yadflow 2.4.2 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/CHANGELOG.md +11 -2
  2. package/README.md +44 -22
  3. package/bin/yad.mjs +5 -0
  4. package/cli/doctor.mjs +14 -2
  5. package/cli/gate.mjs +8 -3
  6. package/cli/manifest.mjs +18 -2
  7. package/cli/openpr.mjs +12 -2
  8. package/cli/platform.mjs +105 -11
  9. package/cli/setup.mjs +61 -7
  10. package/cli/ship.mjs +37 -0
  11. package/docs/index.html +47 -16
  12. package/package.json +2 -2
  13. package/skills/sdlc/config.yaml +7 -2
  14. package/skills/sdlc/install.sh +1 -1
  15. package/skills/sdlc/module-help.csv +7 -4
  16. package/skills/yad-checks/references/check-gates.md +58 -2
  17. package/skills/yad-checks/templates/checks/commit-message.sh +82 -0
  18. package/skills/yad-checks/templates/github/yad-checks.yml +27 -0
  19. package/skills/yad-checks/templates/github/yad-hub-checks.yml +36 -0
  20. package/skills/yad-checks/templates/gitlab/yad-checks.gitlab-ci.yml +20 -0
  21. package/skills/yad-checks/templates/gitlab/yad-hub-checks.gitlab-ci.yml +39 -0
  22. package/skills/yad-commit/SKILL.md +66 -0
  23. package/skills/yad-connect-repos/SKILL.md +14 -7
  24. package/skills/yad-connect-repos/references/hub-config.md +20 -11
  25. package/skills/yad-connect-repos/references/repos-registry.md +2 -1
  26. package/skills/yad-engineer-review/SKILL.md +86 -0
  27. package/skills/{yad-ship → yad-engineer-review}/references/ship-and-record.md +2 -2
  28. package/skills/{yad-ship → yad-engineer-review}/templates/.coderabbit.yaml +1 -1
  29. package/skills/yad-epic/references/state-schema.md +1 -1
  30. package/skills/yad-hub-bridge/references/login-roster.md +32 -5
  31. package/skills/yad-implement/SKILL.md +1 -1
  32. package/skills/yad-implement/references/implement-conventions.md +1 -1
  33. package/skills/yad-open-pr/SKILL.md +72 -0
  34. package/skills/yad-pr-template/SKILL.md +5 -0
  35. package/skills/yad-pr-template/templates/checks/pr-template.sh +62 -0
  36. package/skills/yad-pr-template/templates/checks/pr-title.sh +51 -0
  37. package/skills/yad-review-gate/references/gating.md +8 -2
  38. package/skills/yad-run/SKILL.md +2 -2
  39. package/skills/yad-run/references/run-loop.md +4 -4
  40. package/skills/yad-ship/SKILL.md +44 -66
  41. package/skills/yad-spec/SKILL.md +1 -1
@@ -63,8 +63,14 @@ on a real PR/MR instead of (or as well as) the skill recording it directly. `act
63
63
  tagged `"source": "bridge"`. **The predicate above is unchanged**: it counts owner/reviewer/domain-owner
64
64
  approvals regardless of how they were recorded.
65
65
 
66
- - login → role via the roster; `domain-owner` derived when a roster `name` equals a repo's `domain_owner`
67
- and that repo is a touched domain; an unmapped login is a plain `reviewer`, never promoted.
66
+ - login → role(s) via the roster's **per-scope map** (`roles: { hub: [...], <repo>: [...] }`): a person
67
+ can hold owner + reviewer + domain-owner at once, and a repo can list several people per role. The
68
+ `hub` roles plus each touched domain's `roles[<repo>]` are emitted; `domain-owner` is also **derived**
69
+ when a roster `name` equals a repo's `domain_owner`/`domain_owners` (legacy fallback) and that repo is a
70
+ touched domain; an unmapped login is a plain `reviewer`, never promoted.
