universal-dev-standards 5.8.0 → 5.10.0

package/bundled/ai/standards/multi-environment-e2e-testing.ai.yaml

@@ -0,0 +1,250 @@
+# Multi-Environment E2E Testing Standards - AI Optimized
+# Source: XSPEC-204 (UDS Issue #94, #95)
+
+id: multi-environment-e2e-testing
+meta:
+  version: "1.0.0"
+  updated: "2026-05-13"
+  description: >
+    Standards for E2E test configuration across multiple deployment targets.
+    Core principle: The run command IS the documentation.
+    Each environment has one entry-point script that self-checks prerequisites
+    and runs the correct test subset.
+
+# ─────────────────────────────────────────────────────────
+# Core Principle
+# ─────────────────────────────────────────────────────────
+core_principle:
+  name: Executable Environment Documentation
+  statement: "The run command IS the documentation."
+  rationale: >
+    Developers repeatedly ask "how do I run tests against environment X?"
+    because the answer is scattered across README, wiki, and verbal knowledge.
+    When the run script self-checks prerequisites and sets the correct BASE_URL,
+    the script itself becomes the authoritative environment setup guide.
+  anti_pattern: >
+    Manually changing BASE_URL in .env before test runs — breaks other
+    developers' configs and cannot be committed without affecting everyone.
+
+# ─────────────────────────────────────────────────────────
+# Test Framework Multi-Environment Config
+# ─────────────────────────────────────────────────────────
+test_framework_config:
+  rule: "BASE_URL is baked into test project config, not read from .env"
+  rationale: >
+    If BASE_URL comes from .env, developers must modify .env before running
+    against a specific environment, creating race conditions in teams and
+    accidental commits of wrong URLs.
+
+  playwright_pattern: |
+    // playwright.config.ts
+    const ENVS = {
+      'local-iis':         'http://localhost/corp',
+      'local-iis-express': 'http://localhost:18080/lotest',
+      'uat':               'http://portal_uat.example.com/app',
+      'prd':               'https://app.example.com',
+    } as const;
+
+    export default defineConfig({
+      projects: Object.entries(ENVS).map(([name, url]) => ({
+        name,
+        use: { browserName: 'chromium', baseURL: url },
+      })),
+    });
+
+  cypress_pattern: |
+    // cypress.config.ts
+    const ENVS = {
+      'local':  { baseUrl: 'http://localhost:3000' },
+      'uat':    { baseUrl: 'http://uat.example.com' },
+      'prd':    { baseUrl: 'https://app.example.com' },
+    };
+    // Pass via --env target=uat; default to local
+
+  rules:
+    - "One test config file; environment distinction via project name or --project flag"
+    - "No environment-specific playwright/cypress.config.*.ts files"
+    - "BASE_URL never in .env for E2E test configs"
+
+# ─────────────────────────────────────────────────────────
+# Runner Script Pattern
+# ─────────────────────────────────────────────────────────
+runner_script_pattern:
+  rule: "Each environment has one entry-point script that self-checks prerequisites"
+  location: "scripts/run-tests-<env>.(ps1|sh)"
+  template_powershell: |
+    # scripts/run-tests-local-iis.ps1
+    # Self-check prerequisites before running tests
+
+    # 1. Check Docker
+    if (-not (Get-Process "com.docker.backend" -ErrorAction SilentlyContinue)) {
+      Write-Error "Docker is not running. Start Docker Desktop first."
+      exit 1
+    }
+
+    # 2. Check App is responding
+    try {
+      $resp = Invoke-WebRequest "http://localhost/corp/health" -UseBasicParsing -TimeoutSec 5
+    } catch {
+      Write-Error "App not responding at http://localhost/corp. Start IIS site first."
+      exit 1
+    }
+
+    # 3. Run tests
+    npx playwright test --project=local-iis @args
+
+  template_bash: |
+    #!/bin/bash
+    # scripts/run-tests-local.sh
+
+    # 1. Check Docker
+    if ! docker info > /dev/null 2>&1; then
+      echo "ERROR: Docker is not running." >&2
+      exit 1
+    fi
+
+    # 2. Check App
+    if ! curl -s -f http://localhost:3000/health > /dev/null 2>&1; then
+      echo "ERROR: App not responding at http://localhost:3000" >&2
+      exit 1
+    fi
+
+    npx playwright test --project=local "$@"
+
+  prerequisite_checks:
+    - "Docker / container runtime"
+    - "Application health endpoint"
+    - "Database connectivity (if separate from app)"
+    - "Required environment-specific services"
+
+# ─────────────────────────────────────────────────────────
+# Environment Capability Matrix
+# ─────────────────────────────────────────────────────────
+capability_matrix:
+  rule: >
+    Projects with external dependencies MUST maintain an environment capability
+    matrix committed to the repository (docs/testing/environment-capability-matrix.md
+    or inline in testing README).
+  when_required: "Any project with external HTTP services, IdP, payment, messaging"
+
+  template: |
+    ## Environment Capability Matrix
+
+    | Service / Feature | local-dev | local-iis | UAT | PRD |
