}━━━ $1 ━━━${NC}"
38
+ }
39
+
40
+ pass() {
41
+ echo -e " ${GREEN}✓${NC} $1"
42
+ PASS=$((PASS + 1))
43
+ }
44
+
45
+ fail() {
46
+ echo -e " ${RED}✗${NC} $1"
47
+ FAIL=$((FAIL + 1))
48
+ }
49
+
50
+ warn() {
51
+ echo -e " ${YELLOW}!${NC} $1"
52
+ WARN=$((WARN + 1))
53
+ }
54
+
55
+ should_run() {
56
+ local layer="$1"
57
+ if [ -n "$ONLY_LAYER" ] && [ "$ONLY_LAYER" != "$layer" ]; then
58
+ return 1
59
+ fi
60
+ if echo "$SKIP_LAYERS" | grep -q "$layer"; then
61
+ return 1
62
+ fi
63
+ return 0
64
+ }
65
+
66
+ # ── Find project root ──
67
+ PROJECT_ROOT="$(pwd)"
68
+ while [ "$PROJECT_ROOT" != "/" ]; do
69
+ if [ -f "$PROJECT_ROOT/package.json" ]; then break; fi
70
+ PROJECT_ROOT="$(dirname "$PROJECT_ROOT")"
71
+ done
72
+ cd "$PROJECT_ROOT"
73
+
74
+ echo -e "${CYAN}Stability Verification${NC} — $(basename "$PROJECT_ROOT")"
75
+ echo "──────────────────────────────────────"
76
+
77
+ # ════════════════════════════════════════
78
+ # L0: 정적 분석
79
+ # ════════════════════════════════════════
80
+ if should_run "L0"; then
81
+ layer_header "L0: 정적 분석 (Syntax/Lint)"
82
+
83
+ # tsc --noEmit
84
+ if [ -f "tsconfig.json" ]; then
85
+ if npx tsc --noEmit 2>&1 | grep -q "error TS"; then
86
+ fail "tsc --noEmit — TypeScript 에러 발견"
87
+ else
88
+ pass "tsc --noEmit"
89
+ fi
90
+ fi
91
+
92
+ # shellcheck
93
+ SH_FILES=$(find . -name '*.sh' -not -path '*/node_modules/*' -not -path '*/.git/*' 2>/dev/null || echo "")
94
+ if [ -n "$SH_FILES" ] && command -v shellcheck &>/dev/null; then
95
+ SC_RESULT=$(echo "$SH_FILES" | xargs shellcheck --severity=warning 2>&1 || true)
96
+ SC_ERRORS=$(echo "$SC_RESULT" | grep -c "^In " 2>/dev/null || echo "0")
97
+ if [ "$SC_ERRORS" -gt 0 ]; then
98
+ warn "shellcheck — ${SC_ERRORS}개 파일에서 경고 발견"
99
+ else
100
+ pass "shellcheck"
101
+ fi
102
+ fi
103
+
104
+ # bash -n
105
+ BASH_FAIL=0
106
+ for f in $SH_FILES; do
107
+ bash -n "$f" 2>/dev/null || { BASH_FAIL=$((BASH_FAIL + 1)); }
108
+ done
109
+ if [ "$BASH_FAIL" -gt 0 ]; then
110
+ fail "bash -n — ${BASH_FAIL}개 파일 구문 에러"
111
+ else
112
+ pass "bash -n (전체 .sh)"
113
+ fi
114
+
115
+ # JSON validation
116
+ JSON_FILES=$(find . -name '*.json' -not -path '*/node_modules/*' -not -path '*/.git/*' -not -path '*/dist/*' 2>/dev/null || echo "")
117
+ JSON_FAIL=0
118
+ for f in $JSON_FILES; do
119
+ jq empty < "$f" 2>/dev/null || { JSON_FAIL=$((JSON_FAIL + 1)); }
120
+ done
121
+ if [ "$JSON_FAIL" -gt 0 ]; then
122
+ fail "JSON — ${JSON_FAIL}개 파일 구문 에러"
123
+ else
124
+ pass "JSON 유효성 ($(echo "$JSON_FILES" | wc -w | tr -d ' ')개)"
125
+ fi
126
+ fi
127
+
128
+ # ════════════════════════════════════════
129
+ # L1: 유닛 테스트
130
+ # ════════════════════════════════════════
131
+ if should_run "L1"; then
132
+ layer_header "L1: 유닛 테스트"
133
+
134
+ TEST_OUTPUT=$(npm run test:unit 2>&1 || true)
135
+ if echo "$TEST_OUTPUT" | grep -q "passed"; then
136
+ TEST_COUNT=$(echo "$TEST_OUTPUT" | grep "Tests" | grep -oE '[0-9]+ passed' || echo "? passed")
137
+ pass "test:unit — $TEST_COUNT"
138
+ else
139
+ fail "test:unit — 실패"
140
+ fi
141
+ fi
142
+
143
+ # ════════════════════════════════════════
144
+ # L2: 보안 스캔
145
+ # ════════════════════════════════════════
146
+ if should_run "L2"; then
147
+ layer_header "L2: 보안 스캔"
148
+
149
+ # npm audit (production dependencies only — devDeps are warn-only)
150
+ AUDIT_PROD=$(npm audit --omit=dev 2>&1 || true)
151
+ if echo "$AUDIT_PROD" | grep -q "found 0 vulnerabilities"; then
152
+ pass "npm audit (prod)"
153
+ elif echo "$AUDIT_PROD" | grep -qiE "high|critical"; then
154
+ fail "npm audit (prod) — high/critical 취약점 발견"
155
+ else
156
+ warn "npm audit (prod) — moderate/low 취약점 존재"
157
+ fi
158
+
159
+ # npm audit (dev — warn only, ReDoS in eslint/vitest chain is common)
160
+ AUDIT_FULL=$(npm audit 2>&1 || true)
161
+ AUDIT_DEV_COUNT=$(echo "$AUDIT_FULL" | grep -oE '[0-9]+ vulnerabilities' | grep -oE '[0-9]+' || echo "0")
162
+ if [ "$AUDIT_DEV_COUNT" -gt 0 ] 2>/dev/null; then
163
+ warn "npm audit (dev) — ${AUDIT_DEV_COUNT}개 취약점 (devDependencies)"
164
+ fi
165
+
166
+ # execSync injection check
167
+ EXEC_SYNC=$(grep -rn 'execSync(' src/ 2>/dev/null | grep -v 'gh --version' | grep -v '\.test\.' || true)
