wangyizhe/his
1
3
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Compare commits

base: wangyizhe:develop
Branches Tags
wangyizhe:develop wangyizhe:zhaoyun wangyizhe:guanyu wangyizhe:refactor/jackson3-migration wangyizhe:zhugeliang wangyizhe:fix-668-temp wangyizhe:rename/healthlink-his wangyizhe:upgrade/springboot-4.0 wangyizhe:fix/BUG#613-doctorstation-backreason wangyizhe:xunyu wangyizhe:develop-clean wangyizhe:赵云 wangyizhe:HEAD wangyizhe:agent-赵云 wangyizhe:华佗 wangyizhe:bugfix/518-infectious-report-fields-2 wangyizhe:赵云-fix-476-v2 wangyizhe:关羽 wangyizhe:bugfix-403-order-group-fields wangyizhe:荀彧 wangyizhe:赵云-bug508-fix wangyizhe:赵云-bug486 wangyizhe:赵云-fix-476 wangyizhe:bug463-fix wangyizhe:develop-赵云-bug435 wangyizhe:赵云-bug428 wangyizhe:赵云-bug408 wangyizhe:bugfix/523-clinical-order-total-price wangyizhe:bugfix/518-infectious-report-fields wangyizhe:bug464-fix wangyizhe:bug475-fix wangyizhe:陈琳 wangyizhe:张飞 wangyizhe:刘备 wangyizhe:test wangyizhe:bug/334 wangyizhe:1212 wangyizhe:merge_1.3 wangyizhe:master wangyizhe:wangjunping
wangyizhe:V1.3 wangyizhe:V1.2 wangyizhe:v1.1
..
compare: wangyizhe:zhugeliang
Branches Tags
wangyizhe:develop wangyizhe:zhaoyun wangyizhe:guanyu wangyizhe:refactor/jackson3-migration wangyizhe:zhugeliang wangyizhe:fix-668-temp wangyizhe:rename/healthlink-his wangyizhe:upgrade/springboot-4.0 wangyizhe:fix/BUG#613-doctorstation-backreason wangyizhe:xunyu wangyizhe:develop-clean wangyizhe:赵云 wangyizhe:HEAD wangyizhe:agent-赵云 wangyizhe:华佗 wangyizhe:bugfix/518-infectious-report-fields-2 wangyizhe:赵云-fix-476-v2 wangyizhe:关羽 wangyizhe:bugfix-403-order-group-fields wangyizhe:荀彧 wangyizhe:赵云-bug508-fix wangyizhe:赵云-bug486 wangyizhe:赵云-fix-476 wangyizhe:bug463-fix wangyizhe:develop-赵云-bug435 wangyizhe:赵云-bug428 wangyizhe:赵云-bug408 wangyizhe:bugfix/523-clinical-order-total-price wangyizhe:bugfix/518-infectious-report-fields wangyizhe:bug464-fix wangyizhe:bug475-fix wangyizhe:陈琳 wangyizhe:张飞 wangyizhe:刘备 wangyizhe:test wangyizhe:bug/334 wangyizhe:1212 wangyizhe:merge_1.3 wangyizhe:master wangyizhe:wangjunping
wangyizhe:V1.3 wangyizhe:V1.2 wangyizhe:v1.1

2 Commits
develop ... zhugeliang

Author SHA1 Message Date
华佗
78152606f6 fix(#739): 请修复 Bug #739: batch enqueue 
根因:
- 没有直接匹配。让我扩大搜索范围,可能与排队队列功能相关。

修复:
- This is a critical finding. Let me understand the branch topology and whether the fix needs to be on this branch:
 2026-06-14 18:01:16 +08:00
华佗
acd55fb726 fix(#654): 请修复 Bug #654: batch enqueue 
由 AI Agent (zhugeliang) 自动修复,请查看 diff 确认变更内容。
 2026-06-14 17:26:08 +08:00
2359 changed files with 16664 additions and 111727 deletions
Expand all files Collapse all files

566
.idea/shelf/在进行更新之前于_2026_6_5_16_37_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

566
.idea/shelf/在进行更新之前于_2026_6_6_07_53_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

566
.idea/shelf/在进行更新之前于_2026_6_6_07_58_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

566
.idea/shelf/在进行更新之前于_2026_6_6_09_03_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

566
.idea/shelf/在进行更新之前于_2026_6_6_09_07_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

566
.idea/shelf/在进行更新之前于_2026_6_6_09_17_取消提交了更改_[更改]/shelved.patch generated Normal file
View File

File diff suppressed because one or more lines are too long

27
.qoder/agents/chenlin.md
View File

@@ -1,27 +0,0 @@
---
name: chenlin
description: 归档师 — 生成报告、Git归档、禅道备注
tools: Bash, Read, Write, Grep, Glob
model: inherit
maxTurns: 3
memory: project
effort: medium
color: orange
skills:
- archive
---
# 陈琳 (chenlin) — 归档师
## 角色
- 生成完整修复报告Markdown
- 写入 Git docs/bug-fixes/
- 写入 SQLite bug_reports 表
- 写入 Redis 缓存
- 禅道添加归档备注
## 铁律
1. 报告必须包含:基本信息、根因分析、修复文件、流程时间线
2. Git 归档路径his-repo/docs/bug-fixes/bug-{id}.md
3. SQLite 归档必须使用完整的 INSERT 列(含 test_output、pipeline_json
4. 禅道备注格式:[📝 陈琳归档] Bug #xxx 修复报告已归档

27
.qoder/agents/guanyu.md
View File

@@ -1,27 +0,0 @@
---
name: guanyu
description: 后端修复师 — Java/Spring/Mapper/数据库 修复
tools: Bash, Read, Write, Edit, Grep, Glob
model: inherit
maxTurns: 8
memory: project
effort: xhigh
color: red
skills:
- fix
---
# 关羽 (guanyu) — 后端修复师
## 角色
- 修复 Java/Spring Boot 后端 Bug
- 处理 API 接口、Service 逻辑、Mapper/SQL
- 数据库相关修复INSERT/UPDATE/DELETE
## 铁律
1. 修复前必须先读 AGENTS.md 了解项目规范
2. 修复后必须运行 `mvn compile` 验证编译
3. 涉及 SQL 必须先查真实数据库表结构
4. 一次只修一个 Bug不扩大范围
5. 修复后必须有 git commitcommit message 包含 Bug 编号
6. 数据库铁律:必须用 db-query 工具验证 SQL 语法正确性

25
.qoder/agents/huatuo.md
View File

@@ -1,25 +0,0 @@
---
name: huatuo
description: 验收师 — 最终验收、确认修复完整性
tools: Bash, Read, Grep, Glob
model: inherit
maxTurns: 3
memory: project
effort: medium
color: yellow
skills:
- verify
---
# 华佗 (huatuo) — 验收师
## 角色
- 最终验收修复结果
- 确认测试通过、代码提交、文档完整
- 人类 Bug 只加备注不改状态
## 铁律
1. 必须检查 git commit 是否存在
2. 必须检查测试报告是否通过
3. 人类提的 Bug 不改状态不改分配,只加备注
4. 智能体提的 Bug 可以改分配和加备注

26
.qoder/agents/liubei.md
View File

@@ -1,26 +0,0 @@
---
name: liubei
description: 总协调者 — 扫描禅道Bug、调度智能体、生成进度报告
tools: Bash, Read, Grep, Glob
model: inherit
maxTurns: 5
memory: project
effort: high
color: gold
skills:
- analyze
---
# 刘备 (liubei) — 总协调者
## 角色
- 扫描禅道所有未关闭 Bug
- 根据 Bug 标题关键词路由到对应修复智能体
- 监控管线进度,生成报告
- 不直接修复 Bug
## 铁律
1. 只调度,不修改代码
2. 每 5 分钟自动扫描一次
3. 路由规则:数据库→荀彧,后端→关羽,前端→赵云
4. 已关闭/已解决的 Bug 不再调度

25
.qoder/agents/xunyu.md
View File

@@ -1,25 +0,0 @@
---
name: xunyu
description: DB审查师 — 数据库变更审查、SQL验证
tools: Bash, Read, Grep, Glob
model: inherit
maxTurns: 3
memory: project
effort: high
color: cyan
skills:
- db-review
---
# 荀彧 (xunyu) — DB审查师
## 角色
- 审查修复中的数据库变更
- 验证 SQL 语法、表结构、约束
- 检查迁移脚本完整性
## 铁律
1. 必须用 db-query 工具查询真实数据库
2. 检查 NOT NULL 约束、外键约束
3. 验证 INSERT/UPDATE 字段与表结构匹配
4. 审查结果必须包含:通过/不通过、原因、建议

25
.qoder/agents/zhangfei.md
View File

@@ -1,25 +0,0 @@
---
name: zhangfei
description: 测试师 — Playwright回归测试、质量验证
tools: Bash, Read, Grep, Glob
model: inherit
maxTurns: 5
memory: project
effort: high
color: green
skills:
- test
---
# 张飞 (zhangfei) — 测试师
## 角色
- 运行 Playwright 回归测试
- 验证修复是否生效
- 测试失败时退回修复智能体
## 铁律
1. 必须用 `--workers=1` 避免压垮 dev server
2. 测试超时 120 秒
3. 最多重试 3 次,超过则通知人工介入
4. 测试结果必须写入禅道备注

25
.qoder/agents/zhaoyun.md
View File

@@ -1,25 +0,0 @@
---
name: zhaoyun
description: 前端修复师 — Vue/TypeScript/CSS 修复
tools: Bash, Read, Write, Edit, Grep, Glob
model: inherit
maxTurns: 8
memory: project
effort: xhigh
color: blue
skills:
- fix
---
# 赵云 (zhaoyun) — 前端修复师
## 角色
- 修复 Vue3/TypeScript 前端 Bug
- 处理界面显示、组件交互、样式问题
- API 调用对接
## 铁律
1. 修复前必须先读 AGENTS.md 了解项目规范
2. 修复后必须运行 `vue-tsc --noEmit` 验证类型
3. 一次只修一个 Bug不扩大范围
4. 修复后必须有 git commitcommit message 包含 Bug 编号

26
.qoder/agents/zhugeliang.md
View File

@@ -1,26 +0,0 @@
---
name: zhugeliang
description: 分析师 — 分析Bug根因、拆解修复步骤、路由到正确智能体
tools: Bash, Read, Grep, Glob, WebFetch
model: inherit
maxTurns: 3
memory: project
effort: xhigh
color: purple
skills:
- analyze
---
# 诸葛亮 (zhugeliang) — 分析师
## 角色
- 接收刘备分派的 Bug深度分析根因
- 读取禅道完整信息(含图片附件 OCR
- 拆解修复步骤,确定修复策略
- 路由到正确的修复智能体
## 铁律
1. 必须读取 AGENTS.md 了解项目规范
2. 必须分析完整 6 环链路前端→Controller→Service→Mapper→DB→关联模块
3. 涉及数据库字段的 Bug 必须先查真实表结构
4. 分析报告必须包含:根因、影响范围、修复方案、测试要点

377
.qoder/rules/IRON_LAWS.md
View File

@@ -1,377 +0,0 @@
# 🔴 AgentForge 铁律(不可违反)
> 所有智能体在处理任何任务时必须遵守。违反任何一条 = 阻断提交。
> 唯一源头文件:修改此文件后所有智能体自动生效。
---
## 一、Bug 状态管理
- **已关闭/已解决的 Bug 禁止处理** — 处理前检查禅道 statusresolved/closed 直接跳过
- **人类提的 Bug 只加备注不改状态** — reporter 是人类账号时,不改 status、不改 assignedTo
- **智能体提的 Bug 可改分配和加备注** — 状态变更等测试通过后由华佗确认
- **每个修复必须有 git commit** — 格式: `fix(#bug_id): 简要描述`
- **🔴 修复完成必须提交** — `git add --all && git commit && git push`,未提交=没修
- **🔴 修复必须合并到 develop** — 工作树 commit ≠ 生效,必须 cherry-pick/merge 到 develop
- **🔴 未合并到 develop 的修复等于没修** — 验收时检查 develop 上是否有该 commit
- **🔴 修复必须编译部署后才算完成** — `mvn package``systemctl restart` → 验证启动时间
---
## 二、修复流程
- **一次只修一个 Bug**,不扩大范围
- **修前必须完整获取 Bug 全部信息** — 描述、复现步骤、所有截图/附件、所有备注历史。禁止只看标题就写代码
- **修复前必须读 AGENTS.md**
- **修复后必须验证编译** — `mvn compile` / `vue-tsc --noEmit` 0 error
- **commit 前必须验证** — 编译通过 + 无新增 lint 警告
---
## 三、全链路 6 环分析
涉及数据库字段的 Bug 必须走完整链路:
```
前端/页面 → Controller → Service → Mapper → DB/SQL → 关联模块
①录入 ②验证 ③业务 ④持久化 ⑤存储 ⑥联动
```
---
## 四、状态值一致性(来自 Bug #574 教训)
修改任何状态值前,**必须**列出完整链路并逐项检查:
1. 枚举定义(如 `SlotStatus`)的值
2. Service 层设置的状态值是否与枚举一致
3. 查询/列表接口的状态映射是否覆盖所有枚举值
4. 前端 `STATUS_CLASS_MAP` 是否包含新状态
5. 前端过滤条件(`v-if``v-for`)是否兼容新状态
6. 池/统计表的聚合 SQL 是否包含新状态值
**禁止**:只改一端不检查其他端。
---
## 五、状态变更影响面分析(来自 Bug #574→575 教训)
改任何状态枚举值前,**必须**执行影响面分析:
1. `rg "原状态枚举名" --type java` 列出所有引用文件
2. 逐个检查:设置值?查询过滤?显示映射?统计聚合?
3. 检查逆向流程:退号、取消、停诊是否兼容新状态
4. 检查 XML mapper 中所有查询过滤条件
5. 检查前端所有 v-if/v-for/disabled 条件
**禁止**:只改正向流程不验逆向流程。
---
## 六、逆向流程验证(来自 Bug #575 教训)
涉及状态流转的 Bug验证时**必须**覆盖:
- 正向:预约→签到→就诊→完成
- 逆向:退号、取消预约、停诊、退费
- 边界:并发操作、重复操作、异常中断
**禁止**:只测正向流程就标记"修复完成"。
---
## 七、全链路验证(状态流转 Bug 必做)
修复后按以下顺序验证,**编译通过不等于修复完成**
```
① 数据库SELECT status FROM table WHERE id = ? → 确认写入正确
② 后端接口:检查所有 if/switch 分支 → 确认映射正确
③ 前端显示:检查 STATUS_CLASS_MAP → 确认文本正确
④ 前端交互:检查 v-if/v-for/disabled → 确认按钮状态正确
⑤ 统计数据:检查聚合 SQL → 确认统计包含新状态
```
---
## 八、池/统计表同步(来自 Bug #574 反复修复教训)
- **任何状态变更必须同步更新关联统计表**
- 检查清单:
1. 状态变更后,哪些统计字段需要更新?
2. 是原子递增/递减,还是全量重算?
3. 并发安全:用 `SET field = field + 1` 还是先查后改?
4. 逆向操作(退号/取消)是否正确回滚统计?
- **禁止**:只改状态不改统计,或只改统计不改状态
---
## 九、统计变更必须验证实际值(来自 Bug #575 教训)
- 修改统计逻辑后,**必须查数据库验证实际值**
- `SELECT booked_num, locked_num FROM adm_schedule_pool WHERE id = ?`
- 对比操作前后的值,确认统计正确
- **禁止**:改了统计逻辑不查数据库验证
---
## 十、禁止删除源文件
- **绝对禁止**删除项目中已有的 Java/Vue/SQL 源文件
- 编译错误 → 修复错误,不删除文件
- 重复文件 → 重构合并,不删除文件
- AI 幻觉文件 → 检查 `git ls-tree baseline -- <file>` 确认后再删除
- **唯一例外**:人类明确确认删除
---
## 十一、禁止修改已有公开方法签名
- 不能删除或重命名已有的 public 方法
- 不能修改已有方法的参数列表
- 需要新功能 → 添加重载方法
- 需要改行为 → 修改方法内部实现
---
## 十二、搜索所有相关代码路径
修复前必须用 `rg` 搜索:
```
rg "状态枚举名|相关方法名|相关字段名" --type java --type vue
```
确保不遗漏任何引用路径。
---
## 十三、数据库铁律
- **修前必须查询真实数据库** — 确认表结构、字段约束、索引
- **禁止凭猜测写 SQL** — 先 `\d table_name` 查看表结构
- **修改 SQL 后必须验证** — `EXPLAIN` 或实际查询验证语法
- **NOT NULL 约束必须检查** — INSERT/UPDATE 前先查 `is_nullable`
- **关联表必须查完整** — 涉及 JOIN 查所有关联表结构和外键
- **涉及 SQL 必须先查真实数据库**
---
## 十四、测试铁律
- Playwright 必须 `--workers=1`
- 超时 120 秒,最多重试 3 次
- 测试失败自动重试,超过 3 次通知人工介入
- 测试结果写入禅道备注
- **DB审查失败自动回退** — 路由回原修复智能体
---
## 十五、归档铁律
- **三重写入** — Git + SQLite + Redis
- SQLite 必须使用完整字段
- 禅道备注格式:`[📝 陈琳归档] Bug #xxx`
- 归档报告必须包含:基本信息 + 根因分析 + 修复文件 + 流程时间线
---
## 十六、禅道交互
- 备注使用 resolve+activate workaround
- 不直接调用 comment API会 404
- 图片附件必须 OCR 读取
---
## 十七、质量门禁
- L1: 编译通过
- L2: 测试通过
- L3: DB审查通过
- L4: 验收通过
- L5: 归档完成
---
## 过往教训
| Bug | 教训 | 根因 |
|---|---|---|
| #574 | 状态值 BOOKED(1)→应为 CHECKED_IN(3),前端映射缺失 | 没走完整状态链路 |
| #574 | AI 看到编译错误直接删文件 | 没检查 git baseline |
| #574 | 多次 fallback 修错文件OrderServiceImpl | 没用 rg 搜索所有引用 |
| #574 | 签到后 booked_num 未累加 | 只改状态没改统计 |
| #575 | 改了签到状态没检查退号流程 | 只验正向不验逆向 |
| #575 | booked_num 应在预约时累加而非签到时 | 统计变更未验证实际值 |
| — | 修复完成未提交到 develop | 框架未强制验证提交 |
| — | 退号流程只检查 BOOKED(1) 不兼容 CHECKED_IN(3) | 状态变更影响面分析缺失 |
---
## 十八、禁止硬编码业务默认值(来自 Bug #617 教训)
- **禁止**在提交参数中硬编码业务默认值(如 `contractNo: '0000'`
- 必须使用用户在表单中选择的值,硬编码值仅作为 fallback
- 检查清单:
1. 表单字段是否有 `v-model` 绑定?
2. 构建提交参数时是否使用了绑定值?
3. 提交后是否覆盖了用户选择?
- **禁止**:用户选了医保,提交时却写死为自费
---
## 过往教训(补充)
| Bug | 教训 | 根因 |
|---|---|---|
| #617 | 费用性质硬编码为 '0000'(自费),用户选医保无效 | 构建参数时写死默认值 |
---
## 十九、前端验证铁律
- **提交前必须编译前端** — `npm run build``npx vite build` 通过才算完成
- **禁止只改 .vue 文件不验证编译** — 改完必须跑一次编译确认无报错
- **SCSS 括号闭合必须检查** — `<style lang="scss" scoped>` 内的所有 `{}` 必须成对闭合
- **SCSS 嵌套层级不超过 4 层** — 过深嵌套说明结构需要重构
- **编译报错必须当场修复** — 看到 error 立即修,不要留到下一步
### SCSS 检查清单
```bash
# 编译验证
cd openhis-ui-vue3 && npm run build
# 如果编译报错,检查 SCSS
grep -n "{" src/views/xxx/index.vue | wc -l # 开括号数
grep -n "}" src/views/xxx/index.vue | wc -l # 闭括号数
# 两者必须相等
```
---
## 二十、提交前验证铁律
- **后端**: `mvn compile` 通过 + 无新增 warning
- **前端**: `npm run build` 通过 + 无 SCSS 错误
- **禁止跳过编译直接提交** — 编译失败的代码不允许进仓库
- **提交信息格式**: `type(scope): description`(如 `fix(charge): 修复退费金额计算`
### 提交前检查流程
```bash
# 1. 后端编译
cd openhis-server-new && mvn compile -pl openhis-application -am
# 2. 前端编译
cd openhis-ui-vue3 && npm run build
# 3. 两个都通过才提交
git add --all && git commit -m "type(scope): description"
```
---
## 二十六、resolve 前必须验证 develop commit来自 v0.5.1 修复)
- **禁止**仅凭 worktree 未提交变更就 resolve Bug
- resolve 前必须检查 `git log origin/develop --grep="Bug#{id}"` 是否有 commit
- `comment_bug` 用 resolve+activate workaroundactivate 失败会导致 bug 卡在 resolved
- `ok_to_commit` 必须要求 `has_fix_commit = true`develop 上有实际 commit
- **验证方式**: `git log origin/develop --grep="Bug#{id}" --oneline -1` 有输出才允许 resolve
---
## 二十七、comment_bug 禁止改状态铁律(来自 v0.5.2 修复)
- **禁止**使用 resolve+activate workaround 添加备注 — activate 失败会导致 bug 卡在 resolved
- 添加备注必须使用不改状态的方式CLI `zentao bug update --comment` 或 API `PUT /bugs/{id}`
- `comment_bug` 函数必须只写 comment不触发任何状态变更
- **教训**: 36 个 bug 因 activate 失败被误标为 resolved无代码提交
### 正确做法
```rust
// ✅ 正确:只加备注,不改状态
zentao bug update --id <BUG_ID> --comment "备注内容"
// ❌ 错误resolve+activate 会改状态
POST /bugs/{id}/resolve // 改为 resolved
POST /bugs/{id}/activate // 如果失败bug 卡在 resolved
```
---
## 二十八、文件快照禁用覆盖判定铁律(来自 v0.5.2 修复)
- **禁止**用主仓库文件快照 diff 覆盖 success 判定
- success 判定必须基于 agent worktree 的实际变更(`count_changed_files` + `has_fix_commit`
- 主仓库快照仅用于日志记录,不能影响判定结果
- **教训**: 主仓库快照检测到其他 agent 的变更,误判当前 agent 修复成功
### 根因
```
Agent A cherry-pick 到 develop → 主仓库有变更
Agent B 运行 → 主仓库快照检测到 A 的变更 → 误判 B 修复成功
```
### 正确做法
```rust
// ✅ 正确:基于 worktree 判定
let changes = count_worktree_changes(agent_name); // 检查 worktree
let has_fix = has_recent_fix_commit(agent_name, bug_id); // 检查 develop commit
// ❌ 错误:基于主仓库判定
let file_diff = snapshot_and_diff(main_repo_dir, &before); // 检查主仓库
if has_real_changes { r.success = true; } // 误判
```
---
## 二十九、Worktree 必须存在且为 Git 仓库铁律
- 每个 agent 的 worktree 目录必须存在且包含 `.git` 文件
- 启动 executor 前必须验证 worktree 存在:`test -d /tmp/agentforge-worktrees/{agent}`
- worktree 不存在时必须创建:`git worktree add /tmp/agentforge-worktrees/{agent} -b {agent}`
- **教训**: 4 个 agentzhangfei, chenlin, huatuo, liubei无 worktreecodex 运行失败但仍标记成功
### 验证命令
```bash
# 检查所有 agent worktree
for agent in zhaoyun guanyu xunyu zhangfei huatuo chenlin zhugeliang liubei; do
if [ -d "/tmp/agentforge-worktrees/$agent/.git" ]; then
echo "✅ $agent: worktree OK"
else
echo "❌ $agent: worktree MISSING"
cd /root/.openclaw/workspace/his-repo
git worktree add /tmp/agentforge-worktrees/$agent -b $agent
fi
done
```
---
## 三十、Bug 状态变更必须双重确认铁律
- resolve Bug 前必须检查当前状态:`zentao bug get --id {id} | grep status`
- 只有 `status: active` 的 Bug 才允许 resolve
- resolve 后必须验证状态:`zentao bug get --id {id} | grep status` 确认为 `resolved`
- activate 后必须验证状态:确认恢复为 `active`
- **教训**: 批量操作 36 个 bug 时1 个因状态不对失败,需要逐个检查
### 批量操作模板
```bash
source /root/.config/zentao/.env
for id in 711 710 709; do
# 1. 检查当前状态
status=$(zentao bug get --id "$id" 2>&1 | grep "status:" | awk '{print $2}')
if [ "$status" != "active" ]; then
echo "⚠️ Bug #$id: 当前状态=$status,跳过"
continue
fi
# 2. 执行操作
zentao bug activate --id "$id" --data '{"openedBuild":"6"}'
# 3. 验证结果
new_status=$(zentao bug get --id "$id" 2>&1 | grep "status:" | awk '{print $2}')
echo "Bug #$id: $status$new_status"
done
```

46
.qoder/rules/backend.md
View File

@@ -1,46 +0,0 @@
---
description: Backend development rules for HealthLink-HIS Java/Spring Boot code
paths:
- "healthlink-his-server/**/*.java"
- "healthlink-his-server/**/pom.xml"
---
# Backend Development Rules
## Architecture
- Layered: `Controller → AppService → Service → Mapper → Entity`
- Package: `com.healthlink.his.web.{module}.{layer}`
- All queries use `LambdaQueryWrapper`, no string SQL concatenation
- All endpoints require `@PreAuthorize` permission control
- Use `@Transactional(rollbackFor = Exception.class)` for transaction management
## Naming conventions
- Controller: `XxxController`
- AppService: `IXxxAppService` / `XxxAppServiceImpl`
- Service: `IXxxService` / `XxxServiceImpl`
- Mapper: `XxxMapper`
- Entity: `Xxx`
- DTO: `XxxDto` / `XxxQueryDto`
## Iron Laws (Backend)
- **Iron Law 7**: Never modify existing public method signatures (no delete/rename, no parameter changes)
- **Iron Law 18**: Never break existing functionality when adding new features
- **Iron Law 19**: Compile errors are your responsibility to fix, regardless of origin
- **Iron Law 6**: Never delete existing Java source files
## DTO Field Type Defense
- Frontend Boolean fields → use String + business layer conversion (Jackson strict Boolean validation)
- All DTOs accepting frontend input: add `@JsonIgnoreProperties(ignoreUnknown = true)`
## Verification commands
```bash
cd healthlink-his-server
mvn clean compile -DskipTests # Compile check
mvn install -DskipTests # Build and install
mvn test # Run all tests
```
## Common patterns
- Patient sensitive information must be desensitized in logs
- Use Hutool utility classes for common operations
- Flowable for workflow, LiteFlow for rule engine