+    |-------------------|:---------:|:---------:|:---:|:---:|
+    | Auth / SAML       | ⚠️ Keycloak stub | ✅ Keycloak local | ✅ Keycloak UAT | ✅ Enterprise IdP |
+    | SMS Gateway       | ⚠️ stub-server | ⚠️ stub-server | ⚠️ stub-server / ❌ | ✅ Real Gateway + billing |
+    | Payment / Finance | ⚠️ stub-server | ⚠️ stub-server | ⚠️ partial | ✅ Real + reconciliation |
+    | Background Jobs   | ✅ in-process | ✅ in-process | ✅ | ✅ |
+    | File Storage      | ✅ local | ✅ local | ✅ blob | ✅ blob |
+
+    Legend:
+    ✅ Full verification possible
+    ⚠️ Flow passes but through stub (real-world dimensions NOT verified)
+    ❌ Cannot test in this environment
+
+    ### Dimensions NOT verifiable in UAT (must defer to PRD smoke)
+    - SMS: Billing correctness, carrier delivery confirmation, DR reporting
+    - Payment: Real debit/credit, bank reconciliation, card validation
+
+  when_to_update: "Update matrix when adding any new external service dependency"
+
+# ─────────────────────────────────────────────────────────
+# CI Gate Mapping
+# ─────────────────────────────────────────────────────────
+ci_gate_mapping:
+  rule: "Map environments to CI/CD stages; document which gate must pass before each deployment stage"
+
+  pattern: |
+    # .github/workflows/ci.yml or .gitlab-ci.yml
+
+    e2e-smoke-gate:       # Must pass → any deployment
+      runs-on: ubuntu-latest
+      script: scripts/run-tests-local.sh --grep smoke
+
+    e2e-uat-gate:         # Must pass → PRD deployment
+      environment: uat
+      script: scripts/run-tests-uat.sh
+      only: [tags, release-branches]
+
+    e2e-prd-smoke:        # Must pass → mark release as stable
+      environment: prd
+      script: scripts/run-tests-prd-smoke.sh
+      only: [tags]
+
+  gate_requirements:
+    before_staging_deploy: ["unit tests", "integration tests", "e2e-smoke-gate"]
+    before_uat_deploy:     ["all staging gates", "e2e-uat-gate (if UAT environment available)"]
+    before_prd_deploy:     ["e2e-uat-gate", "sign-off from capability matrix review"]
+    after_prd_deploy:      ["e2e-prd-smoke within 10 min of deploy"]
+
+# ─────────────────────────────────────────────────────────
+# Credential Handling
+# ─────────────────────────────────────────────────────────
+credential_handling:
+  rule: "Separate what goes in git from what stays gitignored"
+
+  commit_to_git:
+    - "Base URLs per environment (non-secret, team needs to share)"
+    - "Test usernames for non-PRD environments"
+    - "Feature flags and test configuration"
+    - "Self-check scripts (no credentials embedded)"
+
+  gitignore:
+    - "Passwords and secrets"
+    - "API keys and tokens"
+    - ".env.test.local (personal overrides)"
+
+  ci_secrets: "Pass PRD test passwords via CI secret variables (GitHub Secrets / GitLab CI Variables)"
+
+  example_gitignore: |
+    # Test credentials
+    .env.test.local
+    tests/fixtures/auth-secrets.json
+    # Base URLs and non-secrets are committed; see playwright.config.ts
+
+# ─────────────────────────────────────────────────────────
+# Rules
+# ─────────────────────────────────────────────────────────
+rules:
+  - id: base-url-in-config
+    trigger: setting up E2E tests for a project with multiple environments
+    instruction: >
+      Define all environment BASE_URLs in the test framework config (playwright.config.ts /
+      cypress.config.ts) as named projects. Do not rely on .env for BASE_URL.
+    priority: required
+
+  - id: one-runner-per-env
+    trigger: adding a new deployment target
+    instruction: >
+      Create scripts/run-tests-<env>.(ps1|sh) with self-checking prerequisite steps.
+      The script must verify all required services before invoking the test runner.
+    priority: required
+
+  - id: capability-matrix-required
+    trigger: feature has external service dependencies (SMS, payment, IdP, file storage)
+    instruction: >
+      Create or update the environment capability matrix in docs/testing/.
+      Clearly mark ✅/⚠️/❌ for each service × environment combination.
+      List dimensions NOT verifiable in UAT; mark these as "PRD-only smoke" items.
+    priority: required
+
+  - id: ci-gate-mapping
+    trigger: defining CI/CD pipeline stages
+    instruction: >
+      Map each CI gate to the environments it must pass.
+      E2E gate must specify which environment it targets.
+    priority: required
+
+# ─────────────────────────────────────────────────────────
+# Relationship to Other Standards
+# ─────────────────────────────────────────────────────────
+related_standards:
+  - id: deployment-standards
+    relationship: "Extends — adds environment dimension to CI gates and deployment readiness"
+  - id: test-completeness-dimensions
+    relationship: "Complements — adds dimension 11: Environment Verifiability"
+  - id: verification-evidence
+    relationship: "Complements — evidence must specify which environment it was collected from"
+  - id: mock-boundary
+    relationship: "Complements — capability matrix references Level 2 stub server usage"