168
+ if [ -n "$EXEC_SYNC" ]; then
169
+ # 변수 보간 확인 (template literal 또는 string concat)
170
+ INJECTION=$(echo "$EXEC_SYNC" | grep -E '\$\{|` \+' || true)
171
+ if [ -n "$INJECTION" ]; then
172
+ fail "execSync 커맨드 인젝션 의심: $(echo "$INJECTION" | wc -l | tr -d ' ')건"
173
+ else
174
+ pass "execSync — 변수 보간 없음"
175
+ fi
176
+ else
177
+ pass "execSync — 미사용 또는 상수만 사용"
178
+ fi
179
+
180
+ # eval check
181
+ EVAL_USAGE=$(grep -rn 'eval ' templates/**/*.sh scripts/**/*.sh 2>/dev/null | grep -v '^\s*#' || true)
182
+ if [ -n "$EVAL_USAGE" ]; then
183
+ fail "eval 사용 발견: $(echo "$EVAL_USAGE" | wc -l | tr -d ' ')건"
184
+ else
185
+ pass "eval 미사용"
186
+ fi
187
+
188
+ # .gitignore security
189
+ if [ -f ".gitignore" ]; then
190
+ MISSING=""
191
+ grep -q '\.env' .gitignore 2>/dev/null || MISSING="$MISSING .env"
192
+ grep -q '\*.pem' .gitignore 2>/dev/null || MISSING="$MISSING *.pem"
193
+ grep -q '\*.key' .gitignore 2>/dev/null || MISSING="$MISSING *.key"
194
+ if [ -n "$MISSING" ]; then
195
+ warn ".gitignore 보안 항목 누락:$MISSING"
196
+ else
197
+ pass ".gitignore 보안 항목"
198
+ fi
199
+ fi
200
+ fi
201
+
202
+ # ════════════════════════════════════════
203
+ # L3: 쉘 스크립트 테스트
204
+ # ════════════════════════════════════════
205
+ if should_run "L3"; then
206
+ layer_header "L3: 쉘 스크립트 테스트"
207
+
208
+ HOOK_DIR="templates/platforms/claude-code/scripts"
209
+ if [ -d "$HOOK_DIR" ]; then
210
+ HOOK_SCRIPTS=$(find "$HOOK_DIR" -name '*.sh' 2>/dev/null || echo "")
211
+ L3_FAIL=0
212
+
213
+ for script in $HOOK_SCRIPTS; do
214
+ NAME=$(basename "$script" .sh)
215
+
216
+ # malformed JSON → fail-open
217
+ RESULT=$(echo "not json" | bash "$script" 2>/dev/null || true)
218
+ EXIT=$?
219
+ if [ $EXIT -ne 0 ]; then
220
+ fail "$NAME — malformed JSON 시 crash (exit $EXIT)"
221
+ L3_FAIL=$((L3_FAIL + 1))
222
+ fi
223
+
224
+ # empty stdin → fail-open
225
+ RESULT=$(echo "" | bash "$script" 2>/dev/null || true)
226
+ EXIT=$?
227
+ if [ $EXIT -ne 0 ]; then
228
+ fail "$NAME — empty stdin 시 crash"
229
+ L3_FAIL=$((L3_FAIL + 1))
230
+ fi
231
+ done
232
+
233
+ if [ $L3_FAIL -eq 0 ]; then
234
+ pass "훅 스크립트 fail-open 검증 ($(echo "$HOOK_SCRIPTS" | wc -w | tr -d ' ')개)"
235
+ fi
236
+ else
237
+ warn "훅 스크립트 디렉토리 없음: $HOOK_DIR"
238
+ fi
239
+ fi
240
+
241
+ # ════════════════════════════════════════
242
+ # L5: 패키지 무결성
243
+ # ════════════════════════════════════════
244
+ if should_run "L5"; then
245
+ layer_header "L5: 패키지 무결성"
246
+
247
+ # Build
248
+ BUILD_OUTPUT=$(npm run build 2>&1 || true)
249
+ if echo "$BUILD_OUTPUT" | grep -q "error TS"; then
250
+ fail "npm run build — TypeScript 에러"
251
+ else
252
+ pass "npm run build"
253
+ fi
254
+
255
+ # Version
256
+ if [ -f "bin/tsq.js" ]; then
257
+ VER=$(node bin/tsq.js --version 2>/dev/null || echo "FAIL")
258
+ if [ "$VER" != "FAIL" ]; then
259
+ pass "CLI version: $VER"
260
+ else
261
+ fail "CLI version 출력 실패"
262
+ fi
263
+ fi
264
+
265
+ # npm pack
266
+ PACK_OUTPUT=$(npm pack --dry-run 2>&1)
267
+ if echo "$PACK_OUTPUT" | grep -qiE '\.env|\.key.*\.pem|credential'; then
268
+ fail "npm pack — 민감 파일 포함"
269
+ else
270
+ pass "npm pack — 민감 파일 미포함"
271
+ fi
272
+
273
+ # domains/ exclusion
274
+ if echo "$PACK_OUTPUT" | grep -q "templates/domains/"; then
275
+ fail "npm pack — templates/domains/ 포함 (유료 콘텐츠)"
276
+ else
277
+ pass "npm pack — templates/domains/ 제외"
278
+ fi
279
+ fi
280
+
281
+ # ════════════════════════════════════════
282
+ # Summary
283
+ # ════════════════════════════════════════
284
+ echo ""
285
+ echo "──────────────────────────────────────"
286
+ echo -e " ${GREEN}PASS: $PASS${NC} ${RED}FAIL: $FAIL${NC} ${YELLOW}WARN: $WARN${NC}"
287
+
288
+ if [ $FAIL -gt 0 ]; then
289
+ echo -e "\n${RED}VERIFICATION FAILED${NC} — $FAIL개 항목 실패"
290
+ exit 1
291
+ else
292
+ echo -e "\n${GREEN}VERIFICATION PASSED${NC}"
293
+ exit 0
294
+ fi
@@ -6,6 +6,8 @@ description: |
6
6
  Use when: "테스트 작성, TDD, 단위 테스트, 통합 테스트, E2E, 커버리지"
7
7
  version: "1.0.0"
8
8
  tags: [testing, tdd, quality]
9
+ depends_on: []
10
+ conflicts_with: []
9
11
  user-invocable: false
10
12
  ---
11
13
 