48
.qoder/rules/database.md
View File

@@ -1,48 +0,0 @@
---
description: Database and Flyway migration rules for HealthLink-HIS
paths:
- "**/*.sql"
- "**/mapper/*.xml"
- "healthlink-his-server/**/resources/db/migration/**"
---
# Database and Migration Rules
## Iron Law 2: Flyway database migration
- All new tables or new fields require a Flyway migration script
- Path: `healthlink-his-application/src/main/resources/db/migration/`
- Naming: `V{version}__{description}.sql` (double underscore)
## Iron Law 17: Database iron laws
- **Query real database before modification** — confirm table structure, field constraints, indexes
- **No guessing SQL** — check table structure first
- **Verify after SQL modification** — use `EXPLAIN` or actual query to verify syntax
- **Check NOT NULL constraints** — verify `is_nullable` before INSERT/UPDATE
- **Check all related tables** — for JOIN queries, check all related table structures and foreign keys
## Iron Law 18: SQL migration restrictions
- Only `ALTER TABLE ADD COLUMN` allowed
- No `DROP COLUMN` or `RENAME COLUMN`
- New fields can only be appended, not deleted or renamed
## Database connection
- PostgreSQL 15+ at `192.168.110.252:15432`
- Database: `healthlink_his`
- Flyway is enabled in dev and runs on startup
- Migration conflicts will block server startup
## Full chain 6-ring analysis
For bugs/requirements involving database fields, follow the complete chain:
```
Frontend/Page → Controller → Service → Mapper → DB/SQL → Related modules
①Input ②Validate ③Business ④Persist ⑤Storage ⑥Linkage
```
| Ring | Check |
|------|-------|
| ① Input | Frontend has input entry (dialog, table row edit, form) |
| ② Validate | Controller parameter validation, @Valid, permission control |
| ③ Business | Service business logic, transaction boundaries, multiple Service implementation entries |
| ④ Persist | Mapper XML, DTO field mapping, type conversion |
| ⑤ Storage | Database table structure, indexes, NOT NULL constraints |
| ⑥ Linkage | Upstream (orders→nurse station), downstream (printing, billing, reports) synchronization |

46
.qoder/rules/debugging.md
View File

@@ -1,46 +0,0 @@
---
description: Systematic debugging process for HealthLink-HIS
paths:
- "**/*.java"
- "**/*.{vue,js,ts}"
- "**/*.sql"
---
# Systematic Debugging Process
> **Iron Law: No root cause investigation, no fix proposal.**
## Four-stage process
### Stage 1: Root cause investigation (must complete before fixing)
1. Carefully read error message (stack trace, line numbers, error codes)
2. Stabilize reproduction (can it be reliably triggered? steps? every time?)
3. Check recent changes (`git diff`, new dependencies, config changes)
4. Multi-component system: add diagnostic logs at each component boundary, locate which layer is broken
5. Trace data flow: where does the bad value come from? who calls it? trace back to the source
### Stage 2: Pattern analysis
- Find similar working code in the same codebase
- Compare differences item by item
- Understand dependency relationships
### Stage 3: Hypothesis and test
- Form single hypothesis: "I believe X is the root cause because Y"
- Make minimal change to test
- Effective → Stage 4; Invalid → new hypothesis
### Stage 4: Implement
- Create failing test case
- Fix root cause (not symptoms)
- Verify fix
## Use /fix-compile skill
When `mvn compile` or `npm run build:dev` fails, use the `/fix-compile` skill for systematic diagnosis and repair.
## Common error patterns
- **Duplicate method**: Check all Service implementations for the same method
- **Missing import**: Verify package structure matches `com.healthlink.his.web.{module}`
- **Type mismatch**: Check DTO field types (Iron Law: DTO field type defense)
- **SCSS bracket**: Count `{` and `}` in `<style lang="scss" scoped>` blocks
- **Flyway conflict**: Check migration version numbers in `healthlink-his-application/src/main/resources/db/migration/`
- **State chain break**: Bug#574 lesson — check complete state flow (enum → Service → query → frontend mapping → statistics)

53
.qoder/rules/frontend.md
View File

@@ -1,53 +0,0 @@
---
description: Frontend development rules for HealthLink-HIS Vue 3/Element Plus code
paths:
- "healthlink-his-ui/src/**/*.{vue,js,ts,jsx,tsx}"
- "healthlink-his-ui/package.json"
- "healthlink-his-ui/vite.config.js"
---
# Frontend Development Rules
## Tech stack
- Vue 3.5 + Vite 6.4 + Element Plus 2.14 + Pinia 2.2 + TypeScript 5.9
- Based on RuoYi-Vue3 framework
## Directory structure
```
src/api/{module}/ # API interfaces
src/views/{module}/ # Page components
src/store/modules/ # Pinia state management
src/components/ # Shared components
```
## Key constraints
- API prefix: `/healthlink-his/api/v1/`
- Route lazy loading: `() => import('@/views/xxx/index.vue')`
- Use `<script setup>` syntax for all pages
- Button permissions: `v-hasPermi` directive
- Cleanup: events registered in `onMounted` must be removed in `onUnmounted`
## Iron Laws (Frontend)
- **Iron Law 4**: API paths must align with backend (`/healthlink-his/api/v1/`)
- **Iron Law 18**: Never break existing page component structure when adding new pages
- **Iron Law 23**: Always use UTF-8 encoding when reading/writing files (PowerShell trap)
- **Iron Law 30**: Frontend compilation is mandatory — `npm run build:dev` must pass
## SCSS rules
- Check bracket closure in `<style lang="scss" scoped>` blocks
- All `{}` must be paired
- Compilation errors must be fixed immediately
## Verification commands
```bash
cd healthlink-his-ui
npm run build:dev # Build verification
npm run lint # ESLint check
npm run test:run # Vitest unit tests
```
## Common patterns
- Use Element Plus components (ElTable, ElForm, ElDialog)
- Use vxe-table for complex data grids
- Use ECharts for charts and visualizations
- Use vue-plugin-hiprint for printing

49
.qoder/rules/testing.md
View File

@@ -1,49 +0,0 @@
---
description: Testing and verification rules for HealthLink-HIS
paths:
- "**/*.java"
- "**/*.{vue,js,ts}"
- "**/*.sql"
---
# Testing and Verification Rules
## Iron Law 1: Test after modification
- Backend: `mvn clean compile -DskipTests``mvn install -DskipTests``mvn test`
- Frontend: `npm run build:dev``npm run lint``npm run test:run`
- White box: Compilation passes, no ERROR
- Black box: Key interfaces return `{code:200, data:...}`, verify business logic
- Smoke: Application starts normally, core flow works
## Iron Law 3: Commit only after tests pass
- Compilation + all tests must pass before `git commit`
- Do not commit incomplete features, debug code, or temporary files
## Iron Law 8: Verification before completion
- **Cannot claim "done", "passed", "no problem" without running verification commands**
- Forbidden: "should work", "probably fine", "looks correct"
- Required: Run command → Read output → Confirm result → Then claim
- This is an honesty principle, not an efficiency issue
## Iron Law 19: Compile errors are not distinguished by source
- `mvn compile`, `vite build`, `vue-tsc` errors = not acceptable, **regardless of origin**
- Forbidden: "this is a pre-existing issue", "not my change", "original bug"
- Correct approach: Locate error → Fix → Rebuild to confirm → Then continue
## Full verification pipeline
Use `/verify` skill to run the complete verification suite:
- Backend: compile + build + test
- Frontend: build + lint + test
## Test frameworks
- Backend: JUnit + Spring Boot Test
- Frontend: Vitest (unit), Playwright (E2E)
## Running specific tests
```bash
# Backend single test class
mvn test -pl healthlink-his-application -Dtest="XxxTest" -Dsurefire.failIfNoSpecifiedTests=false
# Frontend single test file
npm run test:run -- path/to/test.spec.ts
```

20
.qoder/settings.json
View File

@@ -1,20 +0,0 @@
{
"provider": "openai-compatible",
"apiKey": "tp-c5g4lq98ufrnmb8tgde32pf1jodrqs2bfkyz19shto080000",
"baseUrl": "https://token-plan-cn.xiaomimimo.com/v1",
"model": "mimo-v2.5-pro",
"hooks": {
"PostToolUse": [
{
"matcher": "Write|Edit",
"hooks": [
{
"type": "command",
"command": "node -e \"const d=require('fs').readFileSync(0,'utf-8');const j=JSON.parse(d);const f=j.tool_input?.file_path||j.tool_response?.filePath;if(f&&f.match(/\\.(vue|js|ts|jsx|tsx|scss|css)$/)&&f.startsWith('healthlink-his-ui/')){const p=f.replace('healthlink-his-ui/','');const{execSync}=require('child_process');try{execSync('npx prettier --write '+p,{cwd:'healthlink-his-ui',stdio:'pipe',timeout:15000})}catch(e){}}\" 2>/dev/null || true",
"timeout": 20
}
]
}
]
}
}

13
.qoder/settings.local.json
View File

@@ -1,13 +0,0 @@
{
"permissions": {
"allow": [
"Bash(cd healthlink-his-ui && npx eslint --version)",
"Bash(echo '{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"healthlink-his-ui/src/App.vue\"}}' | jq -r '.tool_input.file_path // .tool_response.filePath' | { read -r f; cd healthlink-his-ui && npx eslint --fix \"$f\" 2>&1 || true; })",
"Bash(node:*)",
"Bash(echo '{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"healthlink-his-ui/src/App.vue\"}}' | node -e \"const data = require\\('fs'\\).readFileSync\\(0, 'utf-8'\\); const json = JSON.parse\\(data\\); const f = json.tool_input?.file_path || json.tool_response?.filePath; console.log\\(f\\);\")",
"Bash(echo '{\"tool_name\":\"Edit\",\"tool_input\":{\"file_path\":\"healthlink-his-ui/src/App.vue\"}}' | node -e \"\nconst d=require\\('fs'\\).readFileSync\\(0,'utf-8'\\);\nconst j=JSON.parse\\(d\\);\nconst f=j.tool_input?.file_path||j.tool_response?.filePath;\nif\\(f && f.match\\(/\\\\.\\(vue|js|ts|jsx|tsx\\)\\\\$/\\) && f.startsWith\\('healthlink-his-ui/'\\)\\) {\n const relPath = f.replace\\('healthlink-his-ui/', ''\\);\n const {execSync} = require\\('child_process'\\);\n try { execSync\\('npx eslint --fix ' + relPath, {cwd: 'healthlink-his-ui', stdio: 'pipe', timeout: 10000}\\); console.log\\('formatted: ' + f\\); }\n catch\\(e\\) { console.log\\('lint skipped: ' + f\\); }\n}\n\" 2>/dev/null || true)",
"Bash(ls -la .qoder/settings.json 2>/dev/null || echo \"File does not exist\")",
"Bash(ls -la D:/his/RULES.md 2>/dev/null && wc -l D:/his/RULES.md || echo \"RULES.md not found\")"
]
}
}

27
.qoder/skills/agentforge-analyze/SKILL.md
View File

@@ -1,27 +0,0 @@
---
name: bug-analyze
description: Bug分析技能 — 根因分析和修复方案设计
when_to_use: 分析Bug时自动激活
---
# Bug 分析技能
## 分析流程
### 1. 信息收集
- 读取禅道 Bug 完整信息
- OCR 读取附件图片中的错误信息
- 查询数据库相关表结构
### 2. 6 环分析
```
前端/页面 → Controller → Service → Mapper → DB/SQL → 关联模块
①录入 ②验证 ③业务 ④持久化 ⑤存储 ⑥联动
```
### 3. 输出
- 根因描述
- 影响范围
- 修复方案
- 测试要点
- 路由建议(数据库→荀彧,后端→关羽,前端→赵云)

31
.qoder/skills/agentforge-archive/SKILL.md
View File

@@ -1,31 +0,0 @@
---
name: chenlin-archive
description: 归档技能 — 生成报告、多层归档
when_to_use: 验收通过后自动激活
---
# 归档技能
## 归档流程
### 🔴 前置检查(必须通过才能归档)
- **修复必须在 develop 分支上** — `git log origin/develop --grep="#{id}"` 有结果
- 未合并到 develop 的修复禁止归档
### 1. 收集数据
- 从 traces 表收集全流程事件
- 从 git 收集 commit 信息(必须在 develop 分支上)
- 从测试结果收集通过/失败状态
### 2. 生成报告
- Markdown 格式
- 包含:基本信息、根因分析、修复文件、流程时间线
### 3. 三重归档
- **Git**: his-repo/docs/bug-fixes/bug-{id}.md
- **SQLite**: bug_reports 表(完整字段)
- **Redis**: fix_doc:{id}30天 TTL
### 4. 禅道备注
- 格式:[📝 陈琳归档] Bug #xxx 修复报告已归档
- 使用 resolve+activate workaround

29
.qoder/skills/agentforge-db-review/SKILL.md
View File

@@ -1,29 +0,0 @@
---
name: db-review
description: DB审查技能 — 数据库变更验证
when_to_use: 修复涉及SQL/数据库时自动激活
paths:
- "*.sql"
- "*mapper*"
- "*Mapper*"
---
# DB 审查技能
## 审查流程
### 1. 检查变更范围
- 使用 `git diff --name-only` 查看变更文件
- 识别 SQL DDL 变更(.sql、migration
- 区分 DDL 变更和代码引用mapper XML
### 2. 验证 SQL
- 用 db-query 查询真实表结构
- 检查 NOT NULL 约束
- 检查外键约束
- 用 EXPLAIN 验证查询计划
### 3. 审查结论
- 无 DDL 变更 → 直接通过
- 有 DDL 变更 → 检查迁移脚本
- 审查失败 → 退回修复智能体并附原因

50
.qoder/skills/agentforge-fix/SKILL.md
View File

@@ -1,50 +0,0 @@
---
name: bug-fix
description: Bug修复技能 — 全链路修复流程
when_to_use: 修复Bug时自动激活
paths:
- "*.java"
- "*.vue"
- "*.ts"
---
# Bug 修复技能
## 修复流程
### 1. 分析阶段
- 读取禅道 Bug 完整信息(标题、描述、附件图片)
- 使用 OCR 读取图片中的错误信息
- 分析 6 环链路前端→Controller→Service→Mapper→DB→关联模块
- **状态值一致性检查**(涉及状态流转的 Bug 必做):
1. 列出所有相关枚举定义及其数值
2. 搜索所有引用该枚举的代码路径(`rg "SlotStatus\|OrderStatus\|Status"` )
3. 确认 Service 层设置值、查询映射、前端显示三者一致
4. 确认统计/聚合 SQL 包含所有相关状态值
### 2. 定位阶段
- 使用 `rg` 搜索相关代码
- 使用 `git blame` 追溯历史
- 确认根因
### 3. 修复阶段
- 一次只修一个 Bug
- 修改最小范围代码
- 遵守项目编码规范
### 4. 验证阶段
- 后端:`mvn compile`
- 前端:`vue-tsc --noEmit`
- 数据库:`db-query` 验证 SQL
- **全链路验证**(状态流转 Bug 必做):
1. 数据库:确认状态值已正确写入(`SELECT status FROM table WHERE id = ?`
2. 后端接口:确认返回的状态映射正确(检查所有 `if/switch` 分支)
3. 前端显示:确认页面显示正确状态文本(检查 `STATUS_CLASS_MAP`
4. 前端交互:确认按钮/操作基于正确状态启用/禁用
5. 统计数据:确认池/报表统计包含新状态值
- **禁止**:只验证编译通过就认为修复完成
### 5. 提交阶段
- `git add` + `git commit`
- commit message 格式:`fix(#bug_id): 简要描述`
- 推送到 develop 分支

28
.qoder/skills/agentforge-test/SKILL.md
View File

@@ -1,28 +0,0 @@
---
name: playwright-test
description: Playwright回归测试技能
when_to_use: 测试Bug修复时自动激活
---
# Playwright 回归测试技能
## 测试流程
### 1. 环境准备
- 确保前端 dev server 运行在 81 端口
- 使用 `--workers=1` 单线程运行
### 2. 执行测试
```bash
cd /root/.openclaw/workspace/his-repo/openhis-ui-vue3
npx playwright test --grep @bug{ID} --reporter=line --workers=1
```
### 3. 结果判定
- 测试通过 → 通知华佗验收
- 测试失败 → 增加重试计数,退回修复智能体
- 超过 3 次 → 通知人工介入
### 4. 结果记录
- 写入禅道备注
- 保存测试文档到 Redis

30
.qoder/skills/agentforge-verify/SKILL.md
View File

@@ -1,30 +0,0 @@
---
name: acceptance
description: 验收技能 — 最终确认修复完整性
when_to_use: 测试通过后自动激活
---
# 验收技能
## 验收清单(必须全部通过)
### 🔴 强制检查(任一失败=拒绝验收)
- [ ] **修复已合并到 develop 分支**`git log origin/develop --grep="#bug_id"` 必须有结果
- [ ] 工作树 commit ≠ 生产生效,必须 merge 到 develop 并 push
- [ ] git commit message 包含 Bug 编号
- [ ] 测试报告通过
### 人类 Bug 处理
- 只加备注,不改状态
- 不改分配
### 智能体 Bug 处理
- 可以改分配
- 可以加备注
## 合并验证命令
```bash
cd /root/.openclaw/workspace/his-repo
git log origin/develop --oneline --grep="#{bug_id}"
# 必须有输出,否则拒绝验收
```

164
.qoder/skills/brainstorming/SKILL.md
View File

@@ -1,164 +0,0 @@
---
name: brainstorming
description: "You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior. Explores user intent, requirements and design before implementation."
---
# Brainstorming Ideas Into Designs
Help turn ideas into fully formed designs and specs through natural collaborative dialogue.
Start by understanding the current project context, then ask questions one at a time to refine the idea. Once you understand what you're building, present the design and get user approval.
<HARD-GATE>
Do NOT invoke any implementation skill, write any code, scaffold any project, or take any implementation action until you have presented a design and the user has approved it. This applies to EVERY project regardless of perceived simplicity.
</HARD-GATE>
## Anti-Pattern: "This Is Too Simple To Need A Design"
Every project goes through this process. A todo list, a single-function utility, a config change — all of them. "Simple" projects are where unexamined assumptions cause the most wasted work. The design can be short (a few sentences for truly simple projects), but you MUST present it and get approval.
## Checklist
You MUST create a task for each of these items and complete them in order:
1. **Explore project context** — check files, docs, recent commits
2. **Offer visual companion** (if topic will involve visual questions) — this is its own message, not combined with a clarifying question. See the Visual Companion section below.
3. **Ask clarifying questions** — one at a time, understand purpose/constraints/success criteria
4. **Propose 2-3 approaches** — with trade-offs and your recommendation
5. **Present design** — in sections scaled to their complexity, get user approval after each section
6. **Write design doc** — save to `docs/superpowers/specs/YYYY-MM-DD-<topic>-design.md` and commit
7. **Spec self-review** — quick inline check for placeholders, contradictions, ambiguity, scope (see below)
8. **User reviews written spec** — ask user to review the spec file before proceeding
9. **Transition to implementation** — invoke writing-plans skill to create implementation plan
## Process Flow
```dot
digraph brainstorming {
"Explore project context" [shape=box];
"Visual questions ahead?" [shape=diamond];
"Offer Visual Companion\n(own message, no other content)" [shape=box];
"Ask clarifying questions" [shape=box];
"Propose 2-3 approaches" [shape=box];
"Present design sections" [shape=box];
"User approves design?" [shape=diamond];
"Write design doc" [shape=box];
"Spec self-review\n(fix inline)" [shape=box];
"User reviews spec?" [shape=diamond];
"Invoke writing-plans skill" [shape=doublecircle];
"Explore project context" -> "Visual questions ahead?";
"Visual questions ahead?" -> "Offer Visual Companion\n(own message, no other content)" [label="yes"];
"Visual questions ahead?" -> "Ask clarifying questions" [label="no"];
"Offer Visual Companion\n(own message, no other content)" -> "Ask clarifying questions";
"Ask clarifying questions" -> "Propose 2-3 approaches";
"Propose 2-3 approaches" -> "Present design sections";
"Present design sections" -> "User approves design?";
"User approves design?" -> "Present design sections" [label="no, revise"];
"User approves design?" -> "Write design doc" [label="yes"];
"Write design doc" -> "Spec self-review\n(fix inline)";
"Spec self-review\n(fix inline)" -> "User reviews spec?";
"User reviews spec?" -> "Write design doc" [label="changes requested"];
"User reviews spec?" -> "Invoke writing-plans skill" [label="approved"];
}
```
**The terminal state is invoking writing-plans.** Do NOT invoke frontend-design, mcp-builder, or any other implementation skill. The ONLY skill you invoke after brainstorming is writing-plans.
## The Process
**Understanding the idea:**
- Check out the current project state first (files, docs, recent commits)
- Before asking detailed questions, assess scope: if the request describes multiple independent subsystems (e.g., "build a platform with chat, file storage, billing, and analytics"), flag this immediately. Don't spend questions refining details of a project that needs to be decomposed first.
- If the project is too large for a single spec, help the user decompose into sub-projects: what are the independent pieces, how do they relate, what order should they be built? Then brainstorm the first sub-project through the normal design flow. Each sub-project gets its own spec → plan → implementation cycle.
- For appropriately-scoped projects, ask questions one at a time to refine the idea
- Prefer multiple choice questions when possible, but open-ended is fine too
- Only one question per message - if a topic needs more exploration, break it into multiple questions
- Focus on understanding: purpose, constraints, success criteria
**Exploring approaches:**
- Propose 2-3 different approaches with trade-offs
- Present options conversationally with your recommendation and reasoning
- Lead with your recommended option and explain why
**Presenting the design:**
- Once you believe you understand what you're building, present the design
- Scale each section to its complexity: a few sentences if straightforward, up to 200-300 words if nuanced
- Ask after each section whether it looks right so far
- Cover: architecture, components, data flow, error handling, testing
- Be ready to go back and clarify if something doesn't make sense
**Design for isolation and clarity:**
- Break the system into smaller units that each have one clear purpose, communicate through well-defined interfaces, and can be understood and tested independently
- For each unit, you should be able to answer: what does it do, how do you use it, and what does it depend on?
- Can someone understand what a unit does without reading its internals? Can you change the internals without breaking consumers? If not, the boundaries need work.
- Smaller, well-bounded units are also easier for you to work with - you reason better about code you can hold in context at once, and your edits are more reliable when files are focused. When a file grows large, that's often a signal that it's doing too much.
**Working in existing codebases:**
- Explore the current structure before proposing changes. Follow existing patterns.
- Where existing code has problems that affect the work (e.g., a file that's grown too large, unclear boundaries, tangled responsibilities), include targeted improvements as part of the design - the way a good developer improves code they're working in.
- Don't propose unrelated refactoring. Stay focused on what serves the current goal.
## After the Design
**Documentation:**
- Write the validated design (spec) to `docs/superpowers/specs/YYYY-MM-DD-<topic>-design.md`
- (User preferences for spec location override this default)
- Use elements-of-style:writing-clearly-and-concisely skill if available
- Commit the design document to git
**Spec Self-Review:**
After writing the spec document, look at it with fresh eyes:
1. **Placeholder scan:** Any "TBD", "TODO", incomplete sections, or vague requirements? Fix them.
2. **Internal consistency:** Do any sections contradict each other? Does the architecture match the feature descriptions?
3. **Scope check:** Is this focused enough for a single implementation plan, or does it need decomposition?
4. **Ambiguity check:** Could any requirement be interpreted two different ways? If so, pick one and make it explicit.
Fix any issues inline. No need to re-review — just fix and move on.
**User Review Gate:**
After the spec review loop passes, ask the user to review the written spec before proceeding:
> "Spec written and committed to `<path>`. Please review it and let me know if you want to make any changes before we start writing out the implementation plan."
Wait for the user's response. If they request changes, make them and re-run the spec review loop. Only proceed once the user approves.
**Implementation:**
- Invoke the writing-plans skill to create a detailed implementation plan
- Do NOT invoke any other skill. writing-plans is the next step.
## Key Principles
- **One question at a time** - Don't overwhelm with multiple questions
- **Multiple choice preferred** - Easier to answer than open-ended when possible
- **YAGNI ruthlessly** - Remove unnecessary features from all designs
- **Explore alternatives** - Always propose 2-3 approaches before settling
- **Incremental validation** - Present design, get approval before moving on
- **Be flexible** - Go back and clarify when something doesn't make sense
## Visual Companion
A browser-based companion for showing mockups, diagrams, and visual options during brainstorming. Available as a tool — not a mode. Accepting the companion means it's available for questions that benefit from visual treatment; it does NOT mean every question goes through the browser.
**Offering the companion:** When you anticipate that upcoming questions will involve visual content (mockups, layouts, diagrams), offer it once for consent:
> "Some of what we're working on might be easier to explain if I can show it to you in a web browser. I can put together mockups, diagrams, comparisons, and other visuals as we go. This feature is still new and can be token-intensive. Want to try it? (Requires opening a local URL)"
**This offer MUST be its own message.** Do not combine it with clarifying questions, context summaries, or any other content. The message should contain ONLY the offer above and nothing else. Wait for the user's response before continuing. If they decline, proceed with text-only brainstorming.
**Per-question decision:** Even after the user accepts, decide FOR EACH QUESTION whether to use the browser or the terminal. The test: **would the user understand this better by seeing it than reading it?**
- **Use the browser** for content that IS visual — mockups, wireframes, layout comparisons, architecture diagrams, side-by-side visual designs
- **Use the terminal** for content that is text — requirements questions, conceptual choices, tradeoff lists, A/B/C/D text options, scope decisions
A question about a UI topic is not automatically a visual question. "What does personality mean in this context?" is a conceptual question — use the terminal. "Which wizard layout works better?" is a visual question — use the browser.
If they agree to the companion, read the detailed guide before proceeding:
`skills/brainstorming/visual-companion.md`