package/bundled/ai/standards/test-completeness-dimensions.ai.yaml

@@ -3,10 +3,12 @@
 
 id: test-completeness-dimensions
 meta:
-  version: "1.2.0"
-  updated: "2026-05-04"
+  version: "1.3.0"
+  updated: "2026-05-13"
   source: core/test-completeness-dimensions.md
-  description: Framework for evaluating test completeness across 10 dimensions (v1.2.0 adds Flow Completeness and Branch Coverage)
+  description: >
+    Framework for evaluating test completeness across 11 dimensions.
+    v1.3.0 adds Dimension 11: Environment Verifiability (XSPEC-204).
 
 dimensions:
   - id: 1
@@ -114,6 +116,21 @@ dimensions:
     when_required: When flow has any conditional logic or decision points
     note: Use decision_table_expansion from flow-based-testing.ai.yaml to enumerate scenarios
 
+  - id: 11
+    name: Environment Verifiability
+    description: >
+      For each AC with external service dependencies, document which environment layer
+      can fully verify it, and plan PRD-smoke coverage for items that cannot be verified in UAT.
+    test_items:
+      - Environment stratification responsibility matrix exists for features with external dependencies
+      - Each AC is tagged with its minimum verifiable environment layer (local / UAT / PRD)
+      - ACs that are PRD-only are explicitly tracked and have a PRD smoke test plan
+      - Evidence for externally-dependent ACs includes environment_layer field
+    when_required: >
+      Any feature with external service dependencies (SMS, payment, IdP, email,
+      SOAP integrations, external REST APIs)
+    note: See multi-environment-e2e-testing.ai.yaml and deployment-standards.ai.yaml for environment capability matrix templates
+
 feature_type_mapping:
   note: "Dimension 8 (AI Generation Quality) applies when tests are AI-generated"
   types:
@@ -138,8 +155,9 @@ feature_type_mapping:
       with_ai: [1, 3, 5, 8]
 
     - type: External Integration
-      dimensions: [1, 3, 7]
-      with_ai: [1, 3, 7, 8]
+      dimensions: [1, 3, 7, 11]
+      with_ai: [1, 3, 7, 8, 11]
+      note: Dimension 11 required for any external service dependency
 
     - type: Workflow / Multi-step Process
       dimensions: [1, 3, 4, 5, 9, 10]
@@ -147,6 +165,11 @@ feature_type_mapping:
       required_pattern: journey-chained-test
       note: Apply flow-based-testing standard; use shared ctx; Each-Choice minimum branch coverage
 
+    - type: External-Dependent Workflow
+      dimensions: [1, 3, 4, 5, 9, 10, 11]
+      with_ai: [1, 3, 4, 5, 9, 10, 8, 11]
+      note: Combines Workflow + External Integration; Dimension 11 mandatory
+
 error_code_coverage:
   - code: 200
     meaning: Success
@@ -198,7 +221,7 @@ anti_patterns:
 rules:
   - id: use-checklist
     trigger: designing tests for a feature
-    instruction: Use the 10 dimensions checklist to ensure completeness (dim 8 for AI-generated tests; dim 9/10 for multi-step workflows)
+    instruction: Use the 11 dimensions checklist to ensure completeness (dim 8 for AI-generated tests; dim 9/10 for multi-step workflows; dim 11 for external dependencies)
     priority: required
 