71
+ - On PR/MR open the assignee is the committer and reviewers are the scope's `reviewer` + `domain-owner`
72
+ members (minus the committer); the owner/author is recorded, not requested. See
73
+ `../yad-hub-bridge/references/login-roster.md`.
68
74
  - `sync` is idempotent (upsert by `(step, approver, role, domain)`; supersede revoked; key comments on
69
75
  comment id) and never touches **manual** approvals.
70
76
  - The architecture+contract staleness rule applies to bridge approvals too: a re-lock discards bridge
@@ -70,7 +70,7 @@ Walk the steps for `repo` starting at `from`/`currentStep`. For each step:
70
70
  the next step, and **continue the loop** (this is the Step B auto-advance for `checks`).
71
71
  - else (**`human_approve`**) → set the step `done`/`in_review`, **stop** and report
72
72
  "waiting for a human at `<next-step>`".
73
- 5. **Always stop at `engineer-review`** (it is `locked`): hand off to `yad-ship` for the human merge
73
+ 5. **Always stop at `engineer-review`** (it is `locked`): hand off to `yad-engineer-review` for the human merge
74
74
  gate, which finalizes the trust verdict (confirm/override the provisional one).
75
75
 
76
76
  ### `action: set-dial` — earn (or revert) a step's automation
@@ -106,4 +106,4 @@ reversible (build plan §Safety). Report the new state and that `yad-status` wil
106
106
  - The loop, the trust-verdict derivation, and the threshold predicate: `references/run-loop.md`.
107
107
  - State/trust schemas: `../yad-epic/references/state-schema.md`.
108
108
  - The steps it drives: `../yad-spec/`, `../yad-implement/`, `../yad-checks/`; the human gate it
109
- hands off to: `../yad-ship/`.
109
+ hands off to: `../yad-engineer-review/`.
@@ -14,7 +14,7 @@ spec → tasks → implement → checks → engineer-review(locked)
14
14
 
15
15
  `spec` and `tasks` are the two legs of `yad-spec` (the heavy ceremony, then the atomic `tasks.md`).
16
16
  `implement` is one atomic task via `yad-implement`. `checks` is `yad-checks (action: run)`.
17
- `engineer-review` is the human gate at `yad-ship` — always a stop, never automated.
17
+ `engineer-review` is the human gate at `yad-engineer-review` — always a stop, never automated.
18
18
 
19
19
  ## The loop (pseudocode)
20
20
 
@@ -40,7 +40,7 @@ while step is a back step (not engineer-review):
40
40
  else: # human_approve
41
41
  bs.step.status = "done"; persist; STOP and report "waiting for human at <next>"
42
42
 
43
- # reached engineer-review: always stop, hand to yad-ship (human gate, finalizes the verdict)
43
+ # reached engineer-review: always stop, hand to yad-engineer-review (human gate, finalizes the verdict)
44
44
  ```
45
45
 
46
46
  `ranBy` is `machine` when the *previous* step's effective dial caused this step to run without a human
@@ -62,7 +62,7 @@ per-step dial says. `engineer-review` and the five front states are covered by `
62
62
  ## Deriving signals & the provisional verdict
63
63
 
64
64
  `signals` are the raw facts of the run; the **provisional `verdict`** is derived from them. The human
65
- gate for each step (the engineer review at `yad-ship` for `implement`; spec acceptance for `spec`;
65
+ gate for each step (the engineer review at `yad-engineer-review` for `implement`; spec acceptance for `spec`;
66
66
  first-consume for `tasks`; the gate itself for `checks`) later confirms or overrides the verdict and
67
67
  finalizes the entry — a human always has the last word on the trust signal.
68
68
 
@@ -114,7 +114,7 @@ Reverting (`to: human_approve`) is never gated — automation must be reversible
114
114
 
115
115
  ## What stays human, always
116
116
 
117
- - `engineer-review` — the merge gate. `yad-run` always stops here and hands to `yad-ship`.
117
+ - `engineer-review` — the merge gate. `yad-run` always stops here and hands to `yad-engineer-review`.