@@ -19,45 +21,51 @@ user-invocable: false
19
21
  - 테스트 피라미드: Unit(다수) > Integration(중간) > E2E(소수)
20
22
  - 행동(behavior) 테스트 — 구현 디테일이 아닌 결과 검증
21
23
 
24
+ ## Contract
25
+
26
+ - **Trigger**: 테스트 작성/수정 태스크, 코드 변경 후 테스트 필요 시
27
+ - **Input**: 테스트 대상 코드 + 요구사항
28
+ - **Output**: Given-When-Then 패턴 테스트 + 커버리지 기준 충족
29
+ - **Error**: 커버리지 미달 시 추가 테스트 작성
30
+ - **Dependencies**: 없음
31
+
32
+ ## Protocol
33
+
34
+ 1. **Red**: 실패하는 테스트 작성
35
+ 2. **Green**: 테스트를 통과하는 최소 코드 작성
36
+ 3. **Refactor**: 코드 정리 (테스트는 계속 통과)
37
+ 4. **Coverage 확인**: 기준 충족 여부 점검
38
+
39
+ ## Verification
40
+
41
+ | Check | Command | Pass Criteria |
42
+ |-------|---------|---------------|
43
+ | 테스트 실행 | `npm test` | exit code 0 |
44
+ | 라인 커버리지 | coverage report | >= 80% |
45
+ | 브랜치 커버리지 | coverage report | >= 70% |
46
+ | 3카테고리 | 수동 검증 | Happy/Edge/Error 포함 |
47
+
22
48
  ## Resources
23
49
 