   - id: authorization-matrix
@@ -278,6 +301,12 @@ checklist_template: |
     □ Each distinct error branch has its own describe block
     □ Critical flows (auth/payment/security) use All-Combinations
 
+  □ Environment Verifiability (for features with external dependencies)
+    □ Environment stratification matrix created/updated
+    □ Each AC tagged with minimum verifiable environment layer
+    □ PRD-only ACs documented with smoke test plan
+    □ Evidence includes environment_layer field for externally-dependent ACs
+
 quick_reference:
   dimensions:
     columns: [ID, Dimension, Key Focus]
@@ -292,9 +321,10 @@ quick_reference:
       - [8, AI Generation, AI-generated test quality]
       - [9, Flow Completeness, Complete path to each terminal state]
       - [10, Branch Coverage, All decision-point branches covered]
+      - [11, Environment Verifiability, External-dep ACs tagged with environment layer]
 
   feature_dimensions:
-    note: "*Dimension 8 applies when tests are AI-generated; †Dimensions 9/10 apply to multi-step workflows"
+    note: "*Dimension 8 applies when tests are AI-generated; †Dimensions 9/10 apply to multi-step workflows; ‡Dimension 11 applies to features with external service dependencies"
     columns: [Feature Type, Required Dimensions]
     rows:
       - [CRUD API, "1,2,3,4,6,7,8*"]
@@ -304,3 +334,5 @@ quick_reference:
       - [Background Job, "1,3,5,8*"]
       - [External Integration, "1,3,7,8*"]
       - [Workflow / Multi-step Process, "1,3,4,5,9†,10†,8*"]
+      - [External Integration, "1,3,7,11‡,8*"]
+      - [External-Dependent Workflow, "1,3,4,5,9†,10†,11‡,8*"]

package/bundled/ai/standards/verification-evidence.ai.yaml

@@ -8,15 +8,19 @@ standard:
   description: 驗證證據標準，強化 anti-hallucination
 
   meta:
-    version: "1.0.0"
-    updated: "2026-03-20"
+    version: "1.1.0"
+    updated: "2026-05-13"
     source: core/verification-evidence.md
-    description: 驗證證據標準 — Iron Law: 無驗證證據不可聲稱完成
+    description: >
+      驗證證據標準 — Iron Law: 無驗證證據不可聲稱完成。
+      v1.1.0: Evidence must specify which environment layer it was collected from (XSPEC-204).
     inspired_by: superpowers/verification-before-completion
 
   guidelines:
     - "Iron Law：無驗證證據 = 不可聲稱完成"
     - "每次驗證必須記錄 command + exitCode + output + timestamp"
+    - "Iron Law（Environment）：驗收前必須確認「此環境層次能驗證此流程的哪些維度」"
+    - "驗收證據必須標明收集自哪個環境層次（local / UAT / PRD）"
     - "回歸測試必須展示 RED → GREEN 循環"
     - "代理報告 success ≠ 實際 success，需獨立驗證"
     - "驗證輸出截斷至合理長度（2000 字元）但保留關鍵資訊"
@@ -39,6 +43,13 @@ standard:
         type: string
         required: true
         description: "執行時間（ISO 8601 格式）"
+      - name: environment_layer
+        type: string
+        required: false
+        description: >
+          收集證據的環境層次（local / uat / prd）。
+          對有外部服務依賴的功能為必填——缺少此欄位時，該 AC 的驗收等級視為 local-only。
+        example: "uat"
 
   red_green_cycle:
     description: "回歸測試的 RED → GREEN 驗證"
@@ -72,13 +83,28 @@ standard:
       action: "截斷但保留錯誤訊息與摘要行"
       priority: medium
 
+  environment_rules:
+    - id: VE-005
+      trigger: "AC 涉及外部服務依賴（SMS、金流、IdP）"
+      action: >
+        驗收證據必須標明 environment_layer。
+        local-only 證據對此類 AC 不足——需確認 UAT 或 PRD 層次的驗證計畫。
+      priority: required
+    - id: VE-006
+      trigger: "有外部服務依賴的 AC 標記為 done，但無 environment_layer"
+      action: >
+        降級為 done_with_concerns。
+        要求補充環境層次聲明，或在 environment-stratification-matrix 中標記為 ⚠️/❌。
+      priority: high
+
 physical_spec:
   type: checklist
   validator:
     type: ai_review
-    rule: "檢查任務完成是否附帶驗證證據（command + exit_code + output + timestamp）"
+    rule: "檢查任務完成是否附帶驗證證據（command + exit_code + output + timestamp + environment_layer）"
   checks:
     - "完成聲明是否附帶 verification_evidence"
     - "evidence 是否包含所有必填欄位"
     - "exit_code 是否為 0（成功）"
     - "Bug fix 是否有 RED → GREEN 循環證據"
+    - "有外部服務依賴的 AC 是否標明 environment_layer"