214
.qoder/skills/brainstorming/scripts/frame-template.html
View File

@@ -1,214 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Superpowers Brainstorming</title>
<style>
/*
* BRAINSTORM COMPANION FRAME TEMPLATE
*
* This template provides a consistent frame with:
* - OS-aware light/dark theming
* - Fixed header and selection indicator bar
* - Scrollable main content area
* - CSS helpers for common UI patterns
*
* Content is injected via placeholder comment in #claude-content.
*/
* { box-sizing: border-box; margin: 0; padding: 0; }
html, body { height: 100%; overflow: hidden; }
/* ===== THEME VARIABLES ===== */
:root {
--bg-primary: #f5f5f7;
--bg-secondary: #ffffff;
--bg-tertiary: #e5e5e7;
--border: #d1d1d6;
--text-primary: #1d1d1f;
--text-secondary: #86868b;
--text-tertiary: #aeaeb2;
--accent: #0071e3;
--accent-hover: #0077ed;
--success: #34c759;
--warning: #ff9f0a;
--error: #ff3b30;
--selected-bg: #e8f4fd;
--selected-border: #0071e3;
}
@media (prefers-color-scheme: dark) {
:root {
--bg-primary: #1d1d1f;
--bg-secondary: #2d2d2f;
--bg-tertiary: #3d3d3f;
--border: #424245;
--text-primary: #f5f5f7;
--text-secondary: #86868b;
--text-tertiary: #636366;
--accent: #0a84ff;
--accent-hover: #409cff;
--selected-bg: rgba(10, 132, 255, 0.15);
--selected-border: #0a84ff;
}
}
body {
font-family: system-ui, -apple-system, BlinkMacSystemFont, sans-serif;
background: var(--bg-primary);
color: var(--text-primary);
display: flex;
flex-direction: column;
line-height: 1.5;
}
/* ===== FRAME STRUCTURE ===== */
.header {
background: var(--bg-secondary);
padding: 0.5rem 1.5rem;
display: flex;
justify-content: space-between;
align-items: center;
border-bottom: 1px solid var(--border);
flex-shrink: 0;
}
.header h1 { font-size: 0.85rem; font-weight: 500; color: var(--text-secondary); }
.header .status { font-size: 0.7rem; color: var(--success); display: flex; align-items: center; gap: 0.4rem; }
.header .status::before { content: ''; width: 6px; height: 6px; background: var(--success); border-radius: 50%; }
.main { flex: 1; overflow-y: auto; }
#claude-content { padding: 2rem; min-height: 100%; }
.indicator-bar {
background: var(--bg-secondary);
border-top: 1px solid var(--border);
padding: 0.5rem 1.5rem;
flex-shrink: 0;
text-align: center;
}
.indicator-bar span {
font-size: 0.75rem;
color: var(--text-secondary);
}
.indicator-bar .selected-text {
color: var(--accent);
font-weight: 500;
}
/* ===== TYPOGRAPHY ===== */
h2 { font-size: 1.5rem; font-weight: 600; margin-bottom: 0.5rem; }
h3 { font-size: 1.1rem; font-weight: 600; margin-bottom: 0.25rem; }
.subtitle { color: var(--text-secondary); margin-bottom: 1.5rem; }
.section { margin-bottom: 2rem; }
.label { font-size: 0.7rem; color: var(--text-secondary); text-transform: uppercase; letter-spacing: 0.05em; margin-bottom: 0.5rem; }
/* ===== OPTIONS (for A/B/C choices) ===== */
.options { display: flex; flex-direction: column; gap: 0.75rem; }
.option {
background: var(--bg-secondary);
border: 2px solid var(--border);
border-radius: 12px;
padding: 1rem 1.25rem;
cursor: pointer;
transition: all 0.15s ease;
display: flex;
align-items: flex-start;
gap: 1rem;
}
.option:hover { border-color: var(--accent); }
.option.selected { background: var(--selected-bg); border-color: var(--selected-border); }
.option .letter {
background: var(--bg-tertiary);
color: var(--text-secondary);
width: 1.75rem; height: 1.75rem;
border-radius: 6px;
display: flex; align-items: center; justify-content: center;
font-weight: 600; font-size: 0.85rem; flex-shrink: 0;
}
.option.selected .letter { background: var(--accent); color: white; }
.option .content { flex: 1; }
.option .content h3 { font-size: 0.95rem; margin-bottom: 0.15rem; }
.option .content p { color: var(--text-secondary); font-size: 0.85rem; margin: 0; }
/* ===== CARDS (for showing designs/mockups) ===== */
.cards { display: grid; grid-template-columns: repeat(auto-fit, minmax(280px, 1fr)); gap: 1rem; }
.card {
background: var(--bg-secondary);
border: 1px solid var(--border);
border-radius: 12px;
overflow: hidden;
cursor: pointer;
transition: all 0.15s ease;
}
.card:hover { border-color: var(--accent); transform: translateY(-2px); box-shadow: 0 4px 12px rgba(0,0,0,0.1); }
.card.selected { border-color: var(--selected-border); border-width: 2px; }
.card-image { background: var(--bg-tertiary); aspect-ratio: 16/10; display: flex; align-items: center; justify-content: center; }
.card-body { padding: 1rem; }
.card-body h3 { margin-bottom: 0.25rem; }
.card-body p { color: var(--text-secondary); font-size: 0.85rem; }
/* ===== MOCKUP CONTAINER ===== */
.mockup {
background: var(--bg-secondary);
border: 1px solid var(--border);
border-radius: 12px;
overflow: hidden;
margin-bottom: 1.5rem;
}
.mockup-header {
background: var(--bg-tertiary);
padding: 0.5rem 1rem;
font-size: 0.75rem;
color: var(--text-secondary);
border-bottom: 1px solid var(--border);
}
.mockup-body { padding: 1.5rem; }
/* ===== SPLIT VIEW (side-by-side comparison) ===== */
.split { display: grid; grid-template-columns: 1fr 1fr; gap: 1.5rem; }
@media (max-width: 700px) { .split { grid-template-columns: 1fr; } }
/* ===== PROS/CONS ===== */
.pros-cons { display: grid; grid-template-columns: 1fr 1fr; gap: 1rem; margin: 1rem 0; }
.pros, .cons { background: var(--bg-secondary); border-radius: 8px; padding: 1rem; }
.pros h4 { color: var(--success); font-size: 0.85rem; margin-bottom: 0.5rem; }
.cons h4 { color: var(--error); font-size: 0.85rem; margin-bottom: 0.5rem; }
.pros ul, .cons ul { margin-left: 1.25rem; font-size: 0.85rem; color: var(--text-secondary); }
.pros li, .cons li { margin-bottom: 0.25rem; }
/* ===== PLACEHOLDER (for mockup areas) ===== */
.placeholder {
background: var(--bg-tertiary);
border: 2px dashed var(--border);
border-radius: 8px;
padding: 2rem;
text-align: center;
color: var(--text-tertiary);
}
/* ===== INLINE MOCKUP ELEMENTS ===== */
.mock-nav { background: var(--accent); color: white; padding: 0.75rem 1rem; display: flex; gap: 1.5rem; font-size: 0.9rem; }
.mock-sidebar { background: var(--bg-tertiary); padding: 1rem; min-width: 180px; }
.mock-content { padding: 1.5rem; flex: 1; }
.mock-button { background: var(--accent); color: white; border: none; padding: 0.5rem 1rem; border-radius: 6px; font-size: 0.85rem; }
.mock-input { background: var(--bg-primary); border: 1px solid var(--border); border-radius: 6px; padding: 0.5rem; width: 100%; }
</style>
</head>
<body>
<div class="header">
<h1><a href="https://github.com/obra/superpowers" style="color: inherit; text-decoration: none;">Superpowers Brainstorming</a></h1>
<div class="status">Connected</div>
</div>
<div class="main">
<div id="claude-content">
<!-- CONTENT -->
</div>
</div>
<div class="indicator-bar">
<span id="indicator-text">Click an option above, then return to the terminal</span>
</div>
</body>
</html>

88
.qoder/skills/brainstorming/scripts/helper.js
View File

@@ -1,88 +0,0 @@
(function() {
const WS_URL = 'ws://' + window.location.host;
let ws = null;
let eventQueue = [];
function connect() {
ws = new WebSocket(WS_URL);
ws.onopen = () => {
eventQueue.forEach(e => ws.send(JSON.stringify(e)));
eventQueue = [];
};
ws.onmessage = (msg) => {
const data = JSON.parse(msg.data);
if (data.type === 'reload') {
window.location.reload();
}
};
ws.onclose = () => {
setTimeout(connect, 1000);
};
}
function sendEvent(event) {
event.timestamp = Date.now();
if (ws && ws.readyState === WebSocket.OPEN) {
ws.send(JSON.stringify(event));
} else {
eventQueue.push(event);
}
}
// Capture clicks on choice elements
document.addEventListener('click', (e) => {
const target = e.target.closest('[data-choice]');
if (!target) return;
sendEvent({
type: 'click',
text: target.textContent.trim(),
choice: target.dataset.choice,
id: target.id || null
});
// Update indicator bar (defer so toggleSelect runs first)
setTimeout(() => {
const indicator = document.getElementById('indicator-text');
if (!indicator) return;
const container = target.closest('.options') || target.closest('.cards');
const selected = container ? container.querySelectorAll('.selected') : [];
if (selected.length === 0) {
indicator.textContent = 'Click an option above, then return to the terminal';
} else if (selected.length === 1) {
const label = selected[0].querySelector('h3, .content h3, .card-body h3')?.textContent?.trim() || selected[0].dataset.choice;
indicator.innerHTML = '<span class="selected-text">' + label + ' selected</span> — return to terminal to continue';
} else {
indicator.innerHTML = '<span class="selected-text">' + selected.length + ' selected</span> — return to terminal to continue';
}
}, 0);
});
// Frame UI: selection tracking
window.selectedChoice = null;
window.toggleSelect = function(el) {
const container = el.closest('.options') || el.closest('.cards');
const multi = container && container.dataset.multiselect !== undefined;
if (container && !multi) {
container.querySelectorAll('.option, .card').forEach(o => o.classList.remove('selected'));
}
if (multi) {
el.classList.toggle('selected');
} else {
el.classList.add('selected');
}
window.selectedChoice = el.dataset.choice;
};
// Expose API for explicit use
window.brainstorm = {
send: sendEvent,
choice: (value, metadata = {}) => sendEvent({ type: 'choice', value, ...metadata })
};
connect();
})();

354
.qoder/skills/brainstorming/scripts/server.cjs
View File

@@ -1,354 +0,0 @@
const crypto = require('crypto');
const http = require('http');
const fs = require('fs');
const path = require('path');
// ========== WebSocket Protocol (RFC 6455) ==========
const OPCODES = { TEXT: 0x01, CLOSE: 0x08, PING: 0x09, PONG: 0x0A };
const WS_MAGIC = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11';
function computeAcceptKey(clientKey) {
return crypto.createHash('sha1').update(clientKey + WS_MAGIC).digest('base64');
}
function encodeFrame(opcode, payload) {
const fin = 0x80;
const len = payload.length;
let header;
if (len < 126) {
header = Buffer.alloc(2);
header[0] = fin | opcode;
header[1] = len;
} else if (len < 65536) {
header = Buffer.alloc(4);
header[0] = fin | opcode;
header[1] = 126;
header.writeUInt16BE(len, 2);
} else {
header = Buffer.alloc(10);
header[0] = fin | opcode;
header[1] = 127;
header.writeBigUInt64BE(BigInt(len), 2);
}
return Buffer.concat([header, payload]);
}
function decodeFrame(buffer) {
if (buffer.length < 2) return null;
const secondByte = buffer[1];
const opcode = buffer[0] & 0x0F;
const masked = (secondByte & 0x80) !== 0;
let payloadLen = secondByte & 0x7F;
let offset = 2;
if (!masked) throw new Error('Client frames must be masked');
if (payloadLen === 126) {
if (buffer.length < 4) return null;
payloadLen = buffer.readUInt16BE(2);
offset = 4;
} else if (payloadLen === 127) {
if (buffer.length < 10) return null;
payloadLen = Number(buffer.readBigUInt64BE(2));
offset = 10;
}
const maskOffset = offset;
const dataOffset = offset + 4;
const totalLen = dataOffset + payloadLen;
if (buffer.length < totalLen) return null;
const mask = buffer.slice(maskOffset, dataOffset);
const data = Buffer.alloc(payloadLen);
for (let i = 0; i < payloadLen; i++) {
data[i] = buffer[dataOffset + i] ^ mask[i % 4];
}
return { opcode, payload: data, bytesConsumed: totalLen };
}
// ========== Configuration ==========
const PORT = process.env.BRAINSTORM_PORT || (49152 + Math.floor(Math.random() * 16383));
const HOST = process.env.BRAINSTORM_HOST || '127.0.0.1';
const URL_HOST = process.env.BRAINSTORM_URL_HOST || (HOST === '127.0.0.1' ? 'localhost' : HOST);
const SESSION_DIR = process.env.BRAINSTORM_DIR || '/tmp/brainstorm';
const CONTENT_DIR = path.join(SESSION_DIR, 'content');
const STATE_DIR = path.join(SESSION_DIR, 'state');
let ownerPid = process.env.BRAINSTORM_OWNER_PID ? Number(process.env.BRAINSTORM_OWNER_PID) : null;
const MIME_TYPES = {
'.html': 'text/html', '.css': 'text/css', '.js': 'application/javascript',
'.json': 'application/json', '.png': 'image/png', '.jpg': 'image/jpeg',
'.jpeg': 'image/jpeg', '.gif': 'image/gif', '.svg': 'image/svg+xml'
};
// ========== Templates and Constants ==========
const WAITING_PAGE = `<!DOCTYPE html>
<html>
<head><meta charset="utf-8"><title>Brainstorm Companion</title>
<style>body { font-family: system-ui, sans-serif; padding: 2rem; max-width: 800px; margin: 0 auto; }
h1 { color: #333; } p { color: #666; }</style>
</head>
<body><h1>Brainstorm Companion</h1>
<p>Waiting for the agent to push a screen...</p></body></html>`;
const frameTemplate = fs.readFileSync(path.join(__dirname, 'frame-template.html'), 'utf-8');
const helperScript = fs.readFileSync(path.join(__dirname, 'helper.js'), 'utf-8');
const helperInjection = '<script>\n' + helperScript + '\n</script>';
// ========== Helper Functions ==========
function isFullDocument(html) {
const trimmed = html.trimStart().toLowerCase();
return trimmed.startsWith('<!doctype') || trimmed.startsWith('<html');
}
function wrapInFrame(content) {
return frameTemplate.replace('<!-- CONTENT -->', content);
}
function getNewestScreen() {
const files = fs.readdirSync(CONTENT_DIR)
.filter(f => f.endsWith('.html'))
.map(f => {
const fp = path.join(CONTENT_DIR, f);
return { path: fp, mtime: fs.statSync(fp).mtime.getTime() };
})
.sort((a, b) => b.mtime - a.mtime);
return files.length > 0 ? files[0].path : null;
}
// ========== HTTP Request Handler ==========
function handleRequest(req, res) {
touchActivity();
if (req.method === 'GET' && req.url === '/') {
const screenFile = getNewestScreen();
let html = screenFile
? (raw => isFullDocument(raw) ? raw : wrapInFrame(raw))(fs.readFileSync(screenFile, 'utf-8'))
: WAITING_PAGE;
if (html.includes('</body>')) {
html = html.replace('</body>', helperInjection + '\n</body>');
} else {
html += helperInjection;
}
res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
res.end(html);
} else if (req.method === 'GET' && req.url.startsWith('/files/')) {
const fileName = req.url.slice(7);
const filePath = path.join(CONTENT_DIR, path.basename(fileName));
if (!fs.existsSync(filePath)) {
res.writeHead(404);
res.end('Not found');
return;
}
const ext = path.extname(filePath).toLowerCase();
const contentType = MIME_TYPES[ext] || 'application/octet-stream';
res.writeHead(200, { 'Content-Type': contentType });
res.end(fs.readFileSync(filePath));
} else {
res.writeHead(404);
res.end('Not found');
}
}
// ========== WebSocket Connection Handling ==========
const clients = new Set();
function handleUpgrade(req, socket) {
const key = req.headers['sec-websocket-key'];
if (!key) { socket.destroy(); return; }
const accept = computeAcceptKey(key);
socket.write(
'HTTP/1.1 101 Switching Protocols\r\n' +
'Upgrade: websocket\r\n' +
'Connection: Upgrade\r\n' +
'Sec-WebSocket-Accept: ' + accept + '\r\n\r\n'
);
let buffer = Buffer.alloc(0);
clients.add(socket);
socket.on('data', (chunk) => {
buffer = Buffer.concat([buffer, chunk]);
while (buffer.length > 0) {
let result;
try {
result = decodeFrame(buffer);
} catch (e) {
socket.end(encodeFrame(OPCODES.CLOSE, Buffer.alloc(0)));
clients.delete(socket);
return;
}
if (!result) break;
buffer = buffer.slice(result.bytesConsumed);
switch (result.opcode) {
case OPCODES.TEXT:
handleMessage(result.payload.toString());
break;
case OPCODES.CLOSE:
socket.end(encodeFrame(OPCODES.CLOSE, Buffer.alloc(0)));
clients.delete(socket);
return;
case OPCODES.PING:
socket.write(encodeFrame(OPCODES.PONG, result.payload));
break;
case OPCODES.PONG:
break;
default: {
const closeBuf = Buffer.alloc(2);
closeBuf.writeUInt16BE(1003);
socket.end(encodeFrame(OPCODES.CLOSE, closeBuf));
clients.delete(socket);
return;
}
}
}
});
socket.on('close', () => clients.delete(socket));
socket.on('error', () => clients.delete(socket));
}
function handleMessage(text) {
let event;
try {
event = JSON.parse(text);
} catch (e) {
console.error('Failed to parse WebSocket message:', e.message);
return;
}
touchActivity();
console.log(JSON.stringify({ source: 'user-event', ...event }));
if (event.choice) {
const eventsFile = path.join(STATE_DIR, 'events');
fs.appendFileSync(eventsFile, JSON.stringify(event) + '\n');
}
}
function broadcast(msg) {
const frame = encodeFrame(OPCODES.TEXT, Buffer.from(JSON.stringify(msg)));
for (const socket of clients) {
try { socket.write(frame); } catch (e) { clients.delete(socket); }
}
}
// ========== Activity Tracking ==========
const IDLE_TIMEOUT_MS = 30 * 60 * 1000; // 30 minutes
let lastActivity = Date.now();
function touchActivity() {
lastActivity = Date.now();
}
// ========== File Watching ==========
const debounceTimers = new Map();
// ========== Server Startup ==========
function startServer() {
if (!fs.existsSync(CONTENT_DIR)) fs.mkdirSync(CONTENT_DIR, { recursive: true });
if (!fs.existsSync(STATE_DIR)) fs.mkdirSync(STATE_DIR, { recursive: true });
// Track known files to distinguish new screens from updates.
// macOS fs.watch reports 'rename' for both new files and overwrites,
// so we can't rely on eventType alone.
const knownFiles = new Set(
fs.readdirSync(CONTENT_DIR).filter(f => f.endsWith('.html'))
);
const server = http.createServer(handleRequest);
server.on('upgrade', handleUpgrade);
const watcher = fs.watch(CONTENT_DIR, (eventType, filename) => {
if (!filename || !filename.endsWith('.html')) return;
if (debounceTimers.has(filename)) clearTimeout(debounceTimers.get(filename));
debounceTimers.set(filename, setTimeout(() => {
debounceTimers.delete(filename);
const filePath = path.join(CONTENT_DIR, filename);
if (!fs.existsSync(filePath)) return; // file was deleted
touchActivity();
if (!knownFiles.has(filename)) {
knownFiles.add(filename);
const eventsFile = path.join(STATE_DIR, 'events');
if (fs.existsSync(eventsFile)) fs.unlinkSync(eventsFile);
console.log(JSON.stringify({ type: 'screen-added', file: filePath }));
} else {
console.log(JSON.stringify({ type: 'screen-updated', file: filePath }));
}
broadcast({ type: 'reload' });
}, 100));
});
watcher.on('error', (err) => console.error('fs.watch error:', err.message));
function shutdown(reason) {
console.log(JSON.stringify({ type: 'server-stopped', reason }));
const infoFile = path.join(STATE_DIR, 'server-info');
if (fs.existsSync(infoFile)) fs.unlinkSync(infoFile);
fs.writeFileSync(
path.join(STATE_DIR, 'server-stopped'),
JSON.stringify({ reason, timestamp: Date.now() }) + '\n'
);
watcher.close();
clearInterval(lifecycleCheck);
server.close(() => process.exit(0));
}
function ownerAlive() {
if (!ownerPid) return true;
try { process.kill(ownerPid, 0); return true; } catch (e) { return e.code === 'EPERM'; }
}
// Check every 60s: exit if owner process died or idle for 30 minutes
const lifecycleCheck = setInterval(() => {
if (!ownerAlive()) shutdown('owner process exited');
else if (Date.now() - lastActivity > IDLE_TIMEOUT_MS) shutdown('idle timeout');
}, 60 * 1000);
lifecycleCheck.unref();
// Validate owner PID at startup. If it's already dead, the PID resolution
// was wrong (common on WSL, Tailscale SSH, and cross-user scenarios).
// Disable monitoring and rely on the idle timeout instead.
if (ownerPid) {
try { process.kill(ownerPid, 0); }
catch (e) {
if (e.code !== 'EPERM') {
console.log(JSON.stringify({ type: 'owner-pid-invalid', pid: ownerPid, reason: 'dead at startup' }));
ownerPid = null;
}
}
}
server.listen(PORT, HOST, () => {
const info = JSON.stringify({
type: 'server-started', port: Number(PORT), host: HOST,
url_host: URL_HOST, url: 'http://' + URL_HOST + ':' + PORT,
screen_dir: CONTENT_DIR, state_dir: STATE_DIR
});
console.log(info);
fs.writeFileSync(path.join(STATE_DIR, 'server-info'), info + '\n');
});
}
if (require.main === module) {
startServer();
}
module.exports = { computeAcceptKey, encodeFrame, decodeFrame, OPCODES };

148
.qoder/skills/brainstorming/scripts/start-server.sh
View File

@@ -1,148 +0,0 @@
#!/usr/bin/env bash
# Start the brainstorm server and output connection info
# Usage: start-server.sh [--project-dir <path>] [--host <bind-host>] [--url-host <display-host>] [--foreground] [--background]
#
# Starts server on a random high port, outputs JSON with URL.
# Each session gets its own directory to avoid conflicts.
#
# Options:
# --project-dir <path> Store session files under <path>/.superpowers/brainstorm/
# instead of /tmp. Files persist after server stops.
# --host <bind-host> Host/interface to bind (default: 127.0.0.1).
# Use 0.0.0.0 in remote/containerized environments.
# --url-host <host> Hostname shown in returned URL JSON.
# --foreground Run server in the current terminal (no backgrounding).
# --background Force background mode (overrides Codex auto-foreground).
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
# Parse arguments
PROJECT_DIR=""
FOREGROUND="false"
FORCE_BACKGROUND="false"
BIND_HOST="127.0.0.1"
URL_HOST=""
while [[ $# -gt 0 ]]; do
case "$1" in
--project-dir)
PROJECT_DIR="$2"
shift 2
;;
--host)
BIND_HOST="$2"
shift 2
;;
--url-host)
URL_HOST="$2"
shift 2
;;
--foreground|--no-daemon)
FOREGROUND="true"
shift
;;
--background|--daemon)
FORCE_BACKGROUND="true"
shift
;;
*)
echo "{\"error\": \"Unknown argument: $1\"}"
exit 1
;;
esac
done
if [[ -z "$URL_HOST" ]]; then
if [[ "$BIND_HOST" == "127.0.0.1" || "$BIND_HOST" == "localhost" ]]; then
URL_HOST="localhost"
else
URL_HOST="$BIND_HOST"
fi
fi
# Some environments reap detached/background processes. Auto-foreground when detected.
if [[ -n "${CODEX_CI:-}" && "$FOREGROUND" != "true" && "$FORCE_BACKGROUND" != "true" ]]; then
FOREGROUND="true"
fi
# Windows/Git Bash reaps nohup background processes. Auto-foreground when detected.
if [[ "$FOREGROUND" != "true" && "$FORCE_BACKGROUND" != "true" ]]; then
case "${OSTYPE:-}" in
msys*|cygwin*|mingw*) FOREGROUND="true" ;;
esac
if [[ -n "${MSYSTEM:-}" ]]; then
FOREGROUND="true"
fi
fi
# Generate unique session directory
SESSION_ID="$$-$(date +%s)"
if [[ -n "$PROJECT_DIR" ]]; then
SESSION_DIR="${PROJECT_DIR}/.superpowers/brainstorm/${SESSION_ID}"
else
SESSION_DIR="/tmp/brainstorm-${SESSION_ID}"
fi
STATE_DIR="${SESSION_DIR}/state"
PID_FILE="${STATE_DIR}/server.pid"
LOG_FILE="${STATE_DIR}/server.log"
# Create fresh session directory with content and state peers
mkdir -p "${SESSION_DIR}/content" "$STATE_DIR"
# Kill any existing server
if [[ -f "$PID_FILE" ]]; then
old_pid=$(cat "$PID_FILE")
kill "$old_pid" 2>/dev/null
rm -f "$PID_FILE"
fi
cd "$SCRIPT_DIR"
# Resolve the harness PID (grandparent of this script).
# $PPID is the ephemeral shell the harness spawned to run us — it dies
# when this script exits. The harness itself is $PPID's parent.
OWNER_PID="$(ps -o ppid= -p "$PPID" 2>/dev/null | tr -d ' ')"
if [[ -z "$OWNER_PID" || "$OWNER_PID" == "1" ]]; then
OWNER_PID="$PPID"
fi
# Foreground mode for environments that reap detached/background processes.
if [[ "$FOREGROUND" == "true" ]]; then
echo "$$" > "$PID_FILE"
env BRAINSTORM_DIR="$SESSION_DIR" BRAINSTORM_HOST="$BIND_HOST" BRAINSTORM_URL_HOST="$URL_HOST" BRAINSTORM_OWNER_PID="$OWNER_PID" node server.cjs
exit $?
fi
# Start server, capturing output to log file
# Use nohup to survive shell exit; disown to remove from job table
nohup env BRAINSTORM_DIR="$SESSION_DIR" BRAINSTORM_HOST="$BIND_HOST" BRAINSTORM_URL_HOST="$URL_HOST" BRAINSTORM_OWNER_PID="$OWNER_PID" node server.cjs > "$LOG_FILE" 2>&1 &
SERVER_PID=$!
disown "$SERVER_PID" 2>/dev/null
echo "$SERVER_PID" > "$PID_FILE"
# Wait for server-started message (check log file)
for i in {1..50}; do
if grep -q "server-started" "$LOG_FILE" 2>/dev/null; then
# Verify server is still alive after a short window (catches process reapers)
alive="true"
for _ in {1..20}; do
if ! kill -0 "$SERVER_PID" 2>/dev/null; then
alive="false"
break
fi
sleep 0.1
done
if [[ "$alive" != "true" ]]; then
echo "{\"error\": \"Server started but was killed. Retry in a persistent terminal with: $SCRIPT_DIR/start-server.sh${PROJECT_DIR:+ --project-dir $PROJECT_DIR} --host $BIND_HOST --url-host $URL_HOST --foreground\"}"
exit 1
fi
grep "server-started" "$LOG_FILE" | head -1
exit 0
fi
sleep 0.1
done
# Timeout - server didn't start
echo '{"error": "Server failed to start within 5 seconds"}'
exit 1

