tribunal-kit 4.3.1 → 4.4.1

package/.agent/scripts/verify_all.js

@@ -1,256 +1,257 @@
-#!/usr/bin/env node
-/**
- * verify_all.js — Full pre-deploy validation suite for the Tribunal Agent Kit.
- *
- * Runs comprehensive checks before any production deployment.
- *
- * Usage:
- *   node .agent/scripts/verify_all.js
- *   node .agent/scripts/verify_all.js --skip build,deps
- */
-
-'use strict';
-
-const fs   = require('fs');
-const path = require('path');
-const { execFileSync } = require('child_process');
-
-// ━━━ ANSI colors ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-const RED    = '\x1b[91m';
-const GREEN  = '\x1b[92m';
-const YELLOW = '\x1b[93m';
-const BLUE   = '\x1b[94m';
-const BOLD   = '\x1b[1m';
-const RESET  = '\x1b[0m';
-
-const RESULTS = [];
-
-function section(title) {
-    console.log(`\n${BOLD}${BLUE}━━━ ${title} ━━━${RESET}`);
-}
-
-function ok(label, note) {
-    const msg = `${GREEN}✅ ${label}${RESET}` + (note ? `  ${YELLOW}(${note})${RESET}` : '');
-    console.log(`  ${msg}`);
-    RESULTS.push({ label, passed: true, note: note || '' });
-}
-
-function fail(label, note) {
-    const noteStr = note ? `\n     ${note}` : '';
-    console.log(`  ${RED}❌ ${label}${RESET}${noteStr}`);
-    RESULTS.push({ label, passed: false, note: note || '' });
-}
-
-function skip(label, reason) {
-    console.log(`  ${YELLOW}⏭️  ${label} — ${reason}${RESET}`);
-    RESULTS.push({ label, passed: true, note: `skipped: ${reason}` });
-}
-
-/**
- * Run a shell command and return true if it exits with code 0.
- */
-function run(label, cmd, cwd) {
-    try {
-        const isWindows = process.platform === 'win32';
-        let bin = cmd[0];
-        if (isWindows && (bin === 'npm' || bin === 'npx')) bin += '.cmd';
-
-        execFileSync(bin, cmd.slice(1), {
-            cwd,
-            stdio: 'pipe',
-            timeout: 120000,
-            encoding: 'utf8',
-        });
-        ok(label);
-        return true;
-    } catch (err) {
-        if (err.code === 'ENOENT') {
-            skip(label, 'tool not installed — skipping');
-            return true;
-        }
-        if (err.killed) {
-            fail(label, 'timed out after 120s');
-            return false;
-        }
-        const output = ((err.stdout || '') + (err.stderr || '')).trim();
-        fail(label, output ? output.slice(0, 500) : 'non-zero exit code');
-        return false;
-    }
-}
-
-
-/**
- * Scan source files for obviously hardcoded credentials.
- */
-function scanSecrets(cwd) {
-    const patterns = ['password=', 'secret=', 'api_key=', 'private_key=', 'auth_token='];
-    const found = [];
-    const skipDirs = new Set(['node_modules', '.git', 'dist', '__pycache__', '.agent']);
-
-    function walk(dir) {
-        let entries;
-        try { entries = fs.readdirSync(dir, { withFileTypes: true }); } catch { return; }
-
-        for (const entry of entries) {
-            const fullPath = path.join(dir, entry.name);
-            if (entry.isDirectory()) {
-                if (!skipDirs.has(entry.name)) walk(fullPath);
-            } else if (entry.isFile()) {
-                if (!/\.(ts|js|tsx|jsx|py)$/.test(entry.name)) continue;
-
-                let content;
-                try { content = fs.readFileSync(fullPath, 'utf8'); } catch { continue; }
-
-                const lines = content.split('\n');
-                for (let i = 0; i < lines.length; i++) {
-                    const low = lines[i].toLowerCase().trim();
-                    const hasPattern = patterns.some(p => low.includes(p));
-                    if (hasPattern && !low.startsWith('#') && low.includes('=')) {
-                        const rel = path.relative(cwd, fullPath);
-                        found.push(`${rel}:${i + 1}`);
-                    }
-                }
-            }
-        }
-    }
-
-    walk(cwd);
-
-    if (found.length > 0) {