118
118
  - The five front states (`epic`, `architecture`, `ui-design`, `stories`, `test-cases`) — not in
119
119
  `back_steps`, in `locked_steps`; the dial-setter refuses them.
120
120
  - Any contract-surface change — halts the loop and routes back to the architecture gate, regardless of
@@ -1,86 +1,64 @@
1
1
  ---
2
2
  name: yad-ship
3
- description: 'Build-half Step E of the gated SDLC — AI review, engineer review, then ship. Wire an advisory AI first-pass (CodeRabbit) on the PR/MR; record the human engineer review with the same human_approve discipline as the front gates (owner + 1 reviewer, escalating to domain owners on high risk / contract / auth / payments the Step D routing); and on merge, record the ship in the epic build-log and update the story state so the epic story task PR chain is traceable. Never auto-advances the human owns the merge. Use when the user says "ship this task", "record the engineer review", or "wire the AI review".'
3
+ description: 'Build-half helper of the gated SDLC — commit AND open the task PR/MR in one step. A thin orchestration over yad-commit then yad-open-pr: commit the staged atomic change by the conventions (Conventional-Commits subject, Task Contract-Change Co-Authored-By trailers, --ai footer, ≤3-file atomic guard), then push the branch and open the PR/MR from the committed template with the roster auto-assigned. The PR step runs ONLY if the commit lands (a failed commit, tripped guard, or --dry-run stops before pushing). Drives the `yad ship` CLI; never merges. Use when the user says "ship this task", "commit and open the PR", or "commit and raise the MR". (For the engineer review + merge, use yad-engineer-review.)'
4
4
  ---
5
5
 
6
- # SDLC — Review & Ship (build-half Step E)
6
+ # SDLC — Commit + Open PR/MR (build-half helper)
7
7
 
8
- **Goal:** Take a task PR/MR that has passed the **check gates** (Step C) through two sets of eyes and
9
- out to production: an **AI first-pass** (advisory) and a **human engineer review** (the authority),
10
- then **ship** merge, record the ship, and update the story state. This is the last build-half step
11
- (build plan §E). It is a **human gate**, the same `human_approve` discipline as the front states:
12
- **nothing auto-advances**; the engineer owns the merge.
8
+ **Goal:** Do the two routine build-half hand-actions for ONE atomic task in a single step **commit by
9
+ convention, then open the task PR/MR** so an implemented diff becomes a reviewable PR/MR without two
10
+ separate invocations. It is a thin wrapper over `yad-commit` and `yad-open-pr`; it holds no logic of
11
+ its own and **never merges**. The engineer review + merge are Step E (`yad-engineer-review`).
13
12
 
14
13
  ## Conventions
15
14
 
16
- - `{project-root}` resolves from the project working directory the **product** repo (the source of
17
- truth: it holds the story and the build ledger).
18
- - Code repos are separate git repos under `{project-root}/demo-repos/<repo>/`.
19
- - The build ledger is `{project-root}/epics/<epic>/.sdlc/build-log.json` (append-only).
20
- - The engineer-review rule reuses `yad-review-gate`: base = at least one `owner` AND one distinct
21
- `reviewer`; **escalated** (the PR's Impact & Risk is `high`, or it touches contract/auth/payments) =
22
- base PLUS one `domain-owner` per touched domain the same routing `yad-pr-template`'s
23
- `risk-route.sh` prints.
24
- - AI review wiring: `templates/.coderabbit.yaml` `<repo>/.coderabbit.yaml`.
15
+ - Run **inside the code repo** under `{project-root}/demo-repos/<repo>/` (or `--repo <name>`), on the
16
+ task branch with the atomic change **already staged** (`git add`).
17
+ - Inherits every convention of the two steps it wraps:
18
+ - Commit: subject `<type>: <lowercase imperative, no trailing period>`, fixed trailer order
19
+ `Task Contract-Change Co-Authored-By`, the `--ai` co-author footer, the ≤3-file atomic guard
20
+ (`../yad-commit/SKILL.md`).