56
.qoder/skills/brainstorming/scripts/stop-server.sh
View File

@@ -1,56 +0,0 @@
#!/usr/bin/env bash
# Stop the brainstorm server and clean up
# Usage: stop-server.sh <session_dir>
#
# Kills the server process. Only deletes session directory if it's
# under /tmp (ephemeral). Persistent directories (.superpowers/) are
# kept so mockups can be reviewed later.
SESSION_DIR="$1"
if [[ -z "$SESSION_DIR" ]]; then
echo '{"error": "Usage: stop-server.sh <session_dir>"}'
exit 1
fi
STATE_DIR="${SESSION_DIR}/state"
PID_FILE="${STATE_DIR}/server.pid"
if [[ -f "$PID_FILE" ]]; then
pid=$(cat "$PID_FILE")
# Try to stop gracefully, fallback to force if still alive
kill "$pid" 2>/dev/null || true
# Wait for graceful shutdown (up to ~2s)
for i in {1..20}; do
if ! kill -0 "$pid" 2>/dev/null; then
break
fi
sleep 0.1
done
# If still running, escalate to SIGKILL
if kill -0 "$pid" 2>/dev/null; then
kill -9 "$pid" 2>/dev/null || true
# Give SIGKILL a moment to take effect
sleep 0.1
fi
if kill -0 "$pid" 2>/dev/null; then
echo '{"status": "failed", "error": "process still running"}'
exit 1
fi
rm -f "$PID_FILE" "${STATE_DIR}/server.log"
# Only delete ephemeral /tmp directories
if [[ "$SESSION_DIR" == /tmp/* ]]; then
rm -rf "$SESSION_DIR"
fi
echo '{"status": "stopped"}'
else
echo '{"status": "not_running"}'
fi

49
.qoder/skills/brainstorming/spec-document-reviewer-prompt.md
View File

@@ -1,49 +0,0 @@
# Spec Document Reviewer Prompt Template
Use this template when dispatching a spec document reviewer subagent.
**Purpose:** Verify the spec is complete, consistent, and ready for implementation planning.
**Dispatch after:** Spec document is written to docs/superpowers/specs/
```
Task tool (general-purpose):
description: "Review spec document"
prompt: |
You are a spec document reviewer. Verify this spec is complete and ready for planning.
**Spec to review:** [SPEC_FILE_PATH]
## What to Check
| Category | What to Look For |
|----------|------------------|
| Completeness | TODOs, placeholders, "TBD", incomplete sections |
| Consistency | Internal contradictions, conflicting requirements |
| Clarity | Requirements ambiguous enough to cause someone to build the wrong thing |
| Scope | Focused enough for a single plan — not covering multiple independent subsystems |
| YAGNI | Unrequested features, over-engineering |
## Calibration
**Only flag issues that would cause real problems during implementation planning.**
A missing section, a contradiction, or a requirement so ambiguous it could be
interpreted two different ways — those are issues. Minor wording improvements,
stylistic preferences, and "sections less detailed than others" are not.
Approve unless there are serious gaps that would lead to a flawed plan.
## Output Format
## Spec Review
**Status:** Approved | Issues Found
**Issues (if any):**
- [Section X]: [specific issue] - [why it matters for planning]
**Recommendations (advisory, do not block approval):**
- [suggestions for improvement]
```
**Reviewer returns:** Status, Issues (if any), Recommendations

287
.qoder/skills/brainstorming/visual-companion.md
View File

@@ -1,287 +0,0 @@
# Visual Companion Guide
Browser-based visual brainstorming companion for showing mockups, diagrams, and options.
## When to Use
Decide per-question, not per-session. The test: **would the user understand this better by seeing it than reading it?**
**Use the browser** when the content itself is visual:
- **UI mockups** — wireframes, layouts, navigation structures, component designs
- **Architecture diagrams** — system components, data flow, relationship maps
- **Side-by-side visual comparisons** — comparing two layouts, two color schemes, two design directions
- **Design polish** — when the question is about look and feel, spacing, visual hierarchy
- **Spatial relationships** — state machines, flowcharts, entity relationships rendered as diagrams
**Use the terminal** when the content is text or tabular:
- **Requirements and scope questions** — "what does X mean?", "which features are in scope?"
- **Conceptual A/B/C choices** — picking between approaches described in words
- **Tradeoff lists** — pros/cons, comparison tables
- **Technical decisions** — API design, data modeling, architectural approach selection
- **Clarifying questions** — anything where the answer is words, not a visual preference
A question *about* a UI topic is not automatically a visual question. "What kind of wizard do you want?" is conceptual — use the terminal. "Which of these wizard layouts feels right?" is visual — use the browser.
## How It Works
The server watches a directory for HTML files and serves the newest one to the browser. You write HTML content to `screen_dir`, the user sees it in their browser and can click to select options. Selections are recorded to `state_dir/events` that you read on your next turn.
**Content fragments vs full documents:** If your HTML file starts with `<!DOCTYPE` or `<html`, the server serves it as-is (just injects the helper script). Otherwise, the server automatically wraps your content in the frame template — adding the header, CSS theme, selection indicator, and all interactive infrastructure. **Write content fragments by default.** Only write full documents when you need complete control over the page.
## Starting a Session
```bash
# Start server with persistence (mockups saved to project)
scripts/start-server.sh --project-dir /path/to/project
# Returns: {"type":"server-started","port":52341,"url":"http://localhost:52341",
# "screen_dir":"/path/to/project/.superpowers/brainstorm/12345-1706000000/content",
# "state_dir":"/path/to/project/.superpowers/brainstorm/12345-1706000000/state"}
```
Save `screen_dir` and `state_dir` from the response. Tell user to open the URL.
**Finding connection info:** The server writes its startup JSON to `$STATE_DIR/server-info`. If you launched the server in the background and didn't capture stdout, read that file to get the URL and port. When using `--project-dir`, check `<project>/.superpowers/brainstorm/` for the session directory.
**Note:** Pass the project root as `--project-dir` so mockups persist in `.superpowers/brainstorm/` and survive server restarts. Without it, files go to `/tmp` and get cleaned up. Remind the user to add `.superpowers/` to `.gitignore` if it's not already there.
**Launching the server by platform:**
**Claude Code (macOS / Linux):**
```bash
# Default mode works — the script backgrounds the server itself
scripts/start-server.sh --project-dir /path/to/project
```
**Claude Code (Windows):**
```bash
# Windows auto-detects and uses foreground mode, which blocks the tool call.
# Use run_in_background: true on the Bash tool call so the server survives
# across conversation turns.
scripts/start-server.sh --project-dir /path/to/project
```
When calling this via the Bash tool, set `run_in_background: true`. Then read `$STATE_DIR/server-info` on the next turn to get the URL and port.
**Codex:**
```bash
# Codex reaps background processes. The script auto-detects CODEX_CI and
# switches to foreground mode. Run it normally — no extra flags needed.
scripts/start-server.sh --project-dir /path/to/project
```
**Gemini CLI:**
```bash
# Use --foreground and set is_background: true on your shell tool call
# so the process survives across turns
scripts/start-server.sh --project-dir /path/to/project --foreground
```
**Other environments:** The server must keep running in the background across conversation turns. If your environment reaps detached processes, use `--foreground` and launch the command with your platform's background execution mechanism.
If the URL is unreachable from your browser (common in remote/containerized setups), bind a non-loopback host:
```bash
scripts/start-server.sh \
--project-dir /path/to/project \
--host 0.0.0.0 \
--url-host localhost
```
Use `--url-host` to control what hostname is printed in the returned URL JSON.
## The Loop
1. **Check server is alive**, then **write HTML** to a new file in `screen_dir`:
- Before each write, check that `$STATE_DIR/server-info` exists. If it doesn't (or `$STATE_DIR/server-stopped` exists), the server has shut down — restart it with `start-server.sh` before continuing. The server auto-exits after 30 minutes of inactivity.
- Use semantic filenames: `platform.html`, `visual-style.html`, `layout.html`
- **Never reuse filenames** — each screen gets a fresh file
- Use Write tool — **never use cat/heredoc** (dumps noise into terminal)
- Server automatically serves the newest file
2. **Tell user what to expect and end your turn:**
- Remind them of the URL (every step, not just first)
- Give a brief text summary of what's on screen (e.g., "Showing 3 layout options for the homepage")
- Ask them to respond in the terminal: "Take a look and let me know what you think. Click to select an option if you'd like."
3. **On your next turn** — after the user responds in the terminal:
- Read `$STATE_DIR/events` if it exists — this contains the user's browser interactions (clicks, selections) as JSON lines
- Merge with the user's terminal text to get the full picture
- The terminal message is the primary feedback; `state_dir/events` provides structured interaction data
4. **Iterate or advance** — if feedback changes current screen, write a new file (e.g., `layout-v2.html`). Only move to the next question when the current step is validated.
5. **Unload when returning to terminal** — when the next step doesn't need the browser (e.g., a clarifying question, a tradeoff discussion), push a waiting screen to clear the stale content:
```html
<!-- filename: waiting.html (or waiting-2.html, etc.) -->
<div style="display:flex;align-items:center;justify-content:center;min-height:60vh">
<p class="subtitle">Continuing in terminal...</p>
</div>
```
This prevents the user from staring at a resolved choice while the conversation has moved on. When the next visual question comes up, push a new content file as usual.
6. Repeat until done.
## Writing Content Fragments
Write just the content that goes inside the page. The server wraps it in the frame template automatically (header, theme CSS, selection indicator, and all interactive infrastructure).
**Minimal example:**
```html
<h2>Which layout works better?</h2>
<p class="subtitle">Consider readability and visual hierarchy</p>
<div class="options">
<div class="option" data-choice="a" onclick="toggleSelect(this)">
<div class="letter">A</div>
<div class="content">
<h3>Single Column</h3>
<p>Clean, focused reading experience</p>
</div>
</div>
<div class="option" data-choice="b" onclick="toggleSelect(this)">
<div class="letter">B</div>
<div class="content">
<h3>Two Column</h3>
<p>Sidebar navigation with main content</p>
</div>
</div>
</div>
```
That's it. No `<html>`, no CSS, no `<script>` tags needed. The server provides all of that.
## CSS Classes Available
The frame template provides these CSS classes for your content:
### Options (A/B/C choices)
```html
<div class="options">
<div class="option" data-choice="a" onclick="toggleSelect(this)">
<div class="letter">A</div>
<div class="content">
<h3>Title</h3>
<p>Description</p>
</div>
</div>
</div>
```
**Multi-select:** Add `data-multiselect` to the container to let users select multiple options. Each click toggles the item. The indicator bar shows the count.
```html
<div class="options" data-multiselect>
<!-- same option markup — users can select/deselect multiple -->
</div>
```
### Cards (visual designs)
```html
<div class="cards">
<div class="card" data-choice="design1" onclick="toggleSelect(this)">
<div class="card-image"><!-- mockup content --></div>
<div class="card-body">
<h3>Name</h3>
<p>Description</p>
</div>
</div>
</div>
```
### Mockup container
```html
<div class="mockup">
<div class="mockup-header">Preview: Dashboard Layout</div>
<div class="mockup-body"><!-- your mockup HTML --></div>
</div>
```
### Split view (side-by-side)
```html
<div class="split">
<div class="mockup"><!-- left --></div>
<div class="mockup"><!-- right --></div>
</div>
```
### Pros/Cons
```html
<div class="pros-cons">
<div class="pros"><h4>Pros</h4><ul><li>Benefit</li></ul></div>
<div class="cons"><h4>Cons</h4><ul><li>Drawback</li></ul></div>
</div>
```
### Mock elements (wireframe building blocks)
```html
<div class="mock-nav">Logo | Home | About | Contact</div>
<div style="display: flex;">
<div class="mock-sidebar">Navigation</div>
<div class="mock-content">Main content area</div>
</div>
<button class="mock-button">Action Button</button>
<input class="mock-input" placeholder="Input field">
<div class="placeholder">Placeholder area</div>
```
### Typography and sections
- `h2` — page title
- `h3` — section heading
- `.subtitle` — secondary text below title
- `.section` — content block with bottom margin
- `.label` — small uppercase label text
## Browser Events Format
When the user clicks options in the browser, their interactions are recorded to `$STATE_DIR/events` (one JSON object per line). The file is cleared automatically when you push a new screen.
```jsonl
{"type":"click","choice":"a","text":"Option A - Simple Layout","timestamp":1706000101}
{"type":"click","choice":"c","text":"Option C - Complex Grid","timestamp":1706000108}
{"type":"click","choice":"b","text":"Option B - Hybrid","timestamp":1706000115}
```
The full event stream shows the user's exploration path — they may click multiple options before settling. The last `choice` event is typically the final selection, but the pattern of clicks can reveal hesitation or preferences worth asking about.
If `$STATE_DIR/events` doesn't exist, the user didn't interact with the browser — use only their terminal text.
## Design Tips
- **Scale fidelity to the question** — wireframes for layout, polish for polish questions
- **Explain the question on each page** — "Which layout feels more professional?" not just "Pick one"
- **Iterate before advancing** — if feedback changes current screen, write a new version
- **2-4 options max** per screen
- **Use real content when it matters** — for a photography portfolio, use actual images (Unsplash). Placeholder content obscures design issues.
- **Keep mockups simple** — focus on layout and structure, not pixel-perfect design
## File Naming
- Use semantic names: `platform.html`, `visual-style.html`, `layout.html`
- Never reuse filenames — each screen must be a new file
- For iterations: append version suffix like `layout-v2.html`, `layout-v3.html`
- Server serves newest file by modification time
## Cleaning Up
```bash
scripts/stop-server.sh $SESSION_DIR
```
If the session used `--project-dir`, mockup files persist in `.superpowers/brainstorm/` for later reference. Only `/tmp` sessions get deleted on stop.
## Reference
- Frame template (CSS reference): `scripts/frame-template.html`
- Helper script (client-side): `scripts/helper.js`

210
.qoder/skills/bug-driven-testing/SKILL.md
View File

@@ -1,210 +0,0 @@
---
name: bug-driven-testing
description: Write tests before fixing bugs. Each bug fix must have corresponding Playwright/E2E test cases that verify the fix and prevent regression. Use when fixing bugs, verifying fixes, or setting up regression test suites.
---
# Bug-Driven Testing (BDT) 方法论
> **核心原则:先写测试,再修 Bug。测试是修复的契约不是修复的附庸。**
## 一、为什么需要 BDT
传统 AI 修 Bug 的问题:
1. 修完不测 → 不知道修没修好
2. 测了但用例不对 → 测了等于没测
3. 修了 A 坏了 B → 没有回归保护
4. 测试和修复脱节 → 无法追溯
BDT 解决:**每个 Bug 有专属测试用例,修复前生成,修复后验证,形成闭环。**
## 二、BDT 工作流6 步)
```
Step 1: Bug 分析 → 提取测试场景
Step 2: 测试设计 → 生成 Playwright 用例
Step 3: 基线测试 → 确认 Bug 存在(应失败)
Step 4: 修复代码 → 解决根因
Step 5: 回归测试 → 确认修复有效(应通过)
Step 6: 扩展测试 → 检查是否引入新问题
```
### Step 1: Bug 分析 — 提取测试场景
从禅道 Bug 信息中提取 **5 要素**
| 要素 | 来源 | 用途 |
|------|------|------|
| **模块** | 标题 + module | 确定测试页面和路由 |
| **操作路径** | 复现步骤 | 生成操作序列 |
| **期望结果** | 期望结果字段 | 生成断言 |
| **实际结果** | 实际结果字段 | 确认 Bug 存在 |
| **关联页面** | 标题关键词 | 定位测试目标元素 |
**关键词 → 模块映射表:**
```
门诊医生/诊前/挂号 → /doctorstation
住院医生/医嘱/医嘱录入 → /inpatientDoctor
住院护士/补费/发退药 → /inpatientNurse
分诊/排队/候诊 → /triageandqueuemanage
挂号/预约/签到 → /registration
手术/计费 → /operatingroom
诊断/中医 → /inpatientDoctor
病历/EMR → /doctorstation
目录/诊疗 → /catalog
药房/发药/库存 → /pharmacy
```
**操作路径 → Playwright 动作映射:**
```
"点击 XXX 按钮" → page.click('button:has-text("XXX")')
"选择 XXX" → page.selectOption / page.click('.el-option')
"输入 XXX" → page.fill('input', 'XXX')
"查看列表" → page.waitForLoadState('networkidle')
"弹窗确认" → page.click('.el-message-box button:has-text("确定")')
"检查报错" → expect(page.locator('.el-message--error')).toBeVisible()
"检查显示" → expect(page.locator('目标元素')).toBeVisible()
```
### Step 2: 测试设计 — 生成 Playwright 用例
**每个 Bug 测试用例的结构:**
```typescript
test.describe('🐛 Bug#N 模块名', () => {
// beforeEach: 登录 + 导航到目标页面
test('#N 标题 @bugN @regression', async ({ page }) => {
// 1. 导航到目标页面
// 2. 执行复现步骤(操作路径)
// 3. 断言期望结果
// 4. 检查无 JS 错误
// 5. 截图记录
});
});
```
**测试用例的 7 种检查模式:**
| # | 模式 | 适用场景 | Playwright 写法 |
|---|------|---------|----------------|
| 1 | **页面加载** | 所有 Bug | `expect(page).not.toHaveURL(/.*login.*/)` |
| 2 | **元素可见** | 显示/缺失类 | `expect(locator).toBeVisible()` |
| 3 | **元素可交互** | 按钮/弹窗类 | `await locator.click()` + 等待响应 |
| 4 | **数据正确** | 列表/回显类 | `expect(locator).toHaveText()` |
| 5 | **无报错** | 所有 Bug | `page.on('pageerror')` + `expect(jsErrors).toEqual([])` |
| 6 | **流程完整** | 交互流程类 | 多步骤操作链 + 每步断言 |
| 7 | **状态变更** | 退回/审核类 | 操作前状态 vs 操作后状态对比 |
### Step 3: 基线测试 — 确认 Bug 存在
修复前运行测试,**预期应该失败**,证明 Bug 确实存在:
```bash
npx playwright test --grep @bugN --reporter=line
# 预期: FAIL (证明 Bug 存在)
```
如果基线测试通过了:
- 可能 Bug 已被之前的修复解决 → 检查 develop 分支
- 可能测试用例设计不正确 → 重新分析 Bug
- 可能环境问题 → 检查 dev server / 数据库
### Step 4: 修复代码
按照 Harness Engineering 方法论修复:
1. 全链路 6 环分析
2. 一次只修一个 Bug
3. 只动必要文件
### Step 5: 回归测试 — 确认修复有效
修复后运行测试,**预期应该通过**
```bash
npx playwright test --grep @bugN --reporter=line
# 预期: PASS (证明修复有效)
```
### Step 6: 扩展测试 — 检查回归
运行相邻模块的测试,检查是否引入新问题:
```bash
npx playwright test --grep @regression --reporter=line
# 预期: 全部 PASS
```
## 三、测试用例生成规则
### 从 Bug 标题推断检查项
| 标题关键词 | 生成的检查项 |
|-----------|-------------|
| 报错/错误/异常 | 检查页面无 JS 错误 + 控制台无报错 |
| 显示/缺失/不规范 | 检查元素正确显示 + 数据完整性 |
| 弹窗/弹框 | 检查弹窗正常弹出 + 内容正确 |
| 保存/提交/写入 | 检查保存操作成功 + 数据持久化 |
| 列表/查询 | 检查列表数据加载 + 分页功能 |
| 按钮/操作 | 检查按钮可点击 + 操作响应 |
| 下拉/选择/字典 | 检查下拉选项加载 + 选项值正确 |
| 退回/撤回/取消 | 检查退回流程 + 状态变更 |
### 从复现步骤生成操作序列
```
复现步骤: "1. 登录 → 2. 进入住院医生站 → 3. 点击医嘱录入 → 4. 保存"
生成代码:
await page.goto('/inpatientDoctor');
await page.click('button:has-text("医嘱录入")');
await page.click('button:has-text("保存")');
```
## 四、质量标准
**好的 Bug 测试用例:**
- ✅ 有 `@bug{N}` 标签(可单独运行)
- ✅ 有 `@regression` 标签(回归测试套件)
- ✅ 操作路径来自禅道复现步骤
- ✅ 断言覆盖期望结果
- ✅ 检查无 JS 错误
- ✅ 有截图记录
- ✅ 独立运行(不依赖其他测试)
**坏的 Bug 测试用例:**
- ❌ 只检查页面加载(太弱)
- ❌ 没有断言(只操作不断言)
- ❌ 依赖特定数据(硬编码)
- ❌ 超时设置过短
## 五、与 Agent 工作流集成
```
Agent 收到 Bug
├→ Step 1: 读取禅道 Bug 详情(标题/步骤/截图)
├→ Step 2: 生成 Playwright 测试用例(自动生成 spec 文件)
├→ Step 3: 运行基线测试(应失败)
│ └→ 如果通过 → 检查 develop 是否已修复
├→ Step 4: 修复代码(全链路 6 环)
├→ Step 5: 运行回归测试(应通过)
│ └→ 如果失败 → 分析失败原因 → 返回 Step 4
└→ Step 6: 提交代码 + 推远程 + 更新禅道
```
## 六、CLI 命令速查
```bash
# 生成测试用例
bash tests/e2e/utils/generate-bug-test.sh <bug_id> "<bug_title>"
# 运行单个 Bug 测试
npx playwright test --grep @bug630
# 运行全部回归测试
npx playwright test --grep @regression
# 查看测试报告
npx playwright show-report tests/e2e/report
```

73
.qoder/skills/check-status/SKILL.md
View File

@@ -1,73 +0,0 @@
---
name: check-status
description: Show current code status including uncommitted changes, test health, and build state. Use to get a quick overview before starting work or before committing.
---
Show a comprehensive status report of the HealthLink-HIS codebase:
## 1. Git status
```bash
git status
git log --oneline -5
```
## 2. Uncommitted changes
```bash
git diff --stat
git diff --name-only
```
## 3. Backend health (quick check)
```bash
cd healthlink-his-server
mvn clean compile -DskipTests -q
echo "Backend compile: $?"
```
## 4. Frontend health (quick check)
```bash
cd healthlink-his-ui
npm run build:dev --silent 2>&1 | tail -5
npm run lint --silent 2>&1 | tail -10
```
## 5. Test status
```bash
# Backend: check if tests exist for modified files
git diff --name-only | grep -E "\.java$" | while read f; do
test_file=$(echo "$f" | sed 's/src\/main/src\/test/' | sed 's/\.java$/Test\.java/')
if [ -f "$test_file" ]; then
echo "✓ Test exists: $test_file"
else
echo "⚠ No test: $f"
fi
done
# Frontend: check test coverage
cd healthlink-his-ui
npm run test:run -- --reporter=basic 2>&1 | grep -E "(PASS|FAIL|Tests|Coverage)"
```
## Report format:
```
=== Git Status ===
Branch: develop
Uncommitted: X files
Last commit: abc1234 (message)
=== Backend ===
Compile: ✓/✗
Modified files: X
Tests missing: Y
=== Frontend ===
Build: ✓/✗
Lint: ✓/✗ (X warnings, Y errors)
Tests: X passed, Y failed
=== Ready to commit? ===
✓/✗ (list blockers if any)
```
## Iron Law 3 reminder:
"编译 + 测试全部通过后才能 git commit"