-        fail('Secret scan', found.slice(0, 5).join('\n     '));
-        return false;
-    }
-    ok('Secret scan — no hardcoded credentials found');
-    return true;
-}
-
-
-/**
- * Check if there's a package.json to run npm commands against.
- */
-function hasNpm(cwd) {
-    return fs.existsSync(path.join(cwd, 'package.json'));
-}
-
-
-/**
- * Run all verification checks. Returns number of failures.
- */
-function verifyAll(cwd, skipped) {
-    let failures = 0;
-
-    section('1 — Secret Scan');
-    if (!skipped.includes('secrets')) {
-        if (!scanSecrets(cwd)) failures++;
-    } else {
-        skip('Secret scan', 'skipped by flag');
-    }
-
-    section('2 — TypeScript');
-    if (!skipped.includes('typescript')) {
-        if (hasNpm(cwd)) {
-            if (!run('tsc --noEmit', ['npx', 'tsc', '--noEmit'], cwd)) failures++;
-        } else {
-            skip('TypeScript', 'no package.json found in project');
-        }
-    } else {
-        skip('TypeScript', 'skipped by flag');
-    }
-
-    section('3 — ESLint');
-    if (!skipped.includes('lint')) {
-        if (hasNpm(cwd)) {
-            if (!run('ESLint', ['npx', 'eslint', '.', '--max-warnings=0'], cwd)) failures++;
-        } else {
-            skip('ESLint', 'no package.json found in project');
-        }
-    } else {
-        skip('ESLint', 'skipped by flag');
-    }
-
-    section('4 — Unit Tests');
-    if (!skipped.includes('tests')) {
-        if (hasNpm(cwd)) {
-            if (!run('Test suite', ['npm', 'test', '--', '--passWithNoTests'], cwd)) failures++;
-        } else {
-            skip('Tests', 'no package.json found in project');
-        }
-    } else {
-        skip('Tests', 'skipped by flag');
-    }
-
-    section('5 — Build');
-    if (!skipped.includes('build')) {
-        if (hasNpm(cwd)) {
-            if (!run('npm run build', ['npm', 'run', 'build'], cwd)) failures++;
-        } else {
-            skip('Build', 'no package.json found in project');
-        }
-    } else {
-        skip('Build', 'skipped by flag');
-    }
-
-    section('6 — Dependency Audit');
-    if (!skipped.includes('deps')) {
-        if (hasNpm(cwd)) {
-            if (!run('npm audit', ['npm', 'audit', '--audit-level=high'], cwd)) failures++;
-        } else {
-            skip('Dependency audit', 'no package.json found in project');
-        }
-    } else {
-        skip('Dependency audit', 'skipped by flag');
-    }
-
-    // ━━━ Summary ━━━
-    console.log(`\n${BOLD}━━━ Summary ━━━${RESET}`);
-    for (const { label, passed, note } of RESULTS) {
-        const status = passed ? `${GREEN}✅${RESET}` : `${RED}❌${RESET}`;
-        const noteStr = (!passed && note) ? `  ${YELLOW}(${note})${RESET}` : '';
-        console.log(`  ${status} ${label}${noteStr}`);
-    }
-
-    console.log();
-    if (failures === 0) {
-        console.log(`${GREEN}${BOLD}All checks passed — safe to deploy.${RESET}`);
-    } else {
-        console.log(`${RED}${BOLD}${failures} check(s) failed — fix before deploying.${RESET}`);
-    }
-
-    return failures;
-}
-
-
-/**
- * Parse CLI arguments manually (no external dependencies).
- */
-function parseArgs(argv) {
-    const args = { skip: [] };
-    const raw = argv.slice(2);
-
-    for (let i = 0; i < raw.length; i++) {
-        if (raw[i] === '--skip' && raw[i + 1]) {
-            args.skip = raw[++i].split(',').map(s => s.trim().toLowerCase()).filter(Boolean);
-        }
-    }
-    return args;
-}
-
-
-function main() {
-    const args = parseArgs(process.argv);
-    const cwd = process.cwd();
-
-    console.log(`${BOLD}Tribunal — verify_all.js${RESET}`);
-    console.log(`Project: ${cwd}\n`);
-
-    const failures = verifyAll(cwd, args.skip);
-    process.exit(failures > 0 ? 1 : 0);
-}
-
-
-// ━━━ Exports for testing & programmatic use ━━━
-module.exports = { verifyAll, scanSecrets, hasNpm };
-
-if (require.main === module) {