package/bundled/locales/zh-CN/CHANGELOG.md

@@ -1,8 +1,8 @@
 ---
 source: ../../CHANGELOG.md
-source_version: 5.8.0
-translation_version: 5.8.0
-last_synced: 2026-05-12
+source_version: 5.10.0
+translation_version: 5.10.0
+last_synced: 2026-05-13
 status: current
 ---
 
@@ -17,6 +17,31 @@ status: current
 
 ## [Unreleased]
 
+## [5.10.0] - 2026-05-13
+
+### 新增
+- **`multi-environment-e2e-testing`**（`ai/standards/multi-environment-e2e-testing.ai.yaml`）：新增多部署目标 E2E 测试配置标准。核心原则："执行命令即文档"。涵盖：BASE_URL 内嵌于测试框架配置（不依赖 .env）；各环境含自检前置条件的 runner 脚本；环境能力矩阵提交至 repo；CI Gate 映射；凭证处理规则。关闭 UDS Issue #95。（XSPEC-204）
+
+### 修改
+- **`mock-boundary`**（v1.0.0 → v1.1.0）：新增 Level 1 / Level 2 mock 层级区分。Level 1 = 代码级 mock，受 STUB 标记规则管制。Level 2 = 基础设施级 stub server（WireMock、MockSoap），受环境分层规则管制，**不受** STUB 部署阻断规则管辖。新增 `external_dependency_testability_matrix` 模板（✅/⚠️/❌ 各服务 × 环境）。新增规则：`level-2-stub-server-rules`、`no-stub-server-in-prd`。关闭 UDS Issue #94 盲点二。（XSPEC-204）
+- **`deployment-standards`**（v1.0.0 → v1.1.0）：新增 `environment_stratification_matrix` 块——有外部依赖的项目必须在测试计划阶段建立此矩阵；模板包含 10 大流程 × 三层环境对照表。新增 `stub_server_cicd_rules` 块——选项 A（sidecar 部署）/ 选项 B（推迟至 PRD Smoke）；production artifact 排除规则；PRD 禁止规则；禁止状态定义。关闭 UDS Issue #94 盲点一与盲点三。（XSPEC-204）
+- **`verification-evidence`**（v1.0.0 → v1.1.0）：新增 Iron Law（环境维度）：有外部服务依赖的 AC 验收证据必须标明 `environment_layer`。在 evidence format 新增 `environment_layer` 字段（有外部服务依赖的功能为必填）。新增规则 VE-005、VE-006。（XSPEC-204）
+- **`test-completeness-dimensions`**（v1.2.0 → v1.3.0）：新增第 11 维度：**环境可验证性（Environment Verifiability）**——有外部服务依赖的 AC 须标明最低可验证环境层次（local/UAT/PRD），追踪 PRD-only 项目，要求 smoke 测试计划。更新功能类型映射：外部集成 → [1,3,7,11]；新增类型"外部依赖工作流程"→ [1,3,4,5,9,10,11]。更新 use-checklist 规则。（XSPEC-204）
+
+### 修复
+- **`uds update` 集成工具名称误作文件路径的误报**：`manifest.integrations` 含有 `"claude-code"`、`"opencode"` 等工具标识符时，update 命令将其直接推入 `allTrackedFiles` 作为文件路径，导致 `existsSync("claude-code")` 返回 false，触发假的「⚠ N 个文件缺失」警告和「✗ claude-code: 无法判断来源」还原失败。修复方式：先用 `getToolFilePath(int)` 转换为真实路径（如 `"CLAUDE.md"`）再推入列表；无法映射的条目跳过。问题出现于 `uds update` 5.7.2 → 5.8.0。
+
+## [5.9.0] - 2026-05-13
+
+### 新增
+- **`feature-discovery-standards`**（`ai/standards/feature-discovery-standards.ai.yaml`、`core/feature-discovery-standards.md`）：新增标准，定义遗留系统功能穷举发现的语言无关方法论。确立 **Deterministic-First 原则**（AI 在 Discovery Phase 禁止通过推断生成功能清单）。定义七种软件形式分类法（web/cli/gui/daemon/library/mobile/embedded），各含检测信号与提取工具。定义五个静态基础（入口点→调用图→字符串挖掘→资源文件→外部接口）、动态观察协议（三平台）、人工观察协议（confidence: 0.7 规则）与多层交叉比对矩阵模板。流水线位置：Discovery → feature-manifest → behavior-snapshot。（XSPEC-202）
+- **`ai/language-packs/language-pack-php-to-csharp.ai.yaml`**：UDS 首个语言包，提供 PHP→C#（ASP.NET Core）迁移风险标签，含 7 个标签（SESSION_HANDLING、ORM_DIFFERENCES、TIMEZONE_HANDLING、FILE_UPLOAD_PATH、REGEX_DIFFERENCES、ARRAY_FUNCTIONS、EXCEPTION_HIERARCHY）各附详细说明。（XSPEC-203）
+- **`ai/language-packs/README.md`**：语言包命名规范、使用指南与贡献说明。（XSPEC-203）
+
+### 变更
+- **`feature-manifest-standard`**（v1.0.0 → v1.1.0）：重构 `migration_risks` 为语言无关架构。移除硬编的 `php_to_csharp` 区块（已移入 `ai/language-packs/`）。新增 `language_packs` Extension Point（`extension_point: true`）。新增三个通用风险标签：CONCURRENCY_MODEL、PACKAGE_ECOSYSTEM、TYPE_SYSTEM。（XSPEC-203）
+- **`behavior-snapshot`**（v1.0.0 → v1.1.0）：从纯 HTTP 扩充为多模态格式。新增 `adapter` 字段（默认 `http`，向下兼容）。新增 `adapters` 区段，含 4 种 schema：`http` / `cli` / `file` / `event`。新增 `adapter-selection` 与 `backward-compatibility` 规则。现有不含 `adapter` 字段的 HTTP 快照无需修改。（XSPEC-203）
+
 ## [5.8.0] - 2026-05-12
 