24
50
  | Priority | Type | Resource | Description |
25
51
  |----------|------|----------|-------------|
26
- | HIGH | ref | [testing-patterns](references/testing-patterns.md) | Given-When-Then, Mock 가이드, 카테고리별 예시 |
52
+ | HIGH | ref | [testing-patterns](references/testing-patterns.md) | Given-When-Then, Mock 가이드 |
53
+ | HIGH | ref | [e2e-stability](references/e2e-stability.md) | E2E Viewport, Wait, Retry 가이드 |
27
54
 
28
55
  ## Quick Rules
29
56
 
30
- ### TDD Cycle
31
- 1. **Red** — 실패하는 테스트 작성
32
- 2. **Green** — 테스트를 통과하는 최소 코드 작성
33
- 3. **Refactor** — 코드 정리 (테스트는 계속 통과)
34
-
35
57
  ### Test Naming
36
58
  - 형식: `should {expected behavior} when {condition}`
37
- - Good: `should return null when user is not found`
38
59
  - Bad: `test getUser`, `works correctly`
39
60
 
40
61
  ### Test Categories
41
- 모든 테스트는 3가지 카테고리 커버:
42
62
  - **Happy Path** — 정상 흐름
43
63
  - **Edge Cases** — 경계 조건 (빈 문자열, 0, null, 최대값)
44
64
  - **Error Cases** — 오류 상황
45
65
 