84
.qoder/skills/closed-loop-testing/SKILL.md
View File

@@ -1,84 +0,0 @@
---
name: closed-loop-testing
description: Quality gates, test automation, and feedback loops for AI-generated code. Use when generating tests, running validation pipelines, setting up quality gates, or implementing auto-fix loops for test failures. Covers L1-L5 quality gates, mutation testing, coverage strategies, and failure analysis.
---
# 闭环测试 — 质量门禁与反馈循环
> 没有门禁的 Agent 是不受控的。每层门禁捕获特定类型的问题。
## 🚪 五层质量门禁
| 门禁 | 时间 | 范围 | 失败处理 |
|---|---|---|---|
| **L1 编译检查** | <30 | 语法类型导入 | Agent 自行修复 |
| **L2 静态分析** | <2 分钟 | 代码风格复杂度安全 | Agent 修复 |
| **L3 单元测试** | <5 分钟 | 功能正确性边界条件 | 自动修复或上报 |
| **L4 集成测试** | <15 分钟 | 模块间交互数据流 | 上报人工 |
| **L5 生产验证** | 持续 | 监控告警性能 | 自动回滚 |
## 🔄 反馈循环机制
```
测试失败
→ 分析失败原因(编译/逻辑/边界/依赖)
→ 提取可行动的反馈(文件:行号:错误类型:修复方向)
→ Agent 修复
→ 重测
→ 若持续失败3次→ 上报人类
```
### 反馈格式规范
```
文件路径:行号 错误类型 错误描述 | 修复建议
示例:
src/payment/applepay_processor.py:42 TypeError amount must be int | 添加类型转换 str → int
```
## 🧪 测试生成策略
### 策略优先级
1. **边界值分析** 测试空值越界特殊值
2. **等价类划分** 覆盖每个分支路径
3. **错误猜测** 基于经验预测常见错误
4. **组合测试** 参数组合爆炸场景
### 覆盖率目标
```yaml
unit_test_coverage: 90% # 行覆盖率
mutation_score: 80% # 变异测试通过率
branch_coverage: 85% # 分支覆盖率
```
## 📊 失败原因分析(基于项目数据)
| 类型 | 占比 | 典型表现 | 捕获门禁 |
|---|---|---|---|
| 架构错误 | 35% | 接口不匹配依赖错乱 | L1 编译 |
| 业务逻辑 | 25% | 条件判断错误数据流断裂 | L3 单元测试 |
| 创造性偏差 | 20% | 过度设计不必要的抽象 | L3 + L5 |
| Debug 残留 | 15% | print临时变量未清理 | L2 静态分析 |
| 其他 | 5% | 环境工具问题 | L5 |
## ⚙️ 本项目测试命令
```bash
# L1 编译检查Java
cd /root/.openclaw/workspace/his-repo/openhis-server-new
mvn compile -pl openhis-application -am
# L1 语法检查Python
python3 -c "import py_compile; py_compile.compile('strategy.py', doraise=True)"
# L2 全链路验证
# 检查 AGENTS.md 中的铁律清单:录入 → 保存 → 查询 → 修改 → 删除 → 关联
```
## ⚠️ 常见陷阱
| 陷阱 | 表现 | 解决 |
|---|---|---|
| 测试滞后 | Agent 写完代码再补测试 | 测试先行或并行生成 |
| 覆盖幻觉 | 覆盖率数字达标但逻辑没测 | 引入变异测试 |
| 反馈过载 | 同时报太多错误 | 按优先级逐层暴露 |
| Mock 泛滥 | 过度 Mock 导致测试失真 | 优先写集成测试 |

3
.qoder/skills/closed-loop-testing/agents/openai.yaml
View File

@@ -1,3 +0,0 @@
interface:
display_name: "Closed Loop Testing"
short_description: "Part of Harness Engineering plugin — closed-loop-testing"

113
.qoder/skills/constraint-design/SKILL.md
View File

@@ -1,113 +0,0 @@
---
name: constraint-design
description: Design patterns for writing effective Agent constraints. Use when defining rules, policies, or guardrails for AI code generation. Covers constraint types (architectural/code quality/security/business), DSL patterns, conflict resolution, and progressive trust scaling.
---
# 约束设计 — 让 Agent 在边界内发挥
> 好的约束不是束缚,是护栏。它让 Agent 在安全区域内自由发挥。
## 📐 四类约束
### 1. 架构约束
定义系统结构和组件关系:
```yaml
architecture:
required_interface: "PaymentProcessor" # 必须实现
file_location: "src/payment/" # 文件位置
naming_convention: "{name}_processor.py"
forbidden_patterns:
- "god_class" # 禁止上帝类
- "circular_dep" # 禁止循环依赖
```
### 2. 代码质量约束
定义代码质量和风格标准:
```yaml
code_quality:
max_complexity: 10 # 圈复杂度上限
max_line_length: 120 # Java / 100Vue
type_hints: "required" # 必须类型提示
docstrings: "public_only" # 公共方法需要文档
test_coverage: 90 # 覆盖率目标
```
### 3. 安全约束
防止 Agent 引入安全隐患:
```yaml
security:
no_hardcoded_secrets: true
use_vault_for_credentials: true
input_sanitization: "strict"
forbidden_functions:
- "eval()"
- "exec()"
```
### 4. 业务规则
领域特定的约束:
```yaml
business:
data_flow: "full_chain" # 必须走通全链路
soft_delete: true # 软删除机制
audit_log: true # 操作审计
```
## 🎯 约束设计原则
### 原则 1可验证
每条约束必须能被自动化检查:
```
✅ "代码覆盖率 > 90%" — 可用 pytest-cov 验证
❌ "代码质量要高" — 无法验证
```
### 原则 2无歧义
约束必须精确,不留解读空间:
```
✅ "每函数不超过 50 行"
❌ "函数不要太长"
```
### 原则 3优先级排序
约束冲突时按优先级裁决:
```
安全(1) > 架构(2) > 业务(3) > 质量(4) > 性能(5)
```
### 原则 4渐进增强
从最少的约束开始,按需增加:
```
L1: 编译通过
L2: + 类型提示 + 命名规范
L3: + 测试覆盖 + 复杂度限制
L4: + 安全扫描 + 架构合规
```
## 🔧 约束 DSL 模式
### 声明式(推荐)
```yaml
constraint:
type: "must" | "must_not" | "should" | "may"
scope: "file" | "class" | "method" | "project"
rule: "具体规则"
verification: "如何验证"
```
### 命令式(脚本)
```python
# validate_constraints.py
def check_naming(file_path):
if not file_path.endswith("_processor.py"):
raise Violation("命名不规范")
```
## ⚠️ 常见陷阱
| 陷阱 | 表现 | 解决 |
|---|---|---|
| 过度约束 | Agent 无法完成任务 | 从最小约束集开始 |
| 约束冲突 | 约束 A 要求 X约束 B 禁止 X | 建立优先级链 |
| 无法验证 | 约束定义模糊,无法自动化检查 | 每条约束都必须可验证 |
| 静态不变 | 项目演进后约束过时 | 定期复审约束集 |

3
.qoder/skills/constraint-design/agents/openai.yaml
View File

@@ -1,3 +0,0 @@
interface:
display_name: "Constraint Design"
short_description: "Part of Harness Engineering plugin — constraint-design"

182
.qoder/skills/dispatching-parallel-agents/SKILL.md
View File

@@ -1,182 +0,0 @@
---
name: dispatching-parallel-agents
description: Use when facing 2+ independent tasks that can be worked on without shared state or sequential dependencies
---
# Dispatching Parallel Agents
## Overview
You delegate tasks to specialized agents with isolated context. By precisely crafting their instructions and context, you ensure they stay focused and succeed at their task. They should never inherit your session's context or history — you construct exactly what they need. This also preserves your own context for coordination work.
When you have multiple unrelated failures (different test files, different subsystems, different bugs), investigating them sequentially wastes time. Each investigation is independent and can happen in parallel.
**Core principle:** Dispatch one agent per independent problem domain. Let them work concurrently.
## When to Use
```dot
digraph when_to_use {
"Multiple failures?" [shape=diamond];
"Are they independent?" [shape=diamond];
"Single agent investigates all" [shape=box];
"One agent per problem domain" [shape=box];
"Can they work in parallel?" [shape=diamond];
"Sequential agents" [shape=box];
"Parallel dispatch" [shape=box];
"Multiple failures?" -> "Are they independent?" [label="yes"];
"Are they independent?" -> "Single agent investigates all" [label="no - related"];
"Are they independent?" -> "Can they work in parallel?" [label="yes"];
"Can they work in parallel?" -> "Parallel dispatch" [label="yes"];
"Can they work in parallel?" -> "Sequential agents" [label="no - shared state"];
}
```
**Use when:**
- 3+ test files failing with different root causes
- Multiple subsystems broken independently
- Each problem can be understood without context from others
- No shared state between investigations
**Don't use when:**
- Failures are related (fix one might fix others)
- Need to understand full system state
- Agents would interfere with each other
## The Pattern
### 1. Identify Independent Domains
Group failures by what's broken:
- File A tests: Tool approval flow
- File B tests: Batch completion behavior
- File C tests: Abort functionality
Each domain is independent - fixing tool approval doesn't affect abort tests.
### 2. Create Focused Agent Tasks
Each agent gets:
- **Specific scope:** One test file or subsystem
- **Clear goal:** Make these tests pass
- **Constraints:** Don't change other code
- **Expected output:** Summary of what you found and fixed
### 3. Dispatch in Parallel
```typescript
// In Claude Code / AI environment
Task("Fix agent-tool-abort.test.ts failures")
Task("Fix batch-completion-behavior.test.ts failures")
Task("Fix tool-approval-race-conditions.test.ts failures")
// All three run concurrently
```
### 4. Review and Integrate
When agents return:
- Read each summary
- Verify fixes don't conflict
- Run full test suite
- Integrate all changes
## Agent Prompt Structure
Good agent prompts are:
1. **Focused** - One clear problem domain
2. **Self-contained** - All context needed to understand the problem
3. **Specific about output** - What should the agent return?
```markdown
Fix the 3 failing tests in src/agents/agent-tool-abort.test.ts:
1. "should abort tool with partial output capture" - expects 'interrupted at' in message
2. "should handle mixed completed and aborted tools" - fast tool aborted instead of completed
3. "should properly track pendingToolCount" - expects 3 results but gets 0
These are timing/race condition issues. Your task:
1. Read the test file and understand what each test verifies
2. Identify root cause - timing issues or actual bugs?
3. Fix by:
- Replacing arbitrary timeouts with event-based waiting
- Fixing bugs in abort implementation if found
- Adjusting test expectations if testing changed behavior
Do NOT just increase timeouts - find the real issue.
Return: Summary of what you found and what you fixed.
```
## Common Mistakes
**❌ Too broad:** "Fix all the tests" - agent gets lost
**✅ Specific:** "Fix agent-tool-abort.test.ts" - focused scope
**❌ No context:** "Fix the race condition" - agent doesn't know where
**✅ Context:** Paste the error messages and test names
**❌ No constraints:** Agent might refactor everything
**✅ Constraints:** "Do NOT change production code" or "Fix tests only"
**❌ Vague output:** "Fix it" - you don't know what changed
**✅ Specific:** "Return summary of root cause and changes"
## When NOT to Use
**Related failures:** Fixing one might fix others - investigate together first
**Need full context:** Understanding requires seeing entire system
**Exploratory debugging:** You don't know what's broken yet
**Shared state:** Agents would interfere (editing same files, using same resources)
## Real Example from Session
**Scenario:** 6 test failures across 3 files after major refactoring
**Failures:**
- agent-tool-abort.test.ts: 3 failures (timing issues)
- batch-completion-behavior.test.ts: 2 failures (tools not executing)
- tool-approval-race-conditions.test.ts: 1 failure (execution count = 0)
**Decision:** Independent domains - abort logic separate from batch completion separate from race conditions
**Dispatch:**
```
Agent 1 → Fix agent-tool-abort.test.ts
Agent 2 → Fix batch-completion-behavior.test.ts
Agent 3 → Fix tool-approval-race-conditions.test.ts
```
**Results:**
- Agent 1: Replaced timeouts with event-based waiting
- Agent 2: Fixed event structure bug (threadId in wrong place)
- Agent 3: Added wait for async tool execution to complete
**Integration:** All fixes independent, no conflicts, full suite green
**Time saved:** 3 problems solved in parallel vs sequentially
## Key Benefits
1. **Parallelization** - Multiple investigations happen simultaneously
2. **Focus** - Each agent has narrow scope, less context to track
3. **Independence** - Agents don't interfere with each other
4. **Speed** - 3 problems solved in time of 1
## Verification
After agents return:
1. **Review each summary** - Understand what changed
2. **Check for conflicts** - Did agents edit same code?
3. **Run full suite** - Verify all fixes work together
4. **Spot check** - Agents can make systematic errors
## Real-World Impact
From debugging session (2025-10-03):
- 6 failures across 3 files
- 3 agents dispatched in parallel
- All investigations completed concurrently
- All fixes integrated successfully
- Zero conflicts between agent changes

119
.qoder/skills/durable-execution/SKILL.md
View File

@@ -1,119 +0,0 @@
---
name: durable-execution
description: Checkpoint management and state persistence for long-running agents. Use when executing tasks that span multiple steps, need failure recovery, or require idempotent operations. Covers checkpoint strategy, state management layers, event sourcing, and recovery patterns.
---
# 持久化执行 — 检查点与状态管理
> 可靠是规模化的前提。每个长时任务都必须有可恢复的检查点。
## 🎯 何时使用
- 任务预计超过 5 个步骤
- 任务涉及文件修改(需要回滚能力)
- 任务依赖外部服务/API
- 任务需要在中断后恢复
## 📦 三层状态管理
| 层级 | 内容 | 本项目的实现 |
|---|---|---|
| **系统层** | 工作流 ID、超时、重试配置 | update_plan 记录任务 ID 和进度 |
| **执行层** | 当前活动、执行进度、等待事件 | checklist_write 分步骤记录 |
| **业务层** | 已完成工作、中间产物 | git diff + 编译结果作为验证 |
## 🔄 检查点策略
### 触发时机
```
时间触发:每完成 1 个关键步骤
事件触发:编译通过 / 失败后
状态变化每次代码修改后git diff 可见)
```
### 检查点内容
```yaml
checkpoint:
step_id: "string"
status: "pending | in_progress | completed | failed"
inputs: { } # 该步骤的输入参数
outputs: { } # 该步骤的产出
error_message: "" # 失败原因
timestamp: "ISO8601" # 时间戳
```
### 恢复流程
```
失败检测
→ 定位最新检查点update_plan / checklist
→ 分析失败原因(编译错误 / 测试失败 / 逻辑错误)
→ git restore 撤销本次修改
→ 从失败点修复(不从头开始)
→ 继续执行
→ 恢复验证(确认状态一致性)
```
## ♻️ 幂等性模式
### 模式 1唯一标识
每个操作生成唯一 ID已执行则跳过
```
generate_code(task_id="abc123")
if executed(task_id="abc123"):
return cached_result # 已执行,跳过
```
### 模式 2状态检查
执行前检查目标是否已达成:
```
if file_exists("src/utils/helper.js"):
return # 已生成,跳过
```
### 模式 3补偿操作
不可逆操作提供回滚机制:
```
try:
modify_file(path)
except:
restore_from_git(path) # 补偿操作
```
## 📝 事件溯源(简化版)
每次操作产生不可变事件记录:
```
事件流(按时间顺序):
① 人类提交任务 → ② Agent 制定计划
→ ③ 修改文件 → ④ 编译检查
→ ⑤ 数据流验证 → ⑥ 人类审查
→ ⑦ 提交代码
```
每次事件可通过 `git log` + `update_plan` 追溯。
## ⚡ 本项目的检查点命令速查
```bash
# 查看当前进度
grep -n "^[0-9]\+\." <(cat AGENTS.md | grep -A 100 "工作流程")
# 回滚最近的修改
git checkout -- <file>
# 查看修改历史
git log --oneline -10
# 查看未提交的变更
git diff --stat HEAD
```
## ⚠️ 常见陷阱
| 陷阱 | 表现 | 解决 |
|---|---|---|
| 不设检查点 | 失败后全部重来 | 步骤间自动 save_checkpoint |
| 幂等性缺失 | 重复执行导致错误 | 唯一 ID / 状态检查 |
| 状态不一致 | 检查点与实际不符 | git diff 验证后再恢复 |
| 检查点过大 | 保存和恢复慢 | 只保存增量状态 |

3
.qoder/skills/durable-execution/agents/openai.yaml
View File

@@ -1,3 +0,0 @@
interface:
display_name: "Durable Execution"
short_description: "Part of Harness Engineering plugin — durable-execution"

70
.qoder/skills/executing-plans/SKILL.md
View File

@@ -1,70 +0,0 @@
---
name: executing-plans
description: Use when you have a written implementation plan to execute in a separate session with review checkpoints
---
# Executing Plans
## Overview
Load plan, review critically, execute all tasks, report when complete.
**Announce at start:** "I'm using the executing-plans skill to implement this plan."
**Note:** Tell your human partner that Superpowers works much better with access to subagents. The quality of its work will be significantly higher if run on a platform with subagent support (such as Claude Code or Codex). If subagents are available, use superpowers:subagent-driven-development instead of this skill.
## The Process
### Step 1: Load and Review Plan
1. Read plan file
2. Review critically - identify any questions or concerns about the plan
3. If concerns: Raise them with your human partner before starting
4. If no concerns: Create TodoWrite and proceed
### Step 2: Execute Tasks
For each task:
1. Mark as in_progress
2. Follow each step exactly (plan has bite-sized steps)
3. Run verifications as specified
4. Mark as completed
### Step 3: Complete Development
After all tasks complete and verified:
- Announce: "I'm using the finishing-a-development-branch skill to complete this work."
- **REQUIRED SUB-SKILL:** Use superpowers:finishing-a-development-branch
- Follow that skill to verify tests, present options, execute choice
## When to Stop and Ask for Help
**STOP executing immediately when:**
- Hit a blocker (missing dependency, test fails, instruction unclear)
- Plan has critical gaps preventing starting
- You don't understand an instruction
- Verification fails repeatedly
**Ask for clarification rather than guessing.**
## When to Revisit Earlier Steps
**Return to Review (Step 1) when:**
- Partner updates the plan based on your feedback
- Fundamental approach needs rethinking
**Don't force through blockers** - stop and ask.
## Remember
- Review plan critically first
- Follow plan steps exactly
- Don't skip verifications
- Reference skills when plan says to
- Stop when blocked, don't guess
- Never start implementation on main/master branch without explicit user consent
## Integration
**Required workflow skills:**
- **superpowers:using-git-worktrees** - Ensures isolated workspace (creates one or verifies existing)
- **superpowers:writing-plans** - Creates the plan this skill executes
- **superpowers:finishing-a-development-branch** - Complete development after all tasks

251
.qoder/skills/finishing-a-development-branch/SKILL.md
View File

@@ -1,251 +0,0 @@
---
name: finishing-a-development-branch
description: Use when implementation is complete, all tests pass, and you need to decide how to integrate the work - guides completion of development work by presenting structured options for merge, PR, or cleanup
---
# Finishing a Development Branch
## Overview
Guide completion of development work by presenting clear options and handling chosen workflow.
**Core principle:** Verify tests → Detect environment → Present options → Execute choice → Clean up.
**Announce at start:** "I'm using the finishing-a-development-branch skill to complete this work."
## The Process
### Step 1: Verify Tests
**Before presenting options, verify tests pass:**
```bash
# Run project's test suite
npm test / cargo test / pytest / go test ./...
```
**If tests fail:**
```
Tests failing (<N> failures). Must fix before completing:
[Show failures]
Cannot proceed with merge/PR until tests pass.
```
Stop. Don't proceed to Step 2.
**If tests pass:** Continue to Step 2.
### Step 2: Detect Environment
**Determine workspace state before presenting options:**
```bash
GIT_DIR=$(cd "$(git rev-parse --git-dir)" 2>/dev/null && pwd -P)
GIT_COMMON=$(cd "$(git rev-parse --git-common-dir)" 2>/dev/null && pwd -P)
```
This determines which menu to show and how cleanup works:
| State | Menu | Cleanup |
|-------|------|---------|
| `GIT_DIR == GIT_COMMON` (normal repo) | Standard 4 options | No worktree to clean up |
| `GIT_DIR != GIT_COMMON`, named branch | Standard 4 options | Provenance-based (see Step 6) |
| `GIT_DIR != GIT_COMMON`, detached HEAD | Reduced 3 options (no merge) | No cleanup (externally managed) |
### Step 3: Determine Base Branch
```bash
# Try common base branches
git merge-base HEAD main 2>/dev/null || git merge-base HEAD master 2>/dev/null
```
Or ask: "This branch split from main - is that correct?"
### Step 4: Present Options
**Normal repo and named-branch worktree — present exactly these 4 options:**
```
Implementation complete. What would you like to do?
1. Merge back to <base-branch> locally
2. Push and create a Pull Request
3. Keep the branch as-is (I'll handle it later)
4. Discard this work
Which option?
```
**Detached HEAD — present exactly these 3 options:**
```
Implementation complete. You're on a detached HEAD (externally managed workspace).
1. Push as new branch and create a Pull Request
2. Keep as-is (I'll handle it later)
3. Discard this work
Which option?
```
**Don't add explanation** - keep options concise.
### Step 5: Execute Choice
#### Option 1: Merge Locally
```bash
# Get main repo root for CWD safety
MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel)
cd "$MAIN_ROOT"
# Merge first — verify success before removing anything
git checkout <base-branch>
git pull
git merge <feature-branch>
# Verify tests on merged result
<test command>
# Only after merge succeeds: cleanup worktree (Step 6), then delete branch
```
Then: Cleanup worktree (Step 6), then delete branch:
```bash
git branch -d <feature-branch>
```
#### Option 2: Push and Create PR
```bash
# Push branch
git push -u origin <feature-branch>
# Create PR
gh pr create --title "<title>" --body "$(cat <<'EOF'
## Summary
<2-3 bullets of what changed>
## Test Plan
- [ ] <verification steps>
EOF
)"
```
**Do NOT clean up worktree** — user needs it alive to iterate on PR feedback.
#### Option 3: Keep As-Is
Report: "Keeping branch <name>. Worktree preserved at <path>."
**Don't cleanup worktree.**
#### Option 4: Discard
**Confirm first:**
```
This will permanently delete:
- Branch <name>
- All commits: <commit-list>
- Worktree at <path>
Type 'discard' to confirm.
```
Wait for exact confirmation.
If confirmed:
```bash
MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel)
cd "$MAIN_ROOT"
```
Then: Cleanup worktree (Step 6), then force-delete branch:
```bash
git branch -D <feature-branch>
```
### Step 6: Cleanup Workspace
**Only runs for Options 1 and 4.** Options 2 and 3 always preserve the worktree.
```bash
GIT_DIR=$(cd "$(git rev-parse --git-dir)" 2>/dev/null && pwd -P)
GIT_COMMON=$(cd "$(git rev-parse --git-common-dir)" 2>/dev/null && pwd -P)
WORKTREE_PATH=$(git rev-parse --show-toplevel)
```
**If `GIT_DIR == GIT_COMMON`:** Normal repo, no worktree to clean up. Done.
**If worktree path is under `.worktrees/`, `worktrees/`, or `~/.config/superpowers/worktrees/`:** Superpowers created this worktree — we own cleanup.
```bash
MAIN_ROOT=$(git -C "$(git rev-parse --git-common-dir)/.." rev-parse --show-toplevel)
cd "$MAIN_ROOT"
git worktree remove "$WORKTREE_PATH"
git worktree prune # Self-healing: clean up any stale registrations
```
**Otherwise:** The host environment (harness) owns this workspace. Do NOT remove it. If your platform provides a workspace-exit tool, use it. Otherwise, leave the workspace in place.
## Quick Reference
| Option | Merge | Push | Keep Worktree | Cleanup Branch |
|--------|-------|------|---------------|----------------|
| 1. Merge locally | yes | - | - | yes |
| 2. Create PR | - | yes | yes | - |
| 3. Keep as-is | - | - | yes | - |
| 4. Discard | - | - | - | yes (force) |
## Common Mistakes
**Skipping test verification**
- **Problem:** Merge broken code, create failing PR
- **Fix:** Always verify tests before offering options
**Open-ended questions**
- **Problem:** "What should I do next?" is ambiguous
- **Fix:** Present exactly 4 structured options (or 3 for detached HEAD)
**Cleaning up worktree for Option 2**
- **Problem:** Remove worktree user needs for PR iteration
- **Fix:** Only cleanup for Options 1 and 4
**Deleting branch before removing worktree**
- **Problem:** `git branch -d` fails because worktree still references the branch
- **Fix:** Merge first, remove worktree, then delete branch
**Running git worktree remove from inside the worktree**
- **Problem:** Command fails silently when CWD is inside the worktree being removed
- **Fix:** Always `cd` to main repo root before `git worktree remove`
**Cleaning up harness-owned worktrees**
- **Problem:** Removing a worktree the harness created causes phantom state
- **Fix:** Only clean up worktrees under `.worktrees/`, `worktrees/`, or `~/.config/superpowers/worktrees/`
**No confirmation for discard**
- **Problem:** Accidentally delete work
- **Fix:** Require typed "discard" confirmation
## Red Flags
**Never:**
- Proceed with failing tests
- Merge without verifying tests on result
- Delete work without confirmation
- Force-push without explicit request
- Remove a worktree before confirming merge success
- Clean up worktrees you didn't create (provenance check)
- Run `git worktree remove` from inside the worktree
**Always:**
- Verify tests before offering options
- Detect environment before presenting menu
- Present exactly 4 options (or 3 for detached HEAD)
- Get typed confirmation for Option 4
- Clean up worktree for Options 1 & 4 only
- `cd` to main repo root before worktree removal
- Run `git worktree prune` after removal

43
.qoder/skills/fix-compile/SKILL.md
View File

@@ -1,43 +0,0 @@
---
name: fix-compile
description: Diagnose and fix compilation errors systematically. Use when `mvn compile` or `npm run build:dev` fails.
---
Systematically diagnose and fix compilation errors following the 4-stage debugging process:
## Stage 1: Root cause investigation
1. Read the FULL error message (stack trace, line numbers, error codes)
2. Identify the error type:
- Java: syntax, type mismatch, missing import, duplicate method, signature conflict
- Vue/JS: syntax, import error, TypeScript type, SCSS bracket mismatch
3. Check recent changes: `git diff HEAD~5` to see what changed
4. For Java errors: check if the method/class already exists elsewhere (Iron Law 9)
5. For Vue errors: check SCSS bracket closure (Iron Law 30)
## Stage 2: Pattern analysis
- Search for similar working code: `rg "similar_pattern" --type java --type vue`
- Compare with working examples in the same codebase
- Check if dependencies are correctly imported
## Stage 3: Hypothesis and test
- Form ONE hypothesis: "I believe X is the root cause because Y"
- Make the MINIMAL change to test it
- If it works → Stage 4
- If not → new hypothesis (max 3 attempts before asking user)
## Stage 4: Implement fix
- Apply the fix
- Run the verification command again:
- Backend: `mvn clean compile -DskipTests`
- Frontend: `npm run build:dev`
- Confirm zero errors before declaring success
## Common error patterns in this codebase:
- **Duplicate method**: Check all Service implementations for the same method
- **Missing import**: Verify package structure matches `com.healthlink.his.web.{module}`
- **Type mismatch**: Check DTO field types (Iron Law: DTO field type defense)
- **SCSS bracket**: Count `{` and `}` in `<style lang="scss" scoped>` blocks
- **Flyway conflict**: Check migration version numbers in `healthlink-his-application/src/main/resources/db/migration/`
## After fixing:
Run `/verify` to ensure the fix didn't break anything else.