 ### 新增

package/bundled/locales/zh-CN/README.md

@@ -14,7 +14,7 @@ status: current
 
 > **语言**: [English](../../README.md) | [繁體中文](../zh-TW/README.md) | 简体中文
 
-**版本**: 5.8.0 | **发布日期**: 2026-04-13 | **授权**: [双重授权](../../LICENSE) (CC BY 4.0 + MIT)
+**版本**: 5.10.0 | **发布日期**: 2026-04-13 | **授权**: [双重授权](../../LICENSE) (CC BY 4.0 + MIT)
 
 语言无关、框架无关的软件项目文档标准。通过 AI 原生工作流，确保不同技术栈之间的一致性、质量和可维护性。
 

package/bundled/locales/zh-TW/CHANGELOG.md

@@ -1,8 +1,8 @@
 ---
 source: ../../CHANGELOG.md
-source_version: 5.8.0
-translation_version: 5.8.0
-last_synced: 2026-05-12
+source_version: 5.10.0
+translation_version: 5.10.0
+last_synced: 2026-05-13
 status: current
 ---
 
@@ -17,6 +17,31 @@ status: current
 
 ## [Unreleased]
 
+## [5.10.0] - 2026-05-13
+
+### 新增
+- **`multi-environment-e2e-testing`**（`ai/standards/multi-environment-e2e-testing.ai.yaml`）：新增多部署目標 E2E 測試設定標準。核心原則：「執行指令即文件」。涵蓋：BASE_URL 內嵌於測試框架設定（不依賴 .env）；各環境含自我檢查前置條件的 runner 腳本；環境能力矩陣 commit 至 repo；CI Gate 映射；憑證處理規則。關閉 UDS Issue #95。（XSPEC-204）
+
+### 修改
+- **`mock-boundary`**（v1.0.0 → v1.1.0）：新增 Level 1 / Level 2 mock 層次區分。Level 1 = 程式碼級 mock，受 STUB 標記規則管制。Level 2 = 基礎設施級 stub server（WireMock、MockSoap），受環境分層規則管制，**不受** STUB 部署封鎖規則管轄。新增 `external_dependency_testability_matrix` 模板（✅/⚠️/❌ 各服務 × 環境）。新增規則：`level-2-stub-server-rules`、`no-stub-server-in-prd`。關閉 UDS Issue #94 盲點二。（XSPEC-204）
+- **`deployment-standards`**（v1.0.0 → v1.1.0）：新增 `environment_stratification_matrix` 區塊——有外部依賴的專案必須在測試計畫階段建立此矩陣；模板包含 10 大流程 × 三層環境對照表。新增 `stub_server_cicd_rules` 區塊——選項 A（sidecar 部署）/ 選項 B（推遲至 PRD Smoke）；production artifact 排除規則；PRD 禁止規則；禁止狀態定義。關閉 UDS Issue #94 盲點一與盲點三。（XSPEC-204）
+- **`verification-evidence`**（v1.0.0 → v1.1.0）：新增 Iron Law（環境維度）：有外部服務依賴的 AC 驗收證據必須標明 `environment_layer`。在 evidence format 新增 `environment_layer` 欄位（有外部服務依賴的功能為必填）。新增規則 VE-005、VE-006。（XSPEC-204）