46
66
  ### Coverage Standards
47
-
48
- | Metric | Minimum | Recommended |
49
- |--------|---------|-------------|
50
- | Line Coverage | 80% | 90% |
51
- | Branch Coverage | 70% | 80% |
52
- | Function Coverage | 80% | 90% |
53
-
54
- ## Checklist
55
-
56
- | Priority | Item |
57
- |----------|------|
58
- | CRITICAL | Given-When-Then 패턴을 따르는가 |
59
- | CRITICAL | Happy path, Edge case, Error case 커버하는가 |
60
- | HIGH | 테스트 이름이 `should...when...` 형식인가 |
61
- | HIGH | 커버리지 기준을 충족하는가 |
62
- | MEDIUM | Mock이 적절히 사용되었는가 (외부 서비스만) |
63
- | MEDIUM | 테스트가 독립적인가 (순서 무관) |
67
+ | Metric | Min | Recommended |
68
+ |--------|-----|-------------|
69
+ | Line | 80% | 90% |
70
+ | Branch | 70% | 80% |
71
+ | Function | 80% | 90% |
@@ -0,0 +1,33 @@
1
+ ---
2
+ title: E2E Stability Guide
3
+ category: reference
4
+ ---
5
+
6
+ # E2E Stability Guide
7
+
8
+ ## Viewport & Selectors
9
+ - 테스트 전 `page.setViewportSize({ width: 1280, height: 720 })` 고정
10
+ - `data-testid` 셀렉터 사용 — CSS 클래스/태그 기반 셀렉터 금지
11
+ - `getByRole`, `getByText` 등 의미 기반 셀렉터 우선
12
+
13
+ ## Serial Execution
14
+ - E2E 테스트는 `describe.serial` 또는 `--shard` 사용
15
+ - 상태 의존 테스트는 반드시 순서 보장 (`test.describe.configure({ mode: 'serial' })`)
16
+
17
+ ## Wait Strategy
18
+ - `waitForSelector` 대신 `waitForLoadState('networkidle')` + assertion
19
+ - 하드코딩 `sleep`/`setTimeout` 절대 사용 금지
20
+ - 동적 콘텐츠: `expect(locator).toBeVisible({ timeout: 10000 })`
21
+
22
+ ## Retry & Flakiness
23
+ - Playwright `retries: 2` 설정 (CI 환경)
24
+ - flaky 테스트 발견 시 `test.fixme()` 마킹 후 원인 분석
25
+ - 재시도 성공도 flaky로 기록 → `.e2e-passed` 마커에 `flaky` 카운트 포함
26
+
27
+ ## Timeout Standards
28
+
29
+ | Category | Timeout | Rationale |
30
+ |----------|---------|-----------|
31
+ | Unit Test | 120s | 빠른 피드백 |
32
+ | E2E Test | 300s | 네트워크/렌더링 대기 |
33
+ | Build | 180s | 컴파일 + 번들링 |
@@ -0,0 +1,73 @@
1
+ ---
2
+ name: tsq-cli
3
+ description: |
4
+ TimSquad CLI(tsq) 사용 가이드. 모든 TSQ 커맨드의 인덱스와 사용법을 제공한다.
5
+ 에이전트가 TSQ CLI 커맨드를 사용해야 할 때 이 스킬을 참조한다.
6
+ 상세 커맨드 레퍼런스는 references/cli-reference.md 참조.
7
+ version: "1.0.0"
8
+ tags: [tsq, cli, commands, reference]
9
+ depends_on: [tsq-protocol]
10
+ conflicts_with: []
11
+ user-invocable: false
12
+ ---
13
+
14
+ # TSQ CLI Reference
15
+
16
+ TimSquad CLI 커맨드 인덱스. 상세 옵션은 `references/cli-reference.md` 참조.
17
+
18
+ ## Core Commands
19
+
20
+ | Command | Description |
21
+ |---------|-------------|
22
+ | `tsq init` | 프로젝트 초기화 |
23
+ | `tsq status` | 현재 상태 확인 |
24
+ | `tsq q "task"` | Quick 모드 (간단한 작업) |
25
+ | `tsq f "task"` | Full 모드 (SSOT 기반) |
26
+ | `tsq retro` | 회고 실행 |
27
+ | `tsq metrics` | 메트릭 확인 |
28
+
29
+ ## Meta Index
30
+
31
+ | Command | Description |
32
+ |---------|-------------|
33
+ | `tsq mi rebuild` | 전체 코드+UI 인덱스 재구축 |
34
+ | `tsq mi update` | 변경분만 반영 |
35
+ | `tsq mi stats` | 통계 (Health Score) |
36
+ | `tsq mi stage <file>` | semantic 데이터 추가 |
37
+ | `tsq mi query` | 인덱스 조회 |
38
+ | `tsq mi validate` | semantic 완성도 검증 |
39
+
40
+ ## Log System
41
+
42
+ | Command | Description |
43
+ |---------|-------------|
44
+ | `tsq log add <agent> <type> "msg"` | 로그 추가 |
45
+ | `tsq log enrich <agent> --json` | semantic 데이터 병합 |
46
+ | `tsq log task list` | L1 태스크 로그 목록 |
47
+ | `tsq log sequence create` | L2 시퀀스 로그 생성 |
48
+ | `tsq log phase create` | L3 페이즈 로그 생성 |
49
+ | `tsq log phase gate <id>` | L3 전환 게이트 |
50
+
51
+ ## Workflow
52
+
53
+ | Command | Description |
54
+ |---------|-------------|
55
+ | `tsq wf set-phase <id>` | 현재 Phase 설정 |
56
+ | `tsq wf add-sequence <id>` | 시퀀스 등록 |
57
+ | `tsq wf status` | 워크플로우 상태 |
58