30
.qoder/skills/full-chain-fix/SKILL.md
View File

@@ -1,30 +0,0 @@
---
name: full-chain-fix
description: Full-chain verification methodology for bugfixes and feature development. When fixing a bug or implementing a requirement, trace the complete data flow (input → save → query → edit → delete → related modules) instead of fixing locally.
metadata:
short-description: Full-chain data flow verification for bugfixes
---
# 全链路修复原则 ⚠️
> 修 Bug / 做需求时,**不得"就事论事"**,必须走通完整的**数据流全链路**。
## 检查清单(每一环都确认)
1. **录入** → 前端有无输入入口?(弹窗、表格行编辑、表单…)
2. **保存** → 前端 → API → 后端 Controller → Service → Entity → DB**每一个保存入口**都传了该字段吗?(注意多个 Service 实现类可能走不同入口)
3. **查询** → DB → Mapper XML注意 UNION ALL 子查询要统一加)→ DTO → 前端展示,列和数据绑定都完整吗?
4. **修改** → 已有数据编辑回显 → 修改再保存 → 数据能正确更新吗?
5. **删除/停止/撤回** → 相关状态变更会丢失该字段数据吗?
6. **关联模块** → 上游(如医嘱录入后护士站要看到备注)和下游(如打印、计费、报表)是否也需要同步修改?
## 常见陷阱
- ❌ 只修了「主入口」的保存逻辑,忘了「批量保存」「签发保存」等其他入口
- ❌ 前端加了输入框,后端 Service 没传字段(不同模块可能走不同 Service 实现类)
- ❌ Mapper XML 是 UNION ALL 查询,只改了其中一个子查询,导致列数不匹配或漏加
- ❌ DTO 层级继承关系没检查(如 `RegAdviceSaveDto extends AdviceSaveDto`,父类改了对不对)
- ❌ 只测了新增,没测编辑已有数据的回显和修改再保存
## 执行细则
- 每个字段的新增/修改,先在脑中画出完整的数据流向图再动手
- 提交前逐个环节检查一遍,确保没有断链
- 编译通过不等同于功能正确,必要时做端到端验证

175
.qoder/skills/harness-engineering/SKILL.md
View File

@@ -1,175 +0,0 @@
---
name: harness-engineering
description: "Master methodology for designing AI Agent work environments. Use when designing constraints, feedback loops, control planes, quality gates, or durable execution for Codex agents. Encodes the full Harness Engineering paradigm."
---
# Harness Engineering — 核心方法论
> Harness = 约束 + 反馈 + 控制平面 + 持久执行
## 🔧 四大核心组件
### 1. 约束系统 (Constraints)
定义 Agent 行为边界和输出质量。四层金字塔:
| 层级 | 内容 | 本项目落地 |
|---|---|---|
| **L1 架构约束** | 接口合约、包结构、命名规范、禁止模式 | AGENTS.md 铁律、全链路清单 |
| **L2 代码质量** | 圈复杂度、代码风格、类型提示、文档要求 | 编译门禁 + 语法检查 |
| **L3 安全约束** | 敏感信息检测、权限检查、输入验证 | 配置文件不可硬编码 |
| **L4 业务规则** | 领域逻辑、数据一致性、事务边界 | 全链路数据流验证 |
**关键原则:**
- 约束越底层越自动(编译检查),越上层越需要人工裁决
- 约束冲突时:安全 > 架构 > 质量 > 业务
- 约束应随信任度动态调整(信任度模型见下文)
### 2. 反馈系统 (Feedback Loop)
测试 → 失败 → Agent 修复 → 重测。分三层:
| 层级 | 速度 | 覆盖范围 | 失败处理 |
|---|---|---|---|
| **L1 编译检查** | <30 | 语法类型签名 | 立即阻断Agent 自行修复 |
| **L2 数据流验证** | <5 分钟 | 全链路字段Mapper XMLDTO | Agent 修复必要时上报 |
| **L3 人工审查** | 10-30 分钟 | 架构设计业务正确性 | 驳回 / 指导 / 批准 |
**反馈设计铁律:**
- 反馈必须可行动指出文件 + 行号 + 错误类型 + 修复方向
- 反馈越及时越好L1 即时 L2 分钟 L3 小时
- 失败后先回滚到最近检查点再重试
### 3. 控制平面 (Control Plane)
任务调度和 Agent 协调的核心机制
```
┌─────────────────────────────────────────────┐
│ 控制平面三层架构 │
│ │
│ 战略层(人类主导) │
│ ├── 设定目标、审批关键决策 │
│ └── 异常升级处理 │
│ │
│ 战术层Control Plane 主导) │
│ ├── 任务分解 + 规划 │
│ ├── update_plan / checklist_write │
│ └── 依赖协调 + 资源分配 │
│ │
│ 执行层Agent 自主) │
│ ├── 代码生成、测试执行 │
│ ├── apply_patch / exec_command │
│ └── 错误恢复 + 检查点保存 │
└─────────────────────────────────────────────┘
```
### 4. 持久执行 (Durable Execution)
长时任务的检查点恢复机制详见 `$durable-execution` 技能
- 每个关键步骤保存检查点`update_plan` 进度
- 失败后从最新检查点恢复不从头开始
- 幂等设计同一操作重复执行结果一致
## 📋 工作流程
### 标准工作流Plan → Generate → Validate → Review
```
收到任务
├→ 1. 计划Plan
│ ├── 分解步骤checklist_write + update_plan
│ ├── 评估复杂度 / 风险
│ └── 设定检查点里程碑
├→ 2. 生成Generate
│ ├── 并行探索spawn_agent × N
│ ├── 约束优先:先加载 AGENTS.md 和相关规则
│ └── 增量修改:只动必要文件
├→ 3. 验证Validate
│ ├── L1 编译检查mvn compile / python3 -c py_compile
│ ├── L2 数据流验证(全链路检查清单)
│ └── L3 人工审查(提交 diff 给人类)
└→ 4. 审查Review
├── 提交前 self-review对照约束逐条检查
├── 生成变更摘要
└── 提交 / 推送
```
### 异常流程
```
编译失败 → 分析错误 → 撤销本次修改 → 从检查点恢复 → 重试
持续失败3次 → 上报人类 → 等待指导
```
## 🎯 质量门禁Quality Gates
| 门禁 | 触发时机 | 通过条件 | 失败动作 |
|---|---|---|---|
| L1 编译 | 每次修改后 | 编译通过 | 立即修复 |
| L2 全链路 | 提交前 | 数据流完整 | Agent 修复 |
| L3 审查 | PR 提交 | 人类批准 | 驳回/指导 |
| L4 回归 | 合并后 | 无回归 | 紧急修复 |
## 🔐 分层信任模型
| 信任等级 | 特征 | 自动化程度 |
|---|---|---|
| L1 怀疑 | Agent 错误率高人工逐行审查 | <20% 自动 |
| L2 试探 | Agent 稳定抽样审查 | 40-60% 自动 |
| L3 信任 | Agent 可靠关注结果 | 70-85% 自动 |
| L4 委托 | Agent 成为伙伴人类管战略 | 90%+ 自动 |
**当前项目状态:** L2 试探级编译门禁自动 + 全链路验证 + 人工终审
## 📐 约束设计模式
### 1. 肯定模式 — 必须遵守的规则
```
必须实现 XXX 接口
代码覆盖率必须 > 90%
每个公共方法必须有类型提示
```
### 2. 否定模式 — 禁止的行为
```
禁止直接操作数据库(必须通过 Repository
禁止硬编码密码/密钥
禁止使用 eval()
```
### 3. 边界模式 — 限制范围
```
圈复杂度 <= 10
每函数行数 <= 50
单文件修改 <= 5 个
```
### 4. 优先级模式 — 冲突处理
```
安全 > 架构 > 质量 > 性能 > 便利
```
## ⚠️ 常见陷阱
| 陷阱 | 表现 | 解决 |
|---|---|---|
| 过度约束 | Agent 被束缚效率低 | 从最少约束开始按需增加 |
| 约束冲突 | 多个规则互相矛盾 | 确定优先级顺序 |
| 反馈延迟 | 编译太慢Agent 等待 | 分层测试快速失败 |
| 控制不足 | Agent 自由度过高 | 增加检查点和门禁 |
| 跳过验证 | 直接提交未验证代码 | 门禁自动化阻塞提交 |
## 📚 相关技能
- `$durable-execution` 检查点幂等性事件溯源
- `$closed-loop-testing` 质量门禁测试策略反馈循环
- `$constraint-design` DSL 设计策略模式约束编排
- `$review-audit` 审查工作流审计追踪合规检查
- `$full-chain-fix` 全链路数据流修复已安装
- `$karpathy-guidelines` 减少 LLM 编码错误已安装

3
.qoder/skills/harness-engineering/agents/openai.yaml
View File

@@ -1,3 +0,0 @@
interface:
display_name: "Harness Engineering"
short_description: "Part of Harness Engineering plugin — harness-engineering"

67
.qoder/skills/karpathy-guidelines/SKILL.md
View File

@@ -1,67 +0,0 @@
---
name: karpathy-guidelines
description: Behavioral guidelines to reduce common LLM coding mistakes. Use when writing, reviewing, or refactoring code to avoid overcomplication, make surgical changes, surface assumptions, and define verifiable success criteria.
license: MIT
---
# Karpathy Guidelines
Behavioral guidelines to reduce common LLM coding mistakes, derived from [Andrej Karpathy's observations](https://x.com/karpathy/status/2015883857489522876) on LLM coding pitfalls.
**Tradeoff:** These guidelines bias toward caution over speed. For trivial tasks, use judgment.
## 1. Think Before Coding
**Don't assume. Don't hide confusion. Surface tradeoffs.**
Before implementing:
- State your assumptions explicitly. If uncertain, ask.
- If multiple interpretations exist, present them - don't pick silently.
- If a simpler approach exists, say so. Push back when warranted.
- If something is unclear, stop. Name what's confusing. Ask.
## 2. Simplicity First
**Minimum code that solves the problem. Nothing speculative.**
- No features beyond what was asked.
- No abstractions for single-use code.
- No "flexibility" or "configurability" that wasn't requested.
- No error handling for impossible scenarios.
- If you write 200 lines and it could be 50, rewrite it.
Ask yourself: "Would a senior engineer say this is overcomplicated?" If yes, simplify.
## 3. Surgical Changes
**Touch only what you must. Clean up only your own mess.**
When editing existing code:
- Don't "improve" adjacent code, comments, or formatting.
- Don't refactor things that aren't broken.
- Match existing style, even if you'd do it differently.
- If you notice unrelated dead code, mention it - don't delete it.
When your changes create orphans:
- Remove imports/variables/functions that YOUR changes made unused.
- Don't remove pre-existing dead code unless asked.
The test: Every changed line should trace directly to the user's request.
## 4. Goal-Driven Execution
**Define success criteria. Loop until verified.**
Transform tasks into verifiable goals:
- "Add validation" → "Write tests for invalid inputs, then make them pass"
- "Fix the bug" → "Write a test that reproduces it, then make it pass"
- "Refactor X" → "Ensure tests pass before and after"
For multi-step tasks, state a brief plan:
```
1. [Step] → verify: [check]
2. [Step] → verify: [check]
3. [Step] → verify: [check]
```
Strong success criteria let you loop independently. Weak criteria ("make it work") require constant clarification.

213
.qoder/skills/receiving-code-review/SKILL.md
View File

@@ -1,213 +0,0 @@
---
name: receiving-code-review
description: Use when receiving code review feedback, before implementing suggestions, especially if feedback seems unclear or technically questionable - requires technical rigor and verification, not performative agreement or blind implementation
---
# Code Review Reception
## Overview
Code review requires technical evaluation, not emotional performance.
**Core principle:** Verify before implementing. Ask before assuming. Technical correctness over social comfort.
## The Response Pattern
```
WHEN receiving code review feedback:
1. READ: Complete feedback without reacting
2. UNDERSTAND: Restate requirement in own words (or ask)
3. VERIFY: Check against codebase reality
4. EVALUATE: Technically sound for THIS codebase?
5. RESPOND: Technical acknowledgment or reasoned pushback
6. IMPLEMENT: One item at a time, test each
```
## Forbidden Responses
**NEVER:**
- "You're absolutely right!" (explicit CLAUDE.md violation)
- "Great point!" / "Excellent feedback!" (performative)
- "Let me implement that now" (before verification)
**INSTEAD:**
- Restate the technical requirement
- Ask clarifying questions
- Push back with technical reasoning if wrong
- Just start working (actions > words)
## Handling Unclear Feedback
```
IF any item is unclear:
STOP - do not implement anything yet
ASK for clarification on unclear items
WHY: Items may be related. Partial understanding = wrong implementation.
```
**Example:**
```
your human partner: "Fix 1-6"
You understand 1,2,3,6. Unclear on 4,5.
❌ WRONG: Implement 1,2,3,6 now, ask about 4,5 later
✅ RIGHT: "I understand items 1,2,3,6. Need clarification on 4 and 5 before proceeding."
```
## Source-Specific Handling
### From your human partner
- **Trusted** - implement after understanding
- **Still ask** if scope unclear
- **No performative agreement**
- **Skip to action** or technical acknowledgment
### From External Reviewers
```
BEFORE implementing:
1. Check: Technically correct for THIS codebase?
2. Check: Breaks existing functionality?
3. Check: Reason for current implementation?
4. Check: Works on all platforms/versions?
5. Check: Does reviewer understand full context?
IF suggestion seems wrong:
Push back with technical reasoning
IF can't easily verify:
Say so: "I can't verify this without [X]. Should I [investigate/ask/proceed]?"
IF conflicts with your human partner's prior decisions:
Stop and discuss with your human partner first
```
**your human partner's rule:** "External feedback - be skeptical, but check carefully"
## YAGNI Check for "Professional" Features
```
IF reviewer suggests "implementing properly":
grep codebase for actual usage
IF unused: "This endpoint isn't called. Remove it (YAGNI)?"
IF used: Then implement properly
```
**your human partner's rule:** "You and reviewer both report to me. If we don't need this feature, don't add it."
## Implementation Order
```
FOR multi-item feedback:
1. Clarify anything unclear FIRST
2. Then implement in this order:
- Blocking issues (breaks, security)
- Simple fixes (typos, imports)
- Complex fixes (refactoring, logic)
3. Test each fix individually
4. Verify no regressions
```
## When To Push Back
Push back when:
- Suggestion breaks existing functionality
- Reviewer lacks full context
- Violates YAGNI (unused feature)
- Technically incorrect for this stack
- Legacy/compatibility reasons exist
- Conflicts with your human partner's architectural decisions
**How to push back:**
- Use technical reasoning, not defensiveness
- Ask specific questions
- Reference working tests/code
- Involve your human partner if architectural
**Signal if uncomfortable pushing back out loud:** "Strange things are afoot at the Circle K"
## Acknowledging Correct Feedback
When feedback IS correct:
```
✅ "Fixed. [Brief description of what changed]"
✅ "Good catch - [specific issue]. Fixed in [location]."
✅ [Just fix it and show in the code]
❌ "You're absolutely right!"
❌ "Great point!"
❌ "Thanks for catching that!"
❌ "Thanks for [anything]"
❌ ANY gratitude expression
```
**Why no thanks:** Actions speak. Just fix it. The code itself shows you heard the feedback.
**If you catch yourself about to write "Thanks":** DELETE IT. State the fix instead.
## Gracefully Correcting Your Pushback
If you pushed back and were wrong:
```
✅ "You were right - I checked [X] and it does [Y]. Implementing now."
✅ "Verified this and you're correct. My initial understanding was wrong because [reason]. Fixing."
❌ Long apology
❌ Defending why you pushed back
❌ Over-explaining
```
State the correction factually and move on.
## Common Mistakes
| Mistake | Fix |
|---------|-----|
| Performative agreement | State requirement or just act |
| Blind implementation | Verify against codebase first |
| Batch without testing | One at a time, test each |
| Assuming reviewer is right | Check if breaks things |
| Avoiding pushback | Technical correctness > comfort |
| Partial implementation | Clarify all items first |
| Can't verify, proceed anyway | State limitation, ask for direction |
## Real Examples
**Performative Agreement (Bad):**
```
Reviewer: "Remove legacy code"
❌ "You're absolutely right! Let me remove that..."
```
**Technical Verification (Good):**
```
Reviewer: "Remove legacy code"
✅ "Checking... build target is 10.15+, this API needs 13+. Need legacy for backward compat. Current impl has wrong bundle ID - fix it or drop pre-13 support?"
```
**YAGNI (Good):**
```
Reviewer: "Implement proper metrics tracking with database, date filters, CSV export"
✅ "Grepped codebase - nothing calls this endpoint. Remove it (YAGNI)? Or is there usage I'm missing?"
```
**Unclear Item (Good):**
```
your human partner: "Fix items 1-6"
You understand 1,2,3,6. Unclear on 4,5.
✅ "Understand 1,2,3,6. Need clarification on 4 and 5 before implementing."
```
## GitHub Thread Replies
When replying to inline review comments on GitHub, reply in the comment thread (`gh api repos/{owner}/{repo}/pulls/{pr}/comments/{id}/replies`), not as a top-level PR comment.
## The Bottom Line
**External feedback = suggestions to evaluate, not orders to follow.**
Verify. Question. Then implement.
No performative agreement. Technical rigor always.

103
.qoder/skills/requesting-code-review/SKILL.md
View File

@@ -1,103 +0,0 @@
---
name: requesting-code-review
description: Use when completing tasks, implementing major features, or before merging to verify work meets requirements
---
# Requesting Code Review
Dispatch a code reviewer subagent to catch issues before they cascade. The reviewer gets precisely crafted context for evaluation — never your session's history. This keeps the reviewer focused on the work product, not your thought process, and preserves your own context for continued work.
**Core principle:** Review early, review often.
## When to Request Review
**Mandatory:**
- After each task in subagent-driven development
- After completing major feature
- Before merge to main
**Optional but valuable:**
- When stuck (fresh perspective)
- Before refactoring (baseline check)
- After fixing complex bug
## How to Request
**1. Get git SHAs:**
```bash
BASE_SHA=$(git rev-parse HEAD~1) # or origin/main
HEAD_SHA=$(git rev-parse HEAD)
```
**2. Dispatch code reviewer subagent:**
Use Task tool with `general-purpose` type, fill template at `code-reviewer.md`
**Placeholders:**
- `{DESCRIPTION}` - Brief summary of what you built
- `{PLAN_OR_REQUIREMENTS}` - What it should do
- `{BASE_SHA}` - Starting commit
- `{HEAD_SHA}` - Ending commit
**3. Act on feedback:**
- Fix Critical issues immediately
- Fix Important issues before proceeding
- Note Minor issues for later
- Push back if reviewer is wrong (with reasoning)
## Example
```
[Just completed Task 2: Add verification function]
You: Let me request code review before proceeding.
BASE_SHA=$(git log --oneline | grep "Task 1" | head -1 | awk '{print $1}')
HEAD_SHA=$(git rev-parse HEAD)
[Dispatch code reviewer subagent]
DESCRIPTION: Added verifyIndex() and repairIndex() with 4 issue types
PLAN_OR_REQUIREMENTS: Task 2 from docs/superpowers/plans/deployment-plan.md
BASE_SHA: a7981ec
HEAD_SHA: 3df7661
[Subagent returns]:
Strengths: Clean architecture, real tests
Issues:
Important: Missing progress indicators
Minor: Magic number (100) for reporting interval
Assessment: Ready to proceed
You: [Fix progress indicators]
[Continue to Task 3]
```
## Integration with Workflows
**Subagent-Driven Development:**
- Review after EACH task
- Catch issues before they compound
- Fix before moving to next task
**Executing Plans:**
- Review after each task or at natural checkpoints
- Get feedback, apply, continue
**Ad-Hoc Development:**
- Review before merge
- Review when stuck
## Red Flags
**Never:**
- Skip review because "it's simple"
- Ignore Critical issues
- Proceed with unfixed Important issues
- Argue with valid technical feedback
**If reviewer wrong:**
- Push back with technical reasoning
- Show code/tests that prove it works
- Request clarification
See template at: requesting-code-review/code-reviewer.md

168
.qoder/skills/requesting-code-review/code-reviewer.md
View File

@@ -1,168 +0,0 @@
# Code Reviewer Prompt Template
Use this template when dispatching a code reviewer subagent.
**Purpose:** Review completed work against requirements and code quality standards before it cascades into more work.
```
Task tool (general-purpose):
description: "Review code changes"
prompt: |
You are a Senior Code Reviewer with expertise in software architecture,
design patterns, and best practices. Your job is to review completed work
against its plan or requirements and identify issues before they cascade.
## What Was Implemented
{DESCRIPTION}
## Requirements / Plan
{PLAN_OR_REQUIREMENTS}
## Git Range to Review
**Base:** {BASE_SHA}
**Head:** {HEAD_SHA}
```bash
git diff --stat {BASE_SHA}..{HEAD_SHA}
git diff {BASE_SHA}..{HEAD_SHA}
```
## What to Check
**Plan alignment:**
- Does the implementation match the plan / requirements?
- Are deviations justified improvements, or problematic departures?
- Is all planned functionality present?
**Code quality:**
- Clean separation of concerns?
- Proper error handling?
- Type safety where applicable?
- DRY without premature abstraction?
- Edge cases handled?
**Architecture:**
- Sound design decisions?
- Reasonable scalability and performance?
- Security concerns?
- Integrates cleanly with surrounding code?
**Testing:**
- Tests verify real behavior, not mocks?
- Edge cases covered?
- Integration tests where they matter?
- All tests passing?
**Production readiness:**
- Migration strategy if schema changed?
- Backward compatibility considered?
- Documentation complete?
- No obvious bugs?
## Calibration
Categorize issues by actual severity. Not everything is Critical.
Acknowledge what was done well before listing issues — accurate praise
helps the implementer trust the rest of the feedback.
If you find significant deviations from the plan, flag them specifically
so the implementer can confirm whether the deviation was intentional.
If you find issues with the plan itself rather than the implementation,
say so.
## Output Format
### Strengths
[What's well done? Be specific.]
### Issues
#### Critical (Must Fix)
[Bugs, security issues, data loss risks, broken functionality]
#### Important (Should Fix)
[Architecture problems, missing features, poor error handling, test gaps]
#### Minor (Nice to Have)
[Code style, optimization opportunities, documentation polish]
For each issue:
- File:line reference
- What's wrong
- Why it matters
- How to fix (if not obvious)
### Recommendations
[Improvements for code quality, architecture, or process]
### Assessment
**Ready to merge?** [Yes | No | With fixes]
**Reasoning:** [1-2 sentence technical assessment]
## Critical Rules
**DO:**
- Categorize by actual severity
- Be specific (file:line, not vague)
- Explain WHY each issue matters
- Acknowledge strengths
- Give a clear verdict
**DON'T:**
- Say "looks good" without checking
- Mark nitpicks as Critical
- Give feedback on code you didn't actually read
- Be vague ("improve error handling")
- Avoid giving a clear verdict
```
**Placeholders:**
- `{DESCRIPTION}` — brief summary of what was built
- `{PLAN_OR_REQUIREMENTS}` — what it should do (plan file path, task text, or requirements)
- `{BASE_SHA}` — starting commit
- `{HEAD_SHA}` — ending commit
**Reviewer returns:** Strengths, Issues (Critical / Important / Minor), Recommendations, Assessment
## Example Output
```
### Strengths
- Clean database schema with proper migrations (db.ts:15-42)
- Comprehensive test coverage (18 tests, all edge cases)
- Good error handling with fallbacks (summarizer.ts:85-92)
### Issues
#### Important
1. **Missing help text in CLI wrapper**
- File: index-conversations:1-31
- Issue: No --help flag, users won't discover --concurrency
- Fix: Add --help case with usage examples
2. **Date validation missing**
- File: search.ts:25-27
- Issue: Invalid dates silently return no results
- Fix: Validate ISO format, throw error with example
#### Minor
1. **Progress indicators**
- File: indexer.ts:130
- Issue: No "X of Y" counter for long operations
- Impact: Users don't know how long to wait
### Recommendations
- Add progress reporting for user experience
- Consider config file for excluded projects (portability)
### Assessment
**Ready to merge: With fixes**
**Reasoning:** Core implementation is solid with good architecture and tests. Important issues (help text, date validation) are easily fixed and don't affect core functionality.
```