+- **`test-completeness-dimensions`**（v1.2.0 → v1.3.0）：新增第 11 維度：**環境可驗證性（Environment Verifiability）**——有外部服務依賴的 AC 須標明最低可驗證環境層次（local/UAT/PRD），追蹤 PRD-only 項目，要求 smoke 測試計畫。更新功能類型對照：外部整合 → [1,3,7,11]；新增類型「外部依賴工作流程」→ [1,3,4,5,9,10,11]。更新 use-checklist 規則。（XSPEC-204）
+
+### 修正
+- **`uds update` 整合工具名稱誤當檔案路徑的假警報**：`manifest.integrations` 包含 `"claude-code"`、`"opencode"` 等工具識別碼時，update 指令將其直接推入 `allTrackedFiles` 當作檔案路徑，導致 `existsSync("claude-code")` 回傳 false，觸發假的「⚠ N 個檔案缺失」警告與「✗ claude-code: 無法判斷來源」還原失敗。修正方式：先用 `getToolFilePath(int)` 轉換為真實路徑（如 `"CLAUDE.md"`）再推入清單；無法對應的 entry 跳過。問題出現於 `uds update` 5.7.2 → 5.8.0。
+
+## [5.9.0] - 2026-05-13
+
+### 新增
+- **`feature-discovery-standards`**（`ai/standards/feature-discovery-standards.ai.yaml`、`core/feature-discovery-standards.md`）：新增標準，定義遺留系統功能窮舉發現的語言無關方法論。確立 **Deterministic-First 原則**（AI 在 Discovery Phase 禁止透過推論產生功能清單）。定義七種軟體形式分類法（web/cli/gui/daemon/library/mobile/embedded），各含偵測信號與提取工具。定義五個靜態地基（入口點→呼叫圖→字串挖掘→資源檔→外部介面）、動態觀察協議（三平台）、人力觀察協議（confidence: 0.7 規則）與多層交叉比對矩陣模板。流水線位置：Discovery → feature-manifest → behavior-snapshot。（XSPEC-202）
+- **`ai/language-packs/language-pack-php-to-csharp.ai.yaml`**：UDS 首個語言包，提供 PHP→C#（ASP.NET Core）移植風險標籤，含 7 個標籤（SESSION_HANDLING、ORM_DIFFERENCES、TIMEZONE_HANDLING、FILE_UPLOAD_PATH、REGEX_DIFFERENCES、ARRAY_FUNCTIONS、EXCEPTION_HIERARCHY）各附詳細說明。（XSPEC-203）
+- **`ai/language-packs/README.md`**：語言包命名規範、使用指南與貢獻說明。（XSPEC-203）
+
+### 變更
+- **`feature-manifest-standard`**（v1.0.0 → v1.1.0）：重構 `migration_risks` 為語言無關架構。移除硬編的 `php_to_csharp` 區塊（已移入 `ai/language-packs/`）。新增 `language_packs` Extension Point（`extension_point: true`）。新增三個通用風險標籤：CONCURRENCY_MODEL、PACKAGE_ECOSYSTEM、TYPE_SYSTEM。（XSPEC-203）
+- **`behavior-snapshot`**（v1.0.0 → v1.1.0）：從純 HTTP 擴充為多模態格式。新增 `adapter` 欄位（預設 `http`，向下相容）。新增 `adapters` 區段，含 4 種 schema：`http` / `cli` / `file` / `event`。新增 `adapter-selection` 與 `backward-compatibility` 規則。現有不含 `adapter` 欄位的 HTTP 快照無需修改。（XSPEC-203）
+
 ## [5.8.0] - 2026-05-12
 