-    main();
-}
+#!/usr/bin/env node
+/**
+ * verify_all.js — Full pre-deploy validation suite for the Tribunal Agent Kit.
+ *
+ * Runs comprehensive checks before any production deployment.
+ *
+ * Usage:
+ *   node .agent/scripts/verify_all.js
+ *   node .agent/scripts/verify_all.js --skip build,deps
+ */
+
+'use strict';
+
+const fs   = require('fs');
+const path = require('path');
+const { execFileSync } = require('child_process');
+
+// ━━━ ANSI colors ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+const RED    = '\x1b[91m';
+const GREEN  = '\x1b[92m';
+const YELLOW = '\x1b[93m';
+const BLUE   = '\x1b[94m';
+const BOLD   = '\x1b[1m';
+const RESET  = '\x1b[0m';
+
+const RESULTS = [];
+
+function section(title) {
+    console.log(`\n${BOLD}${BLUE}━━━ ${title} ━━━${RESET}`);
+}
+
+function ok(label, note) {
+    const msg = `${GREEN}✅ ${label}${RESET}` + (note ? `  ${YELLOW}(${note})${RESET}` : '');
+    console.log(`  ${msg}`);
+    RESULTS.push({ label, passed: true, note: note || '' });
+}
+
+function fail(label, note) {
+    const noteStr = note ? `\n     ${note}` : '';
+    console.log(`  ${RED}❌ ${label}${RESET}${noteStr}`);
+    RESULTS.push({ label, passed: false, note: note || '' });
+}
+
+function skip(label, reason) {
+    console.log(`  ${YELLOW}⏭️  ${label} — ${reason}${RESET}`);
+    RESULTS.push({ label, passed: true, note: `skipped: ${reason}` });
+}
+
+/**
+ * Run a shell command and return true if it exits with code 0.
+ */
+function run(label, cmd, cwd) {
+    try {
+        const isWindows = process.platform === 'win32';
+        const bin = cmd[0];
+
+        execFileSync(bin, cmd.slice(1), {
+            cwd,
+            stdio: 'pipe',
+            timeout: 120000,
+            encoding: 'utf8',
+            shell: isWindows
+        });
+        ok(label);
+        return true;
+    } catch (err) {
+        if (err.code === 'ENOENT') {
+            skip(label, 'tool not installed — skipping');
+            return true;
+        }
+        if (err.killed) {
+            fail(label, 'timed out after 120s');
+            return false;
+        }
+        const output = ((err.stdout || '') + (err.stderr || '')).trim();
+        fail(label, output ? output.slice(0, 500) : 'non-zero exit code');
+        return false;
+    }
+}
+
+
+/**
+ * Scan source files for obviously hardcoded credentials.
+ */
+function scanSecrets(cwd) {
+    const patterns = ['password=', 'secret=', 'api_key=', 'private_key=', 'auth_token='];
+    const found = [];
+    const skipDirs = new Set(['node_modules', '.git', 'dist', '__pycache__', '.agent']);
+
+    function walk(dir) {
+        let entries;
+        try { entries = fs.readdirSync(dir, { withFileTypes: true }); } catch { return; }
+
+        for (const entry of entries) {
+            const fullPath = path.join(dir, entry.name);
+            if (entry.isDirectory()) {
+                if (!skipDirs.has(entry.name)) walk(fullPath);
+            } else if (entry.isFile()) {
+                if (!/\.(ts|js|tsx|jsx|py)$/.test(entry.name)) continue;
+
+                let content;
+                try { content = fs.readFileSync(fullPath, 'utf8'); } catch { continue; }
+
+                const lines = content.split('\n');
+                for (let i = 0; i < lines.length; i++) {
+                    const low = lines[i].toLowerCase().trim();
+                    const hasPattern = patterns.some(p => low.includes(p));
+                    if (hasPattern && !low.startsWith('#') && low.includes('=')) {
+                        const rel = path.relative(cwd, fullPath);
+                        found.push(`${rel}:${i + 1}`);
+                    }
+                }
+            }
+        }
+    }
+
+    walk(cwd);
+
+    if (found.length > 0) {
+        fail('Secret scan', found.slice(0, 5).join('\n     '));
+        return false;
+    }