21
+ - PR/MR: pushed branch, the committed template prefilled, title defaulting to the commit subject,
22
+ roster auto-assign, risk routing (`../yad-open-pr/SKILL.md`).
23
+ - **Order matters:** the PR/MR is opened **only if the commit lands**. A failed commit, a tripped
24
+ atomic guard, or `--dry-run` stops the step before anything is pushed.
25
25
 
26
26
  ## Inputs
27
27
 
28
- - `epic` / `story` / `task` / `repo` — the PR under review (the task branch `feat/<story>-<task>-…`).
29
- - `action` `ai-review` | `approve` | `ship` (default `ai-review`).
30
- - For `approve`: the reviewer `name` and `role` (`owner` | `reviewer` | `domain-owner`), and for a
31
- domain owner the `domain`.
28
+ - `type` / `message` — the commit type + subject (required), `--type <t> -m "<subject>"`.
29
+ - `ai` co-author footer: `claude|copilot|cursor|coderabbit|none` (default `none`).
30
+ - `task` Task trailer (optional; derived from the branch when omitted).
31
+ - `contractChange` — flag; marks the contract surface touched (commit trailer + PR escalation).
32
+ - `repo` / `risk` / `base` / `platform` / `title` — PR/MR options (see `yad-open-pr`).
32
33
 
33
34
  ## On Activation
34
35
 
35
- ### Step 1 — `ai-review` (advisory first pass)
36
- Ensure the AI reviewer is wired: copy `templates/.coderabbit.yaml` to `<repo>/.coderabbit.yaml` (commit
37
- on the default branch if missing). CodeRabbit reviews each PR automatically and posts comments — it is
38
- a **second set of eyes, never the authority**: it cannot approve or merge. Where CodeRabbit can't run
39
- (no remote), run an equivalent AI first-pass by hand and capture its notes. Record that the AI review
40
- ran; surface its findings to the engineer. Do **not** treat AI approval as a gate.
36
+ ### Step 1 — Confirm the staged atomic change
37
+ Confirm you are on the task branch (not the default branch) and the atomic change is staged within its
38
+ file boundary. Preview the commit with `--dry-run` if unsure.
41
39
 
42
- ### Step 2 — `approve` (the engineer review the human gate)
43
- A human engineer reads the diff **against the spec** (`specs/<story>/`) and the acceptance criteria,
44
- and records an approval. Determine the rule from the PR's Impact & Risk block (run
45
- `../yad-pr-template/templates/checks/risk-route.sh` on the PR body): base, or escalated to a
46
- domain-owner per touched domain. Record each approval; re-evaluate whether the rule is satisfied.
47
- Recording an approval does **not** ship — shipping is a separate, explicit step. Front-half discipline:
48
- the gate talks only through files; refuse to treat AI review as a human approval.
40
+ ### Step 2 — Commit + open in one step
41
+ Run from the repo root:
42
+ ```
43
+ yad ship --type <type> -m "<subject>" [--ai <id>] [--task <id>] [--contract-change] \
44
+ [--repo <name>] [--risk <level>] [--title "<subject>"]
45
+ ```
46
+ The CLI runs `yad commit` and, only if it succeeds, `yad open-pr` committing the change, pushing the
47
+ branch, and opening the PR/MR with the template prefilled and reviewers auto-assigned.
49
48
 
50
- ### Step 3 — `ship` (merge + record + update state)
51
- Ship **iff ALL hold**: the check gates pass (Step C), the AI review has run (advisory), and the
52
- engineer-review rule is satisfied (Step 2). Then:
53
- - **Merge** the task branch into the repo's default branch (the human performs/authorises the merge).