 ### 新增

package/bundled/locales/zh-TW/README.md

@@ -14,7 +14,7 @@ status: current
 
 > **語言**: [English](../../README.md) | 繁體中文 | [简体中文](../zh-CN/README.md)
 
-**版本**: 5.8.0 | **發布日期**: 2026-04-13 | **授權**: [雙重授權](../../LICENSE) (CC BY 4.0 + MIT)
+**版本**: 5.10.0 | **發布日期**: 2026-04-13 | **授權**: [雙重授權](../../LICENSE) (CC BY 4.0 + MIT)
 
 語言無關、框架無關的軟體專案文件標準。透過 AI 原生工作流，確保不同技術堆疊之間的一致性、品質和可維護性。
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "universal-dev-standards",
-  "version": "5.8.0",
+  "version": "5.10.0",
   "description": "CLI tool for adopting Universal Development Standards",
   "keywords": [
     "documentation",
@@ -70,11 +70,11 @@
     "@vitest/coverage-v8": "^4.1.5",
     "ajv": "^8.20.0",
     "ajv-formats": "^3.0.1",
-    "eslint": "10.2.1",
+    "eslint": "10.3.0",
     "glob": "^13.0.1",
-    "globals": "17.5.0",
+    "globals": "17.6.0",
     "husky": "^9.1.7",
-    "lint-staged": "^16.4.0",
+    "lint-staged": "^17.0.3",
     "vitest": "^4.1.5"
   },
   "lint-staged": {

package/src/commands/update.js

@@ -771,7 +771,10 @@ export async function updateCommand(options) {
     allTrackedFiles.push(join('.standards', fileName));
   }
   for (const int of (manifest.integrations || [])) {
-    allTrackedFiles.push(int);
+    const filePath = getToolFilePath(int);
+    if (filePath) {
+      allTrackedFiles.push(filePath);
+    }
   }
 
   const missingFiles = allTrackedFiles.filter(f => !existsSync(join(projectPath, f)));

package/standards-registry.json

@@ -1,7 +1,7 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "version": "5.8.0",
-  "lastUpdated": "2026-05-12",
+  "version": "5.10.0",
+  "lastUpdated": "2026-05-13",
   "description": "Standards registry for universal-dev-standards with integrated skills and AI-optimized formats",
   "formats": {
     "ai": {
@@ -58,14 +58,14 @@
     "standards": {
       "name": "universal-dev-standards",
       "url": "https://github.com/AsiaOstrich/universal-dev-standards",
-      "version": "5.8.0"
+      "version": "5.10.0"
     },
     "skills": {
       "name": "universal-dev-standards",
       "url": "https://github.com/AsiaOstrich/universal-dev-standards",
       "localPath": "skills",
       "rawUrl": "https://raw.githubusercontent.com/AsiaOstrich/universal-dev-standards/main/skills",
-      "version": "5.8.0",
+      "version": "5.10.0",
       "note": "Skills are now included in the main repository under skills/"
     }
   },
@@ -1692,7 +1692,31 @@
       },
       "category": "reference",
       "skillName": null,
-      "description": "HTTP golden-file snapshot format for migration parity verification and refactoring characterization (Gate 0/1 protocol)"
+      "description": "Multi-modal golden-file snapshot format (HTTP/CLI/File/Event adapters) for migration parity verification and refactoring characterization (Gate 0/1 protocol)"
+    },
+    {
+      "id": "feature-discovery-standards",
+      "name": "Feature Discovery Standards",
+      "nameZh": "功能發現方法論標準",
+      "source": {
+        "human": "core/feature-discovery-standards.md",
+        "ai": "ai/standards/feature-discovery-standards.ai.yaml"
+      },
+      "category": "reference",
+      "skillName": null,
+      "description": "Language-agnostic methodology for exhaustive feature discovery in legacy systems; Deterministic-First principle, Software Form Taxonomy (7 forms), five static foundations, dynamic/human observation protocols, cross-layer validation matrix"
+    },
+    {
+      "id": "multi-environment-e2e-testing",
+      "name": "Multi-Environment E2E Testing",
+      "nameZh": "多環境 E2E 測試標準",
+      "source": {
+        "human": "core/multi-environment-e2e-testing.md",
+        "ai": "ai/standards/multi-environment-e2e-testing.ai.yaml"
+      },
+      "category": "testing",
+      "skillName": null,
+      "description": "E2E test configuration across multiple deployment targets; BASE_URL baked in test config; self-checking runner scripts; environment capability matrix; CI gate mapping; credential handling rules"
     },
     {
       "id": "change-batching",