+    ok('Secret scan — no hardcoded credentials found');
+    return true;
+}
+
+
+/**
+ * Check if there's a package.json to run npm commands against.
+ */
+function hasNpm(cwd) {
+    return fs.existsSync(path.join(cwd, 'package.json'));
+}
+
+
+/**
+ * Run all verification checks. Returns number of failures.
+ */
+function verifyAll(cwd, skipped) {
+    let failures = 0;
+    RESULTS.length = 0; // Reset for clean runs (prevents accumulation in tests)
+
+    section('1 — Secret Scan');
+    if (!skipped.includes('secrets')) {
+        if (!scanSecrets(cwd)) failures++;
+    } else {
+        skip('Secret scan', 'skipped by flag');
+    }
+
+    section('2 — TypeScript');
+    if (!skipped.includes('typescript')) {
+        if (hasNpm(cwd)) {
+            if (!run('tsc --noEmit', ['npx', 'tsc', '--noEmit'], cwd)) failures++;
+        } else {
+            skip('TypeScript', 'no package.json found in project');
+        }
+    } else {
+        skip('TypeScript', 'skipped by flag');
+    }
+
+    section('3 — ESLint');
+    if (!skipped.includes('lint')) {
+        if (hasNpm(cwd)) {
+            if (!run('ESLint', ['npx', 'eslint', '.', '--max-warnings=0'], cwd)) failures++;
+        } else {
+            skip('ESLint', 'no package.json found in project');
+        }
+    } else {
+        skip('ESLint', 'skipped by flag');
+    }
+
+    section('4 — Unit Tests');
+    if (!skipped.includes('tests')) {
+        if (hasNpm(cwd)) {
+            if (!run('Test suite', ['npm', 'test', '--', '--passWithNoTests'], cwd)) failures++;
+        } else {
+            skip('Tests', 'no package.json found in project');
+        }
+    } else {
+        skip('Tests', 'skipped by flag');
+    }
+
+    section('5 — Build');
+    if (!skipped.includes('build')) {
+        if (hasNpm(cwd)) {
+            if (!run('npm run build', ['npm', 'run', 'build'], cwd)) failures++;
+        } else {
+            skip('Build', 'no package.json found in project');
+        }
+    } else {
+        skip('Build', 'skipped by flag');
+    }
+
+    section('6 — Dependency Audit');
+    if (!skipped.includes('deps')) {
+        if (hasNpm(cwd)) {
+            if (!run('npm audit', ['npm', 'audit', '--audit-level=high'], cwd)) failures++;
+        } else {
+            skip('Dependency audit', 'no package.json found in project');
+        }
+    } else {
+        skip('Dependency audit', 'skipped by flag');
+    }
+
+    // ━━━ Summary ━━━
+    console.log(`\n${BOLD}━━━ Summary ━━━${RESET}`);
+    for (const { label, passed, note } of RESULTS) {
+        const status = passed ? `${GREEN}✅${RESET}` : `${RED}❌${RESET}`;
+        const noteStr = (!passed && note) ? `  ${YELLOW}(${note})${RESET}` : '';
+        console.log(`  ${status} ${label}${noteStr}`);
+    }
+
+    console.log();
+    if (failures === 0) {
+        console.log(`${GREEN}${BOLD}All checks passed — safe to deploy.${RESET}`);
+    } else {
+        console.log(`${RED}${BOLD}${failures} check(s) failed — fix before deploying.${RESET}`);
+    }
+
+    return failures;
+}
+
+
+/**
+ * Parse CLI arguments manually (no external dependencies).
+ */
+function parseArgs(argv) {
+    const args = { skip: [] };
+    const raw = argv.slice(2);
+
+    for (let i = 0; i < raw.length; i++) {
+        if (raw[i] === '--skip' && raw[i + 1]) {
+            args.skip = raw[++i].split(',').map(s => s.trim().toLowerCase()).filter(Boolean);
+        }
+    }
+    return args;
+}
+
+
+function main() {
+    const args = parseArgs(process.argv);
+    const cwd = process.cwd();
+
+    console.log(`${BOLD}Tribunal — verify_all.js${RESET}`);
+    console.log(`Project: ${cwd}\n`);
+
+    const failures = verifyAll(cwd, args.skip);
+    process.exit(failures > 0 ? 1 : 0);
+}
+
+
+// ━━━ Exports for testing & programmatic use ━━━
+module.exports = { verifyAll, scanSecrets, hasNpm };
+
+if (require.main === module) {
+    main();
+}