+ | `tsq wf config <key> <on\|off>` | 자동화 토글 |
59
+
60
+ ## Knowledge & Audit
61
+
62
+ | Command | Description |
63
+ |---------|-------------|
64
+ | `tsq knowledge validate` | 지식 파일 검증 |
65
+ | `tsq knowledge list` | 지식 파일 목록 |
66
+ | `tsq audit validate` | 감사 리포트 검증 |
67
+ | `tsq audit diff` | 감사 전후 비교 |
68
+
69
+ ## Resources
70
+
71
+ | Priority | Type | Resource | Description |
72
+ |----------|------|----------|-------------|
73
+ | HIGH | ref | [cli-reference](references/cli-reference.md) | 전체 커맨드 상세 옵션 |
@@ -0,0 +1,92 @@
1
+ ---
2
+ title: TSQ CLI Full Reference
3
+ category: reference
4
+ ---
5
+
6
+ # TSQ CLI Full Reference
7
+
8
+ ## tsq init
9
+ ```bash
10
+ tsq init --type web-service # 프로젝트 초기화
11
+ tsq init -n my-project -t web-app -l 2 --domain general-web
12
+ tsq init --stack react,node,prisma --workspaces "packages/*"
13
+ tsq init -y # 대화형 프롬프트 스킵
14
+ ```
15
+
16
+ Options:
17
+ - `-n, --name <name>` — 프로젝트명
18
+ - `-t, --type <type>` — web-service|web-app|api-backend|platform|fintech|infra|mobile-app
19
+ - `-l, --level <level>` — 1(MVP)|2(Standard)|3(Enterprise)
20
+ - `--domain <domain>` — general-web|ml-engineering|fintech|mobile|gamedev|systems
21
+ - `--stack <items>` — 기술 스택 (콤마 구분)
22
+ - `--workspaces <pattern>` — 모노레포 워크스페이스 glob
23
+ - `-y, --yes` — 확인 프롬프트 스킵
24
+
25
+ ## tsq status
26
+ ```bash
27
+ tsq status # 프로젝트 상태 확인
28
+ ```
29
+
30
+ ## tsq q / tsq f
31
+ ```bash
32
+ tsq q "버튼 색상 변경" # Quick 모드 — 간단한 작업
33
+ tsq f "새 기능 추가" # Full 모드 — SSOT 기반 작업
34
+ ```
35
+
36
+ ## Meta Index (tsq mi)
37
+ ```bash
38
+ tsq mi rebuild # 전체 코드+UI 인덱스 재구축
39
+ tsq mi update # 변경분만 반영
40
+ tsq mi stats # 통계 (Health Score, UI Health)
41
+ tsq mi stage <file> [options] # semantic 데이터 추가
42
+ tsq mi query [options] # 인덱스 조회
43
+ tsq mi validate # semantic 완성도 검증
44
+ ```
45
+
46
+ ## Log (L1/L2/L3)
47
+ ```bash
48
+ tsq log add <agent> work "msg" # 작업 로그 추가
49
+ tsq log add <agent> decision "msg" # 결정 로그 추가
50
+ tsq log enrich <agent> --json '{...}' # semantic 데이터 병합
51
+ tsq log task list [--agent <name>] # L1 태스크 로그 목록
52
+ tsq log task view <file> # L1 태스크 로그 상세
53
+ tsq log task stats # L1 통계
54
+ tsq log sequence create <seq-id> --phase <id> --report <path> # L2 생성
55
+ tsq log sequence list # L2 목록
56
+ tsq log sequence check <seq-id> # L1 완성도 확인
57
+ tsq log phase create <phase-id> --sequences "..." # L3 생성
58
+ tsq log phase gate <phase-id> # L3 전환 게이트
59
+ ```
60
+
61
+ ## Knowledge
62
+ ```bash
63
+ tsq knowledge create <category> <name> # 지식 파일 생성
64
+ tsq knowledge validate # 지식 파일 검증
65
+ tsq knowledge list # 지식 파일 목록
66
+ ```
67
+
68
+ ## Workflow (tsq wf)
69
+ ```bash
70
+ tsq wf set-phase <phase-id> # Phase 설정
71
+ tsq wf add-sequence <seq-id> --agents "developer,dba" # 시퀀스 등록
72
+ tsq wf remove-sequence <seq-id> # 시퀀스 제거
73
+ tsq wf status # 상태 확인
74
+ tsq wf config <key> <on|off> # 자동화 토글
75
+ # keys: sequence_log, phase_log, phase_gate, metrics, retro
76
+ ```
77
+
78
+ ## Audit
79
+ ```bash
80
+ tsq audit validate <report> # 감사 리포트 검증
81
+ tsq audit diff <before> <after> # 감사 전후 비교
82
+ tsq audit fp list # FP Registry 목록
83
+ tsq audit fp add <item> --reason "msg" # FP 등록
84
+ ```
85
+
86
+ ## Other
87
+ ```bash
88
+ tsq feedback "이슈 설명" # 피드백 제출
89
+ tsq commit -m "메시지" # 커밋 (developer/dba만)
90
+ tsq retro # 회고 실행
91
+ tsq metrics # 메트릭 확인
92
+ ```
@@ -6,46 +6,62 @@ description: |
6
6
  자동 주입 스킬 — 직접 호출하지 마세요.
7
7
  version: "1.0.0"
8
8
  tags: [tsq, protocol, agent]
9
+ depends_on: []
10
+ conflicts_with: []
9
11
  user-invocable: false
10
12
  ---
11
13
 