54
- - **Record the ship** — append to `epics/<epic>/.sdlc/build-log.json`:
55
- ```json
56
- { "story": "<story>", "task": "<task>", "repo": "<repo>", "branch": "feat/<story>-<task>-…",
57
- "pr": "<url|#>", "mergeCommit": "<sha>", "gates": ["spec-link","contract-check","build-test-lint"],
58
- "ai_review": "coderabbit (advisory)", "engineer_review": [{"approver":"<name>","role":"<role>","domain":"<opt>"}],
59
- "risk": "<low|medium|high>", "shippedAt": "<YYYY-MM-DD>" }
60
- ```
61
- - **Update the story state** — when **every** task in `specs/<story>/tasks.md` has a ship record, set
62
- the story frontmatter `status: shipped`; otherwise `status: in-build`. The chain
63
- **epic → story → task → PR → mergeCommit** is now traceable end to end.
64
- - **Finalize the trust verdict (Phase 4).** If this story has a `build-state/<story>.json` (it ran
65
- through `yad-run`), the engineer **confirms or overrides** the provisional trust verdict that the
66
- orchestrator derived for this run, and the final verdict is written to
67
- `epics/<epic>/.sdlc/trust-log.json`. The human has the last word on the trust signal: a diff merged
68
- as authored is `approved-unchanged`; one the engineer edited before merge is `approved-with-edits`;
69
- a rejected one is `rejected`. This is the evidence that later earns a step its `machine_advance`
70
- (it never weakens the merge gate — the engineer still owns the merge).
49
+ ### Step 3 — Route + stop (no merge)
50
+ On `high` risk or a contract touch, run `bash checks/risk-route.sh <pr-body>` for the required
51
+ domain-owner reviewers. Report the commit + the PR/MR URL. The PR now runs the check gates (Step C);
52
+ the engineer review and merge are Step E (`yad-engineer-review`).
71
53
 
72
- ### Step 4 — Stop
73
- Report what shipped and the story's state. Do not advance anything else; the front-half `state.json`
74
- stays as it was (`ready-for-build`). The build half is recorded in `build-log.json` + the story status.
54
+ ## Hard rules
75
55
 
76
- ## Hard rules (build plan §E, Cross-cutting)
77
-
78
- - **AI review is advisory, never the authority.** Only a human engineer approval counts toward the gate.
79
- - **High risk routes to domain owners** the same escalation as `yad-review-gate` / `risk-route.sh`.
80
- - **Ship only after gates + engineer review.** No gate skipped; the human owns the merge.
81
- - **Nothing auto-advances.** Step E records human decisions in files; it never machine-advances.
56
+ - **One staged atomic task = one commit = one PR/MR.** Never bundle; never open from the default branch.
57
+ - **No PR without a landed commit.** A failed/`--dry-run` commit stops the step before pushing.
58
+ - **High risk routes to domain owners** the same escalation as the gate.
59
+ - **Shipping here never merges.** The human owns the merge in `yad-engineer-review`.
82
60
 
83
61
  ## Reference
84
- - The build ledger + story-state rules: `references/ship-and-record.md`.
85
- - The escalation reused: `../yad-review-gate/SKILL.md`; the routing helper: `../yad-pr-template/`.
86
- - The gates that must pass first: `../yad-checks/references/check-gates.md`.
62
+ - The two steps this wraps: `../yad-commit/SKILL.md` and `../yad-open-pr/SKILL.md`.
63
+ - The gates the PR must pass: `../yad-checks/references/check-gates.md`.
64
+ - The engineer review + merge that follow: `../yad-engineer-review/SKILL.md`.
@@ -101,7 +101,7 @@ verdict is **anchored to the human who accepts the spec**, never self-graded:
101
101
  `human_edited_spec: true`);
102
102
  - the spec is rejected or the ceremony re-run → `rejected`.
103
103
  `yad-run` records a provisional entry when the spec is generated; this acceptance finalizes it (same
104
- pattern as the engineer review finalizing `implement` at `yad-ship`). Append the finalized entry to
104
+ pattern as the engineer review finalizing `implement` at `yad-engineer-review`). Append the finalized entry to
105
105
  `epics/<epic>/.sdlc/trust-log.json` (schema:
106
106
  `../yad-epic/references/state-schema.md`). **Run standalone, no trust entry is written** — the
107
107
  log measures orchestrated runs. `spec` stays `human_approve` until its slice clears the threshold;