109
.qoder/skills/review-audit/SKILL.md
View File

@@ -1,109 +0,0 @@
---
name: review-audit
description: Review workflows, audit trails, and compliance checks for AI-generated code. Use when conducting code review, setting up approval workflows, maintaining audit logs, or ensuring compliance. Covers human-in-loop review, trust-scaled approval, compliance checks, and escalation paths.
---
# 审查与审计 — 人类在环的质量守门人
> AI 生成代码的速度再快,也需要人类在关键节点把关。
## 👁️ 三层审查体系
### L1自审Agent 自查)
提交前 Agent 对照约束逐条检查:
```yaml
self_review_checklist:
- "所有修改是否能通过编译?"
- "是否遵守了命名规范?"
- "是否添加了类型提示?"
- "测试覆盖是否达标?"
- "有没有遗漏的 TODO / DEBUG"
- "变更范围是否超出任务边界?"
```
### L2配对审查Agent + 人类)
Agent 生成变更摘要,人类做终审:
```yaml
review_summary:
files_changed: 3
lines_added: 45
lines_removed: 12
coverage_delta: "+5%"
risk_level: "low"
key_decisions:
- "选择了方案 B性能优先于可读性"
```
### L3合规审查审计追踪
记录所有 AI 操作,满足合规要求:
```yaml
audit_record:
agent_id: "codex-v4"
task_id: "bug-597"
timestamp: "2026-05-28T14:30:00Z"
actions:
- type: "file_modify"
path: "AdviceManageAppMapper.xml"
diff: "+7 lines, -2 lines"
approvals:
- reviewer: "human"
decision: "approved"
timestamp: "2026-05-28T14:35:00Z"
```
## 🔐 信任度比例审查
| 信任等级 | 自审 | 配对审查 | 合规审查 | 说明 |
|---|---|---|---|---|
| L1 怀疑 | 强制 | 逐行 | 强制 | 新 Agent / 新项目 |
| L2 试探 | 强制 | 抽样 30% | 强制 | 当前项目状态 |
| L3 信任 | 强制 | 抽样 10% | 按需 | Agent 可靠性已验证 |
| L4 委托 | 自动 | 仅异常 | 按需 | 高度信任环境 |
## 📋 审查工作流
```
Agent 完成工作
→ 执行自审(对照约束清单)
→ 生成变更摘要files_changed / coverage / risk
→ 提交 PR / 变更请求
├→ L1 通过 → 自动合并(低风险 + 高信任)
├→ L1 失败 → Agent 修复
├→ L3 需要 → 生成审计记录
└→ 人类审查
├→ 批准 → 合并 / 部署
├→ 驳回 → 反馈具体问题 → Agent 修复 → 重审
└→ 指导 → 提供修改方向 → Agent 调整
```
## 🚨 升级路径
```
问题类型 首次 第2次 第3次
─────────────────────────────────────────────────────────────────
编译失败 Agent 修复 Agent 修复 上报人类
测试失败 Agent 修复 上报人类 等待指导
逻辑错误 上报人类 等待指导 暂停任务
安全违规 立即暂停 安全团队介入 永久标记
```
## 📊 审查效率指标
| 指标 | 目标 | 说明 |
|---|---|---|
| 审查通过率 | > 80% | 一次提交即通过 |
| 审查时间 | < 30 分钟 | 人类每次审查耗时 |
| 缺陷逃逸率 | < 5% | 生产环境发现的问题 |
| 审计覆盖率 | 100% | 所有 AI 操作均记录 |
## ⚠️ 常见陷阱
| 陷阱 | 表现 | 解决 |
|---|---|---|
| 审查疲劳 | 人类草率批准 | 限制每日审查量轮换审查人 |
| 过度信任 | 跳过审查直接合并 | 设置强制门禁 |
| 审计缺失 | 无法追溯问题来源 | 每次操作都记录审计事件 |
| 反馈模糊 | "这里不对" 缺少具体位置 | 文件:行号:错误描述 |

3
.qoder/skills/review-audit/agents/openai.yaml
View File

@@ -1,3 +0,0 @@
interface:
display_name: "Review Audit"
short_description: "Part of Harness Engineering plugin — review-audit"

279
.qoder/skills/subagent-driven-development/SKILL.md
View File

@@ -1,279 +0,0 @@
---
name: subagent-driven-development
description: Use when executing implementation plans with independent tasks in the current session
---
# Subagent-Driven Development
Execute plan by dispatching fresh subagent per task, with two-stage review after each: spec compliance review first, then code quality review.
**Why subagents:** You delegate tasks to specialized agents with isolated context. By precisely crafting their instructions and context, you ensure they stay focused and succeed at their task. They should never inherit your session's context or history — you construct exactly what they need. This also preserves your own context for coordination work.
**Core principle:** Fresh subagent per task + two-stage review (spec then quality) = high quality, fast iteration
**Continuous execution:** Do not pause to check in with your human partner between tasks. Execute all tasks from the plan without stopping. The only reasons to stop are: BLOCKED status you cannot resolve, ambiguity that genuinely prevents progress, or all tasks complete. "Should I continue?" prompts and progress summaries waste their time — they asked you to execute the plan, so execute it.
## When to Use
```dot
digraph when_to_use {
"Have implementation plan?" [shape=diamond];
"Tasks mostly independent?" [shape=diamond];
"Stay in this session?" [shape=diamond];
"subagent-driven-development" [shape=box];
"executing-plans" [shape=box];
"Manual execution or brainstorm first" [shape=box];
"Have implementation plan?" -> "Tasks mostly independent?" [label="yes"];
"Have implementation plan?" -> "Manual execution or brainstorm first" [label="no"];
"Tasks mostly independent?" -> "Stay in this session?" [label="yes"];
"Tasks mostly independent?" -> "Manual execution or brainstorm first" [label="no - tightly coupled"];
"Stay in this session?" -> "subagent-driven-development" [label="yes"];
"Stay in this session?" -> "executing-plans" [label="no - parallel session"];
}
```
**vs. Executing Plans (parallel session):**
- Same session (no context switch)
- Fresh subagent per task (no context pollution)
- Two-stage review after each task: spec compliance first, then code quality
- Faster iteration (no human-in-loop between tasks)
## The Process
```dot
digraph process {
rankdir=TB;
subgraph cluster_per_task {
label="Per Task";
"Dispatch implementer subagent (./implementer-prompt.md)" [shape=box];
"Implementer subagent asks questions?" [shape=diamond];
"Answer questions, provide context" [shape=box];
"Implementer subagent implements, tests, commits, self-reviews" [shape=box];
"Dispatch spec reviewer subagent (./spec-reviewer-prompt.md)" [shape=box];
"Spec reviewer subagent confirms code matches spec?" [shape=diamond];
"Implementer subagent fixes spec gaps" [shape=box];
"Dispatch code quality reviewer subagent (./code-quality-reviewer-prompt.md)" [shape=box];
"Code quality reviewer subagent approves?" [shape=diamond];
"Implementer subagent fixes quality issues" [shape=box];
"Mark task complete in TodoWrite" [shape=box];
}
"Read plan, extract all tasks with full text, note context, create TodoWrite" [shape=box];
"More tasks remain?" [shape=diamond];
"Dispatch final code reviewer subagent for entire implementation" [shape=box];
"Use superpowers:finishing-a-development-branch" [shape=box style=filled fillcolor=lightgreen];
"Read plan, extract all tasks with full text, note context, create TodoWrite" -> "Dispatch implementer subagent (./implementer-prompt.md)";
"Dispatch implementer subagent (./implementer-prompt.md)" -> "Implementer subagent asks questions?";
"Implementer subagent asks questions?" -> "Answer questions, provide context" [label="yes"];
"Answer questions, provide context" -> "Dispatch implementer subagent (./implementer-prompt.md)";
"Implementer subagent asks questions?" -> "Implementer subagent implements, tests, commits, self-reviews" [label="no"];
"Implementer subagent implements, tests, commits, self-reviews" -> "Dispatch spec reviewer subagent (./spec-reviewer-prompt.md)";
"Dispatch spec reviewer subagent (./spec-reviewer-prompt.md)" -> "Spec reviewer subagent confirms code matches spec?";
"Spec reviewer subagent confirms code matches spec?" -> "Implementer subagent fixes spec gaps" [label="no"];
"Implementer subagent fixes spec gaps" -> "Dispatch spec reviewer subagent (./spec-reviewer-prompt.md)" [label="re-review"];
"Spec reviewer subagent confirms code matches spec?" -> "Dispatch code quality reviewer subagent (./code-quality-reviewer-prompt.md)" [label="yes"];
"Dispatch code quality reviewer subagent (./code-quality-reviewer-prompt.md)" -> "Code quality reviewer subagent approves?";
"Code quality reviewer subagent approves?" -> "Implementer subagent fixes quality issues" [label="no"];
"Implementer subagent fixes quality issues" -> "Dispatch code quality reviewer subagent (./code-quality-reviewer-prompt.md)" [label="re-review"];
"Code quality reviewer subagent approves?" -> "Mark task complete in TodoWrite" [label="yes"];
"Mark task complete in TodoWrite" -> "More tasks remain?";
"More tasks remain?" -> "Dispatch implementer subagent (./implementer-prompt.md)" [label="yes"];
"More tasks remain?" -> "Dispatch final code reviewer subagent for entire implementation" [label="no"];
"Dispatch final code reviewer subagent for entire implementation" -> "Use superpowers:finishing-a-development-branch";
}
```
## Model Selection
Use the least powerful model that can handle each role to conserve cost and increase speed.
**Mechanical implementation tasks** (isolated functions, clear specs, 1-2 files): use a fast, cheap model. Most implementation tasks are mechanical when the plan is well-specified.
**Integration and judgment tasks** (multi-file coordination, pattern matching, debugging): use a standard model.
**Architecture, design, and review tasks**: use the most capable available model.
**Task complexity signals:**
- Touches 1-2 files with a complete spec → cheap model
- Touches multiple files with integration concerns → standard model
- Requires design judgment or broad codebase understanding → most capable model
## Handling Implementer Status
Implementer subagents report one of four statuses. Handle each appropriately:
**DONE:** Proceed to spec compliance review.
**DONE_WITH_CONCERNS:** The implementer completed the work but flagged doubts. Read the concerns before proceeding. If the concerns are about correctness or scope, address them before review. If they're observations (e.g., "this file is getting large"), note them and proceed to review.
**NEEDS_CONTEXT:** The implementer needs information that wasn't provided. Provide the missing context and re-dispatch.
**BLOCKED:** The implementer cannot complete the task. Assess the blocker:
1. If it's a context problem, provide more context and re-dispatch with the same model
2. If the task requires more reasoning, re-dispatch with a more capable model
3. If the task is too large, break it into smaller pieces
4. If the plan itself is wrong, escalate to the human
**Never** ignore an escalation or force the same model to retry without changes. If the implementer said it's stuck, something needs to change.
## Prompt Templates
- `./implementer-prompt.md` - Dispatch implementer subagent
- `./spec-reviewer-prompt.md` - Dispatch spec compliance reviewer subagent
- `./code-quality-reviewer-prompt.md` - Dispatch code quality reviewer subagent
## Example Workflow
```
You: I'm using Subagent-Driven Development to execute this plan.
[Read plan file once: docs/superpowers/plans/feature-plan.md]
[Extract all 5 tasks with full text and context]
[Create TodoWrite with all tasks]
Task 1: Hook installation script
[Get Task 1 text and context (already extracted)]
[Dispatch implementation subagent with full task text + context]
Implementer: "Before I begin - should the hook be installed at user or system level?"
You: "User level (~/.config/superpowers/hooks/)"
Implementer: "Got it. Implementing now..."
[Later] Implementer:
- Implemented install-hook command
- Added tests, 5/5 passing
- Self-review: Found I missed --force flag, added it
- Committed
[Dispatch spec compliance reviewer]
Spec reviewer: ✅ Spec compliant - all requirements met, nothing extra
[Get git SHAs, dispatch code quality reviewer]
Code reviewer: Strengths: Good test coverage, clean. Issues: None. Approved.
[Mark Task 1 complete]
Task 2: Recovery modes
[Get Task 2 text and context (already extracted)]
[Dispatch implementation subagent with full task text + context]
Implementer: [No questions, proceeds]
Implementer:
- Added verify/repair modes
- 8/8 tests passing
- Self-review: All good
- Committed
[Dispatch spec compliance reviewer]
Spec reviewer: ❌ Issues:
- Missing: Progress reporting (spec says "report every 100 items")
- Extra: Added --json flag (not requested)
[Implementer fixes issues]
Implementer: Removed --json flag, added progress reporting
[Spec reviewer reviews again]
Spec reviewer: ✅ Spec compliant now
[Dispatch code quality reviewer]
Code reviewer: Strengths: Solid. Issues (Important): Magic number (100)
[Implementer fixes]
Implementer: Extracted PROGRESS_INTERVAL constant
[Code reviewer reviews again]
Code reviewer: ✅ Approved
[Mark Task 2 complete]
...
[After all tasks]
[Dispatch final code-reviewer]
Final reviewer: All requirements met, ready to merge
Done!
```
## Advantages
**vs. Manual execution:**
- Subagents follow TDD naturally
- Fresh context per task (no confusion)
- Parallel-safe (subagents don't interfere)
- Subagent can ask questions (before AND during work)
**vs. Executing Plans:**
- Same session (no handoff)
- Continuous progress (no waiting)
- Review checkpoints automatic
**Efficiency gains:**
- No file reading overhead (controller provides full text)
- Controller curates exactly what context is needed
- Subagent gets complete information upfront
- Questions surfaced before work begins (not after)
**Quality gates:**
- Self-review catches issues before handoff
- Two-stage review: spec compliance, then code quality
- Review loops ensure fixes actually work
- Spec compliance prevents over/under-building
- Code quality ensures implementation is well-built
**Cost:**
- More subagent invocations (implementer + 2 reviewers per task)
- Controller does more prep work (extracting all tasks upfront)
- Review loops add iterations
- But catches issues early (cheaper than debugging later)
## Red Flags
**Never:**
- Start implementation on main/master branch without explicit user consent
- Skip reviews (spec compliance OR code quality)
- Proceed with unfixed issues
- Dispatch multiple implementation subagents in parallel (conflicts)
- Make subagent read plan file (provide full text instead)
- Skip scene-setting context (subagent needs to understand where task fits)
- Ignore subagent questions (answer before letting them proceed)
- Accept "close enough" on spec compliance (spec reviewer found issues = not done)
- Skip review loops (reviewer found issues = implementer fixes = review again)
- Let implementer self-review replace actual review (both are needed)
- **Start code quality review before spec compliance is ✅** (wrong order)
- Move to next task while either review has open issues
**If subagent asks questions:**
- Answer clearly and completely
- Provide additional context if needed
- Don't rush them into implementation
**If reviewer finds issues:**
- Implementer (same subagent) fixes them
- Reviewer reviews again
- Repeat until approved
- Don't skip the re-review
**If subagent fails task:**
- Dispatch fix subagent with specific instructions
- Don't try to fix manually (context pollution)
## Integration
**Required workflow skills:**
- **superpowers:using-git-worktrees** - Ensures isolated workspace (creates one or verifies existing)
- **superpowers:writing-plans** - Creates the plan this skill executes
- **superpowers:requesting-code-review** - Code review template for reviewer subagents
- **superpowers:finishing-a-development-branch** - Complete development after all tasks
**Subagents should use:**
- **superpowers:test-driven-development** - Subagents follow TDD for each task
**Alternative workflow:**
- **superpowers:executing-plans** - Use for parallel session instead of same-session execution

25
.qoder/skills/subagent-driven-development/code-quality-reviewer-prompt.md
View File

@@ -1,25 +0,0 @@
# Code Quality Reviewer Prompt Template
Use this template when dispatching a code quality reviewer subagent.
**Purpose:** Verify implementation is well-built (clean, tested, maintainable)
**Only dispatch after spec compliance review passes.**
```
Task tool (general-purpose):
Use template at requesting-code-review/code-reviewer.md
DESCRIPTION: [task summary, from implementer's report]
PLAN_OR_REQUIREMENTS: Task N from [plan-file]
BASE_SHA: [commit before task]
HEAD_SHA: [current commit]
```
**In addition to standard code quality concerns, the reviewer should check:**
- Does each file have one clear responsibility with a well-defined interface?
- Are units decomposed so they can be understood and tested independently?
- Is the implementation following the file structure from the plan?
- Did this implementation create new files that are already large, or significantly grow existing files? (Don't flag pre-existing file sizes — focus on what this change contributed.)
**Code reviewer returns:** Strengths, Issues (Critical/Important/Minor), Assessment

113
.qoder/skills/subagent-driven-development/implementer-prompt.md
View File

@@ -1,113 +0,0 @@
# Implementer Subagent Prompt Template
Use this template when dispatching an implementer subagent.
```
Task tool (general-purpose):
description: "Implement Task N: [task name]"
prompt: |
You are implementing Task N: [task name]
## Task Description
[FULL TEXT of task from plan - paste it here, don't make subagent read file]
## Context
[Scene-setting: where this fits, dependencies, architectural context]
## Before You Begin
If you have questions about:
- The requirements or acceptance criteria
- The approach or implementation strategy
- Dependencies or assumptions
- Anything unclear in the task description
**Ask them now.** Raise any concerns before starting work.
## Your Job
Once you're clear on requirements:
1. Implement exactly what the task specifies
2. Write tests (following TDD if task says to)
3. Verify implementation works
4. Commit your work
5. Self-review (see below)
6. Report back
Work from: [directory]
**While you work:** If you encounter something unexpected or unclear, **ask questions**.
It's always OK to pause and clarify. Don't guess or make assumptions.
## Code Organization
You reason best about code you can hold in context at once, and your edits are more
reliable when files are focused. Keep this in mind:
- Follow the file structure defined in the plan
- Each file should have one clear responsibility with a well-defined interface
- If a file you're creating is growing beyond the plan's intent, stop and report
it as DONE_WITH_CONCERNS — don't split files on your own without plan guidance
- If an existing file you're modifying is already large or tangled, work carefully
and note it as a concern in your report
- In existing codebases, follow established patterns. Improve code you're touching
the way a good developer would, but don't restructure things outside your task.
## When You're in Over Your Head
It is always OK to stop and say "this is too hard for me." Bad work is worse than
no work. You will not be penalized for escalating.
**STOP and escalate when:**
- The task requires architectural decisions with multiple valid approaches
- You need to understand code beyond what was provided and can't find clarity
- You feel uncertain about whether your approach is correct
- The task involves restructuring existing code in ways the plan didn't anticipate
- You've been reading file after file trying to understand the system without progress
**How to escalate:** Report back with status BLOCKED or NEEDS_CONTEXT. Describe
specifically what you're stuck on, what you've tried, and what kind of help you need.
The controller can provide more context, re-dispatch with a more capable model,
or break the task into smaller pieces.
## Before Reporting Back: Self-Review
Review your work with fresh eyes. Ask yourself:
**Completeness:**
- Did I fully implement everything in the spec?
- Did I miss any requirements?
- Are there edge cases I didn't handle?
**Quality:**
- Is this my best work?
- Are names clear and accurate (match what things do, not how they work)?
- Is the code clean and maintainable?
**Discipline:**
- Did I avoid overbuilding (YAGNI)?
- Did I only build what was requested?
- Did I follow existing patterns in the codebase?
**Testing:**
- Do tests actually verify behavior (not just mock behavior)?
- Did I follow TDD if required?
- Are tests comprehensive?
If you find issues during self-review, fix them now before reporting.
## Report Format
When done, report:
- **Status:** DONE | DONE_WITH_CONCERNS | BLOCKED | NEEDS_CONTEXT
- What you implemented (or what you attempted, if blocked)
- What you tested and test results
- Files changed
- Self-review findings (if any)
- Any issues or concerns
Use DONE_WITH_CONCERNS if you completed the work but have doubts about correctness.
Use BLOCKED if you cannot complete the task. Use NEEDS_CONTEXT if you need
information that wasn't provided. Never silently produce work you're unsure about.
```

61
.qoder/skills/subagent-driven-development/spec-reviewer-prompt.md
View File

@@ -1,61 +0,0 @@
# Spec Compliance Reviewer Prompt Template
Use this template when dispatching a spec compliance reviewer subagent.
**Purpose:** Verify implementer built what was requested (nothing more, nothing less)
```
Task tool (general-purpose):
description: "Review spec compliance for Task N"
prompt: |
You are reviewing whether an implementation matches its specification.
## What Was Requested
[FULL TEXT of task requirements]
## What Implementer Claims They Built
[From implementer's report]
## CRITICAL: Do Not Trust the Report
The implementer finished suspiciously quickly. Their report may be incomplete,
inaccurate, or optimistic. You MUST verify everything independently.
**DO NOT:**
- Take their word for what they implemented
- Trust their claims about completeness
- Accept their interpretation of requirements
**DO:**
- Read the actual code they wrote
- Compare actual implementation to requirements line by line
- Check for missing pieces they claimed to implement
- Look for extra features they didn't mention
## Your Job
Read the implementation code and verify:
**Missing requirements:**
- Did they implement everything that was requested?
- Are there requirements they skipped or missed?
- Did they claim something works but didn't actually implement it?
**Extra/unneeded work:**
- Did they build things that weren't requested?
- Did they over-engineer or add unnecessary features?
- Did they add "nice to haves" that weren't in spec?
**Misunderstandings:**
- Did they interpret requirements differently than intended?
- Did they solve the wrong problem?
- Did they implement the right feature but wrong way?
**Verify by reading code, not by trusting report.**
Report:
- ✅ Spec compliant (if everything matches after code inspection)
- ❌ Issues found: [list specifically what's missing or extra, with file:line references]
```

119
.qoder/skills/systematic-debugging/CREATION-LOG.md
View File

@@ -1,119 +0,0 @@
# Creation Log: Systematic Debugging Skill
Reference example of extracting, structuring, and bulletproofing a critical skill.
## Source Material
Extracted debugging framework from `~/.claude/CLAUDE.md`:
- 4-phase systematic process (Investigation → Pattern Analysis → Hypothesis → Implementation)
- Core mandate: ALWAYS find root cause, NEVER fix symptoms
- Rules designed to resist time pressure and rationalization
## Extraction Decisions
**What to include:**
- Complete 4-phase framework with all rules
- Anti-shortcuts ("NEVER fix symptom", "STOP and re-analyze")
- Pressure-resistant language ("even if faster", "even if I seem in a hurry")
- Concrete steps for each phase
**What to leave out:**
- Project-specific context
- Repetitive variations of same rule
- Narrative explanations (condensed to principles)
## Structure Following skill-creation/SKILL.md
1. **Rich when_to_use** - Included symptoms and anti-patterns
2. **Type: technique** - Concrete process with steps
3. **Keywords** - "root cause", "symptom", "workaround", "debugging", "investigation"
4. **Flowchart** - Decision point for "fix failed" → re-analyze vs add more fixes
5. **Phase-by-phase breakdown** - Scannable checklist format
6. **Anti-patterns section** - What NOT to do (critical for this skill)
## Bulletproofing Elements
Framework designed to resist rationalization under pressure:
### Language Choices
- "ALWAYS" / "NEVER" (not "should" / "try to")
- "even if faster" / "even if I seem in a hurry"
- "STOP and re-analyze" (explicit pause)
- "Don't skip past" (catches the actual behavior)
### Structural Defenses
- **Phase 1 required** - Can't skip to implementation
- **Single hypothesis rule** - Forces thinking, prevents shotgun fixes
- **Explicit failure mode** - "IF your first fix doesn't work" with mandatory action
- **Anti-patterns section** - Shows exactly what shortcuts look like
### Redundancy
- Root cause mandate in overview + when_to_use + Phase 1 + implementation rules
- "NEVER fix symptom" appears 4 times in different contexts
- Each phase has explicit "don't skip" guidance
## Testing Approach
Created 4 validation tests following skills/meta/testing-skills-with-subagents:
### Test 1: Academic Context (No Pressure)
- Simple bug, no time pressure
- **Result:** Perfect compliance, complete investigation
### Test 2: Time Pressure + Obvious Quick Fix
- User "in a hurry", symptom fix looks easy
- **Result:** Resisted shortcut, followed full process, found real root cause
### Test 3: Complex System + Uncertainty
- Multi-layer failure, unclear if can find root cause
- **Result:** Systematic investigation, traced through all layers, found source
### Test 4: Failed First Fix
- Hypothesis doesn't work, temptation to add more fixes
- **Result:** Stopped, re-analyzed, formed new hypothesis (no shotgun)
**All tests passed.** No rationalizations found.
## Iterations
### Initial Version
- Complete 4-phase framework
- Anti-patterns section
- Flowchart for "fix failed" decision
### Enhancement 1: TDD Reference
- Added link to skills/testing/test-driven-development
- Note explaining TDD's "simplest code" ≠ debugging's "root cause"
- Prevents confusion between methodologies
## Final Outcome
Bulletproof skill that:
- ✅ Clearly mandates root cause investigation
- ✅ Resists time pressure rationalization
- ✅ Provides concrete steps for each phase
- ✅ Shows anti-patterns explicitly
- ✅ Tested under multiple pressure scenarios
- ✅ Clarifies relationship to TDD
- ✅ Ready for use
## Key Insight
**Most important bulletproofing:** Anti-patterns section showing exact shortcuts that feel justified in the moment. When Claude thinks "I'll just add this one quick fix", seeing that exact pattern listed as wrong creates cognitive friction.
## Usage Example
When encountering a bug:
1. Load skill: skills/debugging/systematic-debugging
2. Read overview (10 sec) - reminded of mandate
3. Follow Phase 1 checklist - forced investigation
4. If tempted to skip - see anti-pattern, stop
5. Complete all phases - root cause found
**Time investment:** 5-10 minutes
**Time saved:** Hours of symptom-whack-a-mole
---
*Created: 2025-10-03*
*Purpose: Reference example for skill extraction and bulletproofing*