package/.agent/skills/app-builder/templates/astro-static/TEMPLATE.md

@@ -73,4 +73,4 @@ project-name/
 - Use Content Collections for type safety
 - Leverage static generation
 - Add islands only where needed
-- Optimize images with Astro Image
+- Optimize images with Astro Image

package/.agent/skills/app-builder/templates/chrome-extension/TEMPLATE.md

@@ -89,4 +89,4 @@ project-name/
 - Use type-safe messaging
 - Wrap Chrome APIs in promises
 - Minimize permissions
-- Handle offline gracefully
+- Handle offline gracefully

package/.agent/skills/app-builder/templates/cli-tool/TEMPLATE.md

@@ -85,4 +85,4 @@ npm publish
 - Support both interactive and non-interactive modes
 - Use consistent output styling
 - Validate inputs with Zod
-- Exit with proper codes (0 success, 1 error)
+- Exit with proper codes (0 success, 1 error)

package/.agent/skills/app-builder/templates/electron-desktop/TEMPLATE.md

@@ -85,4 +85,4 @@ project-name/
 - Type-safe IPC with typed handlers
 - Custom title bar for native feel
 - Handle window state (maximize, minimize)
-- Auto-updates with electron-updater
+- Auto-updates with electron-updater

package/.agent/skills/app-builder/templates/express-api/TEMPLATE.md

@@ -80,4 +80,4 @@ project-name/
 - Validate all inputs with Zod
 - Centralized error handling
 - Environment-based config
-- Use Prisma for type-safe DB access
+- Use Prisma for type-safe DB access

package/.agent/skills/app-builder/templates/flutter-app/TEMPLATE.md

@@ -87,4 +87,4 @@ project_name/
 - Riverpod for state, React Query pattern for server state
 - Freezed for immutable data classes
 - Go Router for declarative navigation
-- Material 3 theming
+- Material 3 theming