12
14
  # TSQ Agent Protocol
13
15
 
14
- ## File Access
15
- 코드 탐색 시 `.timsquad/.daemon/task-context.json`을 **먼저** 확인하세요.
16
- 이 파일에 작업 범위의 파일/메서드/클래스 위치가 정리되어 있습니다.
17
- context 파일이 없거나 범위 밖 파일이 필요할 때만 Grep/Glob을 사용하세요.
16
+ 에이전트가 TimSquad 시스템 내에서 따라야 하는 공통 프로토콜.
18
17
 
19
- ## TSQ CLI (Required)
18
+ ## Philosophy
20
19
 
21
- 모든 로그/피드백/커밋은 TSQ CLI를 통해서만 수행합니다. 직접 파일 조작 금지.
20
+ - TSQ CLI를 통해서만 로그/피드백/커밋 수행
21
+ - task-context.json을 우선 탐색하여 불필요한 탐색 최소화
22
+ - 피드백은 반드시 Level 분류를 명시
22
23
 
24
+ ## Contract
25
+
26
+ - **Trigger**: 모든 에이전트 세션 (자동 활성)
27
+ - **Input**: 태스크 지시 + task-context.json
28
+ - **Output**: TSQ 프로세스 준수 작업 결과
29
+ - **Error**: 프로토콜 위반 시 경고 + 수정 안내
30
+ - **Dependencies**: 없음
31
+
32
+ ## Protocol
33
+
34
+ 1. **task-context 확인**: `.timsquad/.daemon/task-context.json` 우선 읽기
35
+ 2. **TSQ CLI 사용**: 로그/피드백/커밋 모두 CLI 경유
36
+ 3. **피드백 라우팅**: Level 분류 후 적절한 대상에 전달
37
+
38
+ ## Verification
39
+
40
+ | Check | Command | Pass Criteria |
41
+ |-------|---------|---------------|
42
+ | TSQ CLI 사용 | `tsq log` 사용 여부 | 직접 파일 조작 0건 |
43
+ | 피드백 Level | 피드백 내용 확인 | L1/L2/L3 분류 존재 |
44
+ | task-context | 탐색 순서 확인 | context 우선 사용 |
45
+
46
+ ## Quick Rules
47
+
48
+ ### CLI Commands
23
49
  | 이벤트 | 커맨드 |
24
50
  |--------|--------|
25
51
  | 작업 시작 | `tsq log add {agent} work "TASK-XXX 시작: {설명}"` |
26
52
  | 결정 기록 | `tsq log add {agent} decision "{결정 근거}"` |
27
53
  | 이슈 발견 | `tsq feedback "{이슈 설명}"` |
28
54
  | 작업 완료 | `tsq log add {agent} work "TASK-XXX 완료: {결과}"` |
29
- | semantic 보강 | `tsq log enrich {agent} --json '{...}'` |
30
55
  | 커밋 | `tsq commit -m "{메시지}"` (developer/dba만) |
31
56
 