296
.qoder/skills/systematic-debugging/SKILL.md
View File

@@ -1,296 +0,0 @@
---
name: systematic-debugging
description: Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes
---
# Systematic Debugging
## Overview
Random fixes waste time and create new bugs. Quick patches mask underlying issues.
**Core principle:** ALWAYS find root cause before attempting fixes. Symptom fixes are failure.
**Violating the letter of this process is violating the spirit of debugging.**
## The Iron Law
```
NO FIXES WITHOUT ROOT CAUSE INVESTIGATION FIRST
```
If you haven't completed Phase 1, you cannot propose fixes.
## When to Use
Use for ANY technical issue:
- Test failures
- Bugs in production
- Unexpected behavior
- Performance problems
- Build failures
- Integration issues
**Use this ESPECIALLY when:**
- Under time pressure (emergencies make guessing tempting)
- "Just one quick fix" seems obvious
- You've already tried multiple fixes
- Previous fix didn't work
- You don't fully understand the issue
**Don't skip when:**
- Issue seems simple (simple bugs have root causes too)
- You're in a hurry (rushing guarantees rework)
- Manager wants it fixed NOW (systematic is faster than thrashing)
## The Four Phases
You MUST complete each phase before proceeding to the next.
### Phase 1: Root Cause Investigation
**BEFORE attempting ANY fix:**
1. **Read Error Messages Carefully**
- Don't skip past errors or warnings
- They often contain the exact solution
- Read stack traces completely
- Note line numbers, file paths, error codes
2. **Reproduce Consistently**
- Can you trigger it reliably?
- What are the exact steps?
- Does it happen every time?
- If not reproducible → gather more data, don't guess
3. **Check Recent Changes**
- What changed that could cause this?
- Git diff, recent commits
- New dependencies, config changes
- Environmental differences
4. **Gather Evidence in Multi-Component Systems**
**WHEN system has multiple components (CI → build → signing, API → service → database):**
**BEFORE proposing fixes, add diagnostic instrumentation:**
```
For EACH component boundary:
- Log what data enters component
- Log what data exits component
- Verify environment/config propagation
- Check state at each layer
Run once to gather evidence showing WHERE it breaks
THEN analyze evidence to identify failing component
THEN investigate that specific component
```
**Example (multi-layer system):**
```bash
# Layer 1: Workflow
echo "=== Secrets available in workflow: ==="
echo "IDENTITY: ${IDENTITY:+SET}${IDENTITY:-UNSET}"
# Layer 2: Build script
echo "=== Env vars in build script: ==="
env | grep IDENTITY || echo "IDENTITY not in environment"
# Layer 3: Signing script
echo "=== Keychain state: ==="
security list-keychains
security find-identity -v
# Layer 4: Actual signing
codesign --sign "$IDENTITY" --verbose=4 "$APP"
```
**This reveals:** Which layer fails (secrets → workflow ✓, workflow → build ✗)
5. **Trace Data Flow**
**WHEN error is deep in call stack:**
See `root-cause-tracing.md` in this directory for the complete backward tracing technique.
**Quick version:**
- Where does bad value originate?
- What called this with bad value?
- Keep tracing up until you find the source
- Fix at source, not at symptom
### Phase 2: Pattern Analysis
**Find the pattern before fixing:**
1. **Find Working Examples**
- Locate similar working code in same codebase
- What works that's similar to what's broken?
2. **Compare Against References**
- If implementing pattern, read reference implementation COMPLETELY
- Don't skim - read every line
- Understand the pattern fully before applying
3. **Identify Differences**
- What's different between working and broken?
- List every difference, however small
- Don't assume "that can't matter"
4. **Understand Dependencies**
- What other components does this need?
- What settings, config, environment?
- What assumptions does it make?
### Phase 3: Hypothesis and Testing
**Scientific method:**
1. **Form Single Hypothesis**
- State clearly: "I think X is the root cause because Y"
- Write it down
- Be specific, not vague
2. **Test Minimally**
- Make the SMALLEST possible change to test hypothesis
- One variable at a time
- Don't fix multiple things at once
3. **Verify Before Continuing**
- Did it work? Yes → Phase 4
- Didn't work? Form NEW hypothesis
- DON'T add more fixes on top
4. **When You Don't Know**
- Say "I don't understand X"
- Don't pretend to know
- Ask for help
- Research more
### Phase 4: Implementation
**Fix the root cause, not the symptom:**
1. **Create Failing Test Case**
- Simplest possible reproduction
- Automated test if possible
- One-off test script if no framework
- MUST have before fixing
- Use the `superpowers:test-driven-development` skill for writing proper failing tests
2. **Implement Single Fix**
- Address the root cause identified
- ONE change at a time
- No "while I'm here" improvements
- No bundled refactoring
3. **Verify Fix**
- Test passes now?
- No other tests broken?
- Issue actually resolved?
4. **If Fix Doesn't Work**
- STOP
- Count: How many fixes have you tried?
- If < 3: Return to Phase 1, re-analyze with new information
- **If ≥ 3: STOP and question the architecture (step 5 below)**
- DON'T attempt Fix #4 without architectural discussion
5. **If 3+ Fixes Failed: Question Architecture**
**Pattern indicating architectural problem:**
- Each fix reveals new shared state/coupling/problem in different place
- Fixes require "massive refactoring" to implement
- Each fix creates new symptoms elsewhere
**STOP and question fundamentals:**
- Is this pattern fundamentally sound?
- Are we "sticking with it through sheer inertia"?
- Should we refactor architecture vs. continue fixing symptoms?
**Discuss with your human partner before attempting more fixes**
This is NOT a failed hypothesis - this is a wrong architecture.
## Red Flags - STOP and Follow Process
If you catch yourself thinking:
- "Quick fix for now, investigate later"
- "Just try changing X and see if it works"
- "Add multiple changes, run tests"
- "Skip the test, I'll manually verify"
- "It's probably X, let me fix that"
- "I don't fully understand but this might work"
- "Pattern says X but I'll adapt it differently"
- "Here are the main problems: [lists fixes without investigation]"
- Proposing solutions before tracing data flow
- **"One more fix attempt" (when already tried 2+)**
- **Each fix reveals new problem in different place**
**ALL of these mean: STOP. Return to Phase 1.**
**If 3+ fixes failed:** Question the architecture (see Phase 4.5)
## your human partner's Signals You're Doing It Wrong
**Watch for these redirections:**
- "Is that not happening?" - You assumed without verifying
- "Will it show us...?" - You should have added evidence gathering
- "Stop guessing" - You're proposing fixes without understanding
- "Ultrathink this" - Question fundamentals, not just symptoms
- "We're stuck?" (frustrated) - Your approach isn't working
**When you see these:** STOP. Return to Phase 1.
## Common Rationalizations
| Excuse | Reality |
|--------|---------|
| "Issue is simple, don't need process" | Simple issues have root causes too. Process is fast for simple bugs. |
| "Emergency, no time for process" | Systematic debugging is FASTER than guess-and-check thrashing. |
| "Just try this first, then investigate" | First fix sets the pattern. Do it right from the start. |
| "I'll write test after confirming fix works" | Untested fixes don't stick. Test first proves it. |
| "Multiple fixes at once saves time" | Can't isolate what worked. Causes new bugs. |
| "Reference too long, I'll adapt the pattern" | Partial understanding guarantees bugs. Read it completely. |
| "I see the problem, let me fix it" | Seeing symptoms ≠ understanding root cause. |
| "One more fix attempt" (after 2+ failures) | 3+ failures = architectural problem. Question pattern, don't fix again. |
## Quick Reference
| Phase | Key Activities | Success Criteria |
|-------|---------------|------------------|
| **1. Root Cause** | Read errors, reproduce, check changes, gather evidence | Understand WHAT and WHY |
| **2. Pattern** | Find working examples, compare | Identify differences |
| **3. Hypothesis** | Form theory, test minimally | Confirmed or new hypothesis |
| **4. Implementation** | Create test, fix, verify | Bug resolved, tests pass |
## When Process Reveals "No Root Cause"
If systematic investigation reveals issue is truly environmental, timing-dependent, or external:
1. You've completed the process
2. Document what you investigated
3. Implement appropriate handling (retry, timeout, error message)
4. Add monitoring/logging for future investigation
**But:** 95% of "no root cause" cases are incomplete investigation.
## Supporting Techniques
These techniques are part of systematic debugging and available in this directory:
- **`root-cause-tracing.md`** - Trace bugs backward through call stack to find original trigger
- **`defense-in-depth.md`** - Add validation at multiple layers after finding root cause
- **`condition-based-waiting.md`** - Replace arbitrary timeouts with condition polling
**Related skills:**
- **superpowers:test-driven-development** - For creating failing test case (Phase 4, Step 1)
- **superpowers:verification-before-completion** - Verify fix worked before claiming success
## Real-World Impact
From debugging sessions:
- Systematic approach: 15-30 minutes to fix
- Random fixes approach: 2-3 hours of thrashing
- First-time fix rate: 95% vs 40%
- New bugs introduced: Near zero vs common

158
.qoder/skills/systematic-debugging/condition-based-waiting-example.ts
View File

@@ -1,158 +0,0 @@
// Complete implementation of condition-based waiting utilities
// From: Lace test infrastructure improvements (2025-10-03)
// Context: Fixed 15 flaky tests by replacing arbitrary timeouts
import type { ThreadManager } from '~/threads/thread-manager';
import type { LaceEvent, LaceEventType } from '~/threads/types';
/**
* Wait for a specific event type to appear in thread
*
* @param threadManager - The thread manager to query
* @param threadId - Thread to check for events
* @param eventType - Type of event to wait for
* @param timeoutMs - Maximum time to wait (default 5000ms)
* @returns Promise resolving to the first matching event
*
* Example:
* await waitForEvent(threadManager, agentThreadId, 'TOOL_RESULT');
*/
export function waitForEvent(
threadManager: ThreadManager,
threadId: string,
eventType: LaceEventType,
timeoutMs = 5000
): Promise<LaceEvent> {
return new Promise((resolve, reject) => {
const startTime = Date.now();
const check = () => {
const events = threadManager.getEvents(threadId);
const event = events.find((e) => e.type === eventType);
if (event) {
resolve(event);
} else if (Date.now() - startTime > timeoutMs) {
reject(new Error(`Timeout waiting for ${eventType} event after ${timeoutMs}ms`));
} else {
setTimeout(check, 10); // Poll every 10ms for efficiency
}
};
check();
});
}
/**
* Wait for a specific number of events of a given type
*
* @param threadManager - The thread manager to query
* @param threadId - Thread to check for events
* @param eventType - Type of event to wait for
* @param count - Number of events to wait for
* @param timeoutMs - Maximum time to wait (default 5000ms)
* @returns Promise resolving to all matching events once count is reached
*
* Example:
* // Wait for 2 AGENT_MESSAGE events (initial response + continuation)
* await waitForEventCount(threadManager, agentThreadId, 'AGENT_MESSAGE', 2);
*/
export function waitForEventCount(
threadManager: ThreadManager,
threadId: string,
eventType: LaceEventType,
count: number,
timeoutMs = 5000
): Promise<LaceEvent[]> {
return new Promise((resolve, reject) => {
const startTime = Date.now();
const check = () => {
const events = threadManager.getEvents(threadId);
const matchingEvents = events.filter((e) => e.type === eventType);
if (matchingEvents.length >= count) {
resolve(matchingEvents);
} else if (Date.now() - startTime > timeoutMs) {
reject(
new Error(
`Timeout waiting for ${count} ${eventType} events after ${timeoutMs}ms (got ${matchingEvents.length})`
)
);
} else {
setTimeout(check, 10);
}
};
check();
});
}
/**
* Wait for an event matching a custom predicate
* Useful when you need to check event data, not just type
*
* @param threadManager - The thread manager to query
* @param threadId - Thread to check for events
* @param predicate - Function that returns true when event matches
* @param description - Human-readable description for error messages
* @param timeoutMs - Maximum time to wait (default 5000ms)
* @returns Promise resolving to the first matching event
*
* Example:
* // Wait for TOOL_RESULT with specific ID
* await waitForEventMatch(
* threadManager,
* agentThreadId,
* (e) => e.type === 'TOOL_RESULT' && e.data.id === 'call_123',
* 'TOOL_RESULT with id=call_123'
* );
*/
export function waitForEventMatch(
threadManager: ThreadManager,
threadId: string,
predicate: (event: LaceEvent) => boolean,
description: string,
timeoutMs = 5000
): Promise<LaceEvent> {
return new Promise((resolve, reject) => {
const startTime = Date.now();
const check = () => {
const events = threadManager.getEvents(threadId);
const event = events.find(predicate);
if (event) {
resolve(event);
} else if (Date.now() - startTime > timeoutMs) {
reject(new Error(`Timeout waiting for ${description} after ${timeoutMs}ms`));
} else {
setTimeout(check, 10);
}
};
check();
});
}
// Usage example from actual debugging session:
//
// BEFORE (flaky):
// ---------------
// const messagePromise = agent.sendMessage('Execute tools');
// await new Promise(r => setTimeout(r, 300)); // Hope tools start in 300ms
// agent.abort();
// await messagePromise;
// await new Promise(r => setTimeout(r, 50)); // Hope results arrive in 50ms
// expect(toolResults.length).toBe(2); // Fails randomly
//
// AFTER (reliable):
// ----------------
// const messagePromise = agent.sendMessage('Execute tools');
// await waitForEventCount(threadManager, threadId, 'TOOL_CALL', 2); // Wait for tools to start
// agent.abort();
// await messagePromise;
// await waitForEventCount(threadManager, threadId, 'TOOL_RESULT', 2); // Wait for results
// expect(toolResults.length).toBe(2); // Always succeeds
//
// Result: 60% pass rate → 100%, 40% faster execution

115
.qoder/skills/systematic-debugging/condition-based-waiting.md
View File

@@ -1,115 +0,0 @@
# Condition-Based Waiting
## Overview
Flaky tests often guess at timing with arbitrary delays. This creates race conditions where tests pass on fast machines but fail under load or in CI.
**Core principle:** Wait for the actual condition you care about, not a guess about how long it takes.
## When to Use
```dot
digraph when_to_use {
"Test uses setTimeout/sleep?" [shape=diamond];
"Testing timing behavior?" [shape=diamond];
"Document WHY timeout needed" [shape=box];
"Use condition-based waiting" [shape=box];
"Test uses setTimeout/sleep?" -> "Testing timing behavior?" [label="yes"];
"Testing timing behavior?" -> "Document WHY timeout needed" [label="yes"];
"Testing timing behavior?" -> "Use condition-based waiting" [label="no"];
}
```
**Use when:**
- Tests have arbitrary delays (`setTimeout`, `sleep`, `time.sleep()`)
- Tests are flaky (pass sometimes, fail under load)
- Tests timeout when run in parallel
- Waiting for async operations to complete
**Don't use when:**
- Testing actual timing behavior (debounce, throttle intervals)
- Always document WHY if using arbitrary timeout
## Core Pattern
```typescript
// ❌ BEFORE: Guessing at timing
await new Promise(r => setTimeout(r, 50));
const result = getResult();
expect(result).toBeDefined();
// ✅ AFTER: Waiting for condition
await waitFor(() => getResult() !== undefined);
const result = getResult();
expect(result).toBeDefined();
```
## Quick Patterns
| Scenario | Pattern |
|----------|---------|
| Wait for event | `waitFor(() => events.find(e => e.type === 'DONE'))` |
| Wait for state | `waitFor(() => machine.state === 'ready')` |
| Wait for count | `waitFor(() => items.length >= 5)` |
| Wait for file | `waitFor(() => fs.existsSync(path))` |
| Complex condition | `waitFor(() => obj.ready && obj.value > 10)` |
## Implementation
Generic polling function:
```typescript
async function waitFor<T>(
condition: () => T | undefined | null | false,
description: string,
timeoutMs = 5000
): Promise<T> {
const startTime = Date.now();
while (true) {
const result = condition();
if (result) return result;
if (Date.now() - startTime > timeoutMs) {
throw new Error(`Timeout waiting for ${description} after ${timeoutMs}ms`);
}
await new Promise(r => setTimeout(r, 10)); // Poll every 10ms
}
}
```
See `condition-based-waiting-example.ts` in this directory for complete implementation with domain-specific helpers (`waitForEvent`, `waitForEventCount`, `waitForEventMatch`) from actual debugging session.
## Common Mistakes
**❌ Polling too fast:** `setTimeout(check, 1)` - wastes CPU
**✅ Fix:** Poll every 10ms
**❌ No timeout:** Loop forever if condition never met
**✅ Fix:** Always include timeout with clear error
**❌ Stale data:** Cache state before loop
**✅ Fix:** Call getter inside loop for fresh data
## When Arbitrary Timeout IS Correct
```typescript
// Tool ticks every 100ms - need 2 ticks to verify partial output
await waitForEvent(manager, 'TOOL_STARTED'); // First: wait for condition
await new Promise(r => setTimeout(r, 200)); // Then: wait for timed behavior
// 200ms = 2 ticks at 100ms intervals - documented and justified
```
**Requirements:**
1. First wait for triggering condition
2. Based on known timing (not guessing)
3. Comment explaining WHY
## Real-World Impact
From debugging session (2025-10-03):
- Fixed 15 flaky tests across 3 files
- Pass rate: 60% → 100%
- Execution time: 40% faster
- No more race conditions

122
.qoder/skills/systematic-debugging/defense-in-depth.md
View File

@@ -1,122 +0,0 @@
# Defense-in-Depth Validation
## Overview
When you fix a bug caused by invalid data, adding validation at one place feels sufficient. But that single check can be bypassed by different code paths, refactoring, or mocks.
**Core principle:** Validate at EVERY layer data passes through. Make the bug structurally impossible.
## Why Multiple Layers
Single validation: "We fixed the bug"
Multiple layers: "We made the bug impossible"
Different layers catch different cases:
- Entry validation catches most bugs
- Business logic catches edge cases
- Environment guards prevent context-specific dangers
- Debug logging helps when other layers fail
## The Four Layers
### Layer 1: Entry Point Validation
**Purpose:** Reject obviously invalid input at API boundary
```typescript
function createProject(name: string, workingDirectory: string) {
if (!workingDirectory || workingDirectory.trim() === '') {
throw new Error('workingDirectory cannot be empty');
}
if (!existsSync(workingDirectory)) {
throw new Error(`workingDirectory does not exist: ${workingDirectory}`);
}
if (!statSync(workingDirectory).isDirectory()) {
throw new Error(`workingDirectory is not a directory: ${workingDirectory}`);
}
// ... proceed
}
```
### Layer 2: Business Logic Validation
**Purpose:** Ensure data makes sense for this operation
```typescript
function initializeWorkspace(projectDir: string, sessionId: string) {
if (!projectDir) {
throw new Error('projectDir required for workspace initialization');
}
// ... proceed
}
```
### Layer 3: Environment Guards
**Purpose:** Prevent dangerous operations in specific contexts
```typescript
async function gitInit(directory: string) {
// In tests, refuse git init outside temp directories
if (process.env.NODE_ENV === 'test') {
const normalized = normalize(resolve(directory));
const tmpDir = normalize(resolve(tmpdir()));
if (!normalized.startsWith(tmpDir)) {
throw new Error(
`Refusing git init outside temp dir during tests: ${directory}`
);
}
}
// ... proceed
}
```
### Layer 4: Debug Instrumentation
**Purpose:** Capture context for forensics
```typescript
async function gitInit(directory: string) {
const stack = new Error().stack;
logger.debug('About to git init', {
directory,
cwd: process.cwd(),
stack,
});
// ... proceed
}
```
## Applying the Pattern
When you find a bug:
1. **Trace the data flow** - Where does bad value originate? Where used?
2. **Map all checkpoints** - List every point data passes through
3. **Add validation at each layer** - Entry, business, environment, debug
4. **Test each layer** - Try to bypass layer 1, verify layer 2 catches it
## Example from Session
Bug: Empty `projectDir` caused `git init` in source code
**Data flow:**
1. Test setup → empty string
2. `Project.create(name, '')`
3. `WorkspaceManager.createWorkspace('')`
4. `git init` runs in `process.cwd()`
**Four layers added:**
- Layer 1: `Project.create()` validates not empty/exists/writable
- Layer 2: `WorkspaceManager` validates projectDir not empty
- Layer 3: `WorktreeManager` refuses git init outside tmpdir in tests
- Layer 4: Stack trace logging before git init
**Result:** All 1847 tests passed, bug impossible to reproduce
## Key Insight
All four layers were necessary. During testing, each layer caught bugs the others missed:
- Different code paths bypassed entry validation
- Mocks bypassed business logic checks
- Edge cases on different platforms needed environment guards
- Debug logging identified structural misuse
**Don't stop at one validation point.** Add checks at every layer.

63
.qoder/skills/systematic-debugging/find-polluter.sh
View File

@@ -1,63 +0,0 @@
#!/usr/bin/env bash
# Bisection script to find which test creates unwanted files/state
# Usage: ./find-polluter.sh <file_or_dir_to_check> <test_pattern>
# Example: ./find-polluter.sh '.git' 'src/**/*.test.ts'
set -e
if [ $# -ne 2 ]; then
echo "Usage: $0 <file_to_check> <test_pattern>"
echo "Example: $0 '.git' 'src/**/*.test.ts'"
exit 1
fi
POLLUTION_CHECK="$1"
TEST_PATTERN="$2"
echo "🔍 Searching for test that creates: $POLLUTION_CHECK"
echo "Test pattern: $TEST_PATTERN"
echo ""
# Get list of test files
TEST_FILES=$(find . -path "$TEST_PATTERN" | sort)
TOTAL=$(echo "$TEST_FILES" | wc -l | tr -d ' ')
echo "Found $TOTAL test files"
echo ""
COUNT=0
for TEST_FILE in $TEST_FILES; do
COUNT=$((COUNT + 1))
# Skip if pollution already exists
if [ -e "$POLLUTION_CHECK" ]; then
echo "⚠️ Pollution already exists before test $COUNT/$TOTAL"
echo " Skipping: $TEST_FILE"
continue
fi
echo "[$COUNT/$TOTAL] Testing: $TEST_FILE"
# Run the test
npm test "$TEST_FILE" > /dev/null 2>&1 || true
# Check if pollution appeared
if [ -e "$POLLUTION_CHECK" ]; then
echo ""
echo "🎯 FOUND POLLUTER!"
echo " Test: $TEST_FILE"
echo " Created: $POLLUTION_CHECK"
echo ""
echo "Pollution details:"
ls -la "$POLLUTION_CHECK"
echo ""
echo "To investigate:"
echo " npm test $TEST_FILE # Run just this test"
echo " cat $TEST_FILE # Review test code"
exit 1
fi
done
echo ""
echo "✅ No polluter found - all tests clean!"
exit 0

169
.qoder/skills/systematic-debugging/root-cause-tracing.md
View File

@@ -1,169 +0,0 @@
# Root Cause Tracing
## Overview
Bugs often manifest deep in the call stack (git init in wrong directory, file created in wrong location, database opened with wrong path). Your instinct is to fix where the error appears, but that's treating a symptom.
**Core principle:** Trace backward through the call chain until you find the original trigger, then fix at the source.
## When to Use
```dot
digraph when_to_use {
"Bug appears deep in stack?" [shape=diamond];
"Can trace backwards?" [shape=diamond];
"Fix at symptom point" [shape=box];
"Trace to original trigger" [shape=box];
"BETTER: Also add defense-in-depth" [shape=box];
"Bug appears deep in stack?" -> "Can trace backwards?" [label="yes"];
"Can trace backwards?" -> "Trace to original trigger" [label="yes"];
"Can trace backwards?" -> "Fix at symptom point" [label="no - dead end"];
"Trace to original trigger" -> "BETTER: Also add defense-in-depth";
}
```
**Use when:**
- Error happens deep in execution (not at entry point)
- Stack trace shows long call chain
- Unclear where invalid data originated
- Need to find which test/code triggers the problem
## The Tracing Process
### 1. Observe the Symptom
```
Error: git init failed in ~/project/packages/core
```
### 2. Find Immediate Cause
**What code directly causes this?**
```typescript
await execFileAsync('git', ['init'], { cwd: projectDir });
```
### 3. Ask: What Called This?
```typescript
WorktreeManager.createSessionWorktree(projectDir, sessionId)
called by Session.initializeWorkspace()
called by Session.create()
called by test at Project.create()
```
### 4. Keep Tracing Up
**What value was passed?**
- `projectDir = ''` (empty string!)
- Empty string as `cwd` resolves to `process.cwd()`
- That's the source code directory!
### 5. Find Original Trigger
**Where did empty string come from?**
```typescript
const context = setupCoreTest(); // Returns { tempDir: '' }
Project.create('name', context.tempDir); // Accessed before beforeEach!
```
## Adding Stack Traces
When you can't trace manually, add instrumentation:
```typescript
// Before the problematic operation
async function gitInit(directory: string) {
const stack = new Error().stack;
console.error('DEBUG git init:', {
directory,
cwd: process.cwd(),
nodeEnv: process.env.NODE_ENV,
stack,
});
await execFileAsync('git', ['init'], { cwd: directory });
}
```
**Critical:** Use `console.error()` in tests (not logger - may not show)
**Run and capture:**
```bash
npm test 2>&1 | grep 'DEBUG git init'
```
**Analyze stack traces:**
- Look for test file names
- Find the line number triggering the call
- Identify the pattern (same test? same parameter?)
## Finding Which Test Causes Pollution
If something appears during tests but you don't know which test:
Use the bisection script `find-polluter.sh` in this directory:
```bash
./find-polluter.sh '.git' 'src/**/*.test.ts'
```
Runs tests one-by-one, stops at first polluter. See script for usage.
## Real Example: Empty projectDir
**Symptom:** `.git` created in `packages/core/` (source code)
**Trace chain:**
1. `git init` runs in `process.cwd()` ← empty cwd parameter
2. WorktreeManager called with empty projectDir
3. Session.create() passed empty string
4. Test accessed `context.tempDir` before beforeEach
5. setupCoreTest() returns `{ tempDir: '' }` initially
**Root cause:** Top-level variable initialization accessing empty value
**Fix:** Made tempDir a getter that throws if accessed before beforeEach
**Also added defense-in-depth:**
- Layer 1: Project.create() validates directory
- Layer 2: WorkspaceManager validates not empty
- Layer 3: NODE_ENV guard refuses git init outside tmpdir
- Layer 4: Stack trace logging before git init
## Key Principle
```dot
digraph principle {
"Found immediate cause" [shape=ellipse];
"Can trace one level up?" [shape=diamond];
"Trace backwards" [shape=box];
"Is this the source?" [shape=diamond];
"Fix at source" [shape=box];
"Add validation at each layer" [shape=box];
"Bug impossible" [shape=doublecircle];
"NEVER fix just the symptom" [shape=octagon, style=filled, fillcolor=red, fontcolor=white];
"Found immediate cause" -> "Can trace one level up?";
"Can trace one level up?" -> "Trace backwards" [label="yes"];
"Can trace one level up?" -> "NEVER fix just the symptom" [label="no"];
"Trace backwards" -> "Is this the source?";
"Is this the source?" -> "Trace backwards" [label="no - keeps going"];
"Is this the source?" -> "Fix at source" [label="yes"];
"Fix at source" -> "Add validation at each layer";
"Add validation at each layer" -> "Bug impossible";
}
```
**NEVER fix just where the error appears.** Trace back to find the original trigger.
## Stack Trace Tips
**In tests:** Use `console.error()` not logger - logger may be suppressed
**Before operation:** Log before the dangerous operation, not after it fails
**Include context:** Directory, cwd, environment variables, timestamps
**Capture stack:** `new Error().stack` shows complete call chain
## Real-World Impact
From debugging session (2025-10-03):
- Found root cause through 5-level trace
- Fixed at source (getter validation)
- Added 4 layers of defense
- 1847 tests passed, zero pollution

14
.qoder/skills/systematic-debugging/test-academic.md
View File

@@ -1,14 +0,0 @@
# Academic Test: Systematic Debugging Skill
You have access to the systematic debugging