package/.agent/skills/app-builder/templates/monorepo-turborepo/TEMPLATE.md

@@ -87,4 +87,4 @@ project-name/
 - Shared configs in packages/config
 - Shared types in packages/types
 - Internal packages with `workspace:*`
-- Use Turbo remote caching for CI
+- Use Turbo remote caching for CI

package/.agent/skills/app-builder/templates/nextjs-fullstack/TEMPLATE.md

@@ -119,4 +119,4 @@ project-name/
 - **Mutations**: Use Server Actions combined with React 19's `useActionState` to handle loading and error states instead of manual useState.
 - **Type Safety**: Share Zod schemas between Server Actions (input validation) and Client Forms.
 - **Security**: Always validate input data with Zod before passing it to Prisma.
-- **Styling**: Use native CSS variables in Tailwind v4 for easier dynamic theming.
+- **Styling**: Use native CSS variables in Tailwind v4 for easier dynamic theming.

package/.agent/skills/app-builder/templates/nextjs-saas/TEMPLATE.md

@@ -119,4 +119,4 @@ project-name/
 7. Run project:
    ```bash
    npm run dev
-   ```
+   ```

package/.agent/skills/app-builder/templates/nextjs-static/TEMPLATE.md

@@ -166,4 +166,4 @@ export const metadata: Metadata = {
 - **React Server Components (RSC)**: Default all components to Server Components. Only add `'use client'` when you need state (`useState`) or event listeners (`onClick`).
 - **Image Optimization**: Use the `<Image />` component but remember `unoptimized: true` for static export or use an external image CDN (Cloudinary/Imgix).
 - **Font Optimization**: Use `next/font` (Google Fonts) to automatically host fonts and prevent layout shift.
-- **Responsive**: Mobile-first design using Tailwind prefixes like `sm:`, `md:`, `lg:`.
+- **Responsive**: Mobile-first design using Tailwind prefixes like `sm:`, `md:`, `lg:`.

package/.agent/skills/app-builder/templates/nuxt-app/TEMPLATE.md

@@ -131,4 +131,4 @@ project-name/
   ```
 - **Data Fetching**: Sử dụng `useFetch` với `server: false` cho các tác vụ client-only, hoặc dùng Server Functions để type-safety tốt hơn.
 - **State**: Dùng `defineStore` (Pinia) cho global state, `useState` của Nuxt cho state đơn giản chia sẻ giữa Server/Client.
-- **Type Safety**: Tự động tạo type cho API routes (`$fetch` typed automatically).
+- **Type Safety**: Tự động tạo type cho API routes (`$fetch` typed automatically).

package/.agent/skills/app-builder/templates/python-fastapi/TEMPLATE.md

@@ -80,4 +80,4 @@ project-name/
 - Pydantic v2 for validation
 - SQLAlchemy 2.0 async sessions
 - Alembic for migrations
-- pytest-asyncio for tests
+- pytest-asyncio for tests

package/.agent/skills/app-builder/templates/react-native-app/TEMPLATE.md

@@ -116,4 +116,4 @@ project-name/
 - **React 19**: Reduce usage of `useMemo` or `useCallback` thanks to React Compiler (if enabled).
 - **Components**: Build UI primitives (Box, Text) with NativeWind className for reusability.
 - **Assets**: Use `expo-image` instead of default `<Image />` for better caching and performance.
-- **API**: Always wrap API calls with TanStack Query, avoid direct calls in `useEffect`.
+- **API**: Always wrap API calls with TanStack Query, avoid direct calls in `useEffect`.

package/.agent/skills/doc.md

@@ -174,4 +174,4 @@ By creating Skills, you transform a general AI model into an expert for your pro
 - ✅ Automatically add license headers
 - ✅ The Agent automatically knows how to work with your team
 
-Instead of constantly reminding the AI to "remember to add the license" or "fix the commit format," now the Agent will do it automatically!
+Instead of constantly reminding the AI to "remember to add the license" or "fix the commit format," now the Agent will do it automatically!