32
57
  ### Forbidden
33
- - 직접 `.timsquad/logs/` 파일 생성/수정 금지 → `tsq log` 사용
34
- - 직접 `.timsquad/feedback/` 파일 생성 금지 → `tsq feedback` 사용
35
- - 직접 `git commit` 금지 → `tsq commit` 사용 (해당 역할만)
36
-
37
- ## Output Format
38
- 작업 결과는 `knowledge/templates/task-result.md` 형식으로 리턴하세요.
39
-
40
- ## Feedback Routing
41
-
42
- | Level | 심각도 | 기준 | 라우팅 |
43
- |-------|--------|------|--------|
44
- | L1 | Minor | 즉시 수정 가능 (린트, 타입, 스타일) | 자체 수정 또는 @tsq-developer |
45
- | L2 | Major | 설계 변경 필요 (API 불일치, 성능 구조) | 메인세션(PM) 보고 |
46
- | L3 | Critical | 요구사항 오류, 스코프 변경, 데이터 손실 위험 | 메인세션(PM) → 사용자 승인 |
47
-
48
- 모든 피드백에 Level 분류와 심각도를 반드시 명시하세요.
58
+ - 직접 `.timsquad/logs/` 파일 조작 → `tsq log` 사용
59
+ - 직접 `.timsquad/feedback/` 파일 조작 → `tsq feedback` 사용
60
+ - 직접 `git commit` → `tsq commit` 사용
49
61
 
50
- ## Mandatory Skills
51
- 작업 시작 에이전트 frontmatter에 지정된 스킬 파일을 반드시 읽고 가이드라인을 준수하세요.
62
+ ### Feedback Routing
63
+ | Level | 기준 | 라우팅 |
64
+ |-------|------|--------|
65
+ | L1 | 즉시 수정 가능 (린트, 타입) | 자체 수정 |
66
+ | L2 | 설계 변경 필요 | 메인세션(PM) 보고 |
67
+ | L3 | 요구사항 오류, 스코프 변경 | 메인세션 → 사용자 승인 |
@@ -1,6 +1,8 @@
1
1
  ---
2
2
  name: typescript
3
- description: TypeScript 개발 가이드라인
3
+ description: |
4
+ TypeScript 개발 가이드라인. strict 모드, 타입 패턴, Zod 검증, Branded Types.
5
+ Use when: .ts/.tsx 파일 작성·수정, tsconfig 설정, 타입 안전성 이슈, any 제거, 외부 입력 검증 시.
4
6
  version: "1.0.0"
5
7
  tags: [typescript, types, strict]
6
8
  user-invocable: false
@@ -54,14 +56,6 @@ user-invocable: false
54
56
  - `@ts-ignore`, `@ts-expect-error` 남용
55
57
  - `!` non-null assertion 남용
56
58
 
57
- ## Checklist
58
- - [ ] strict 모드 활성화
59
- - [ ] any 타입 없음
60
- - [ ] 함수 반환 타입 명시
61
- - [ ] 외부 입력 Zod 검증
62
- - [ ] Discriminated Union으로 상태 표현
63
- - [ ] Branded Types로 ID 구분
64
-
65
59
  ## 참조
66
60
  - `rules/type-patterns.md` — 각 패턴의 코드 예시
67
61
  - `rules/utility-types.md` — DTO 조합, DeepPartial, 타입 안전 API 클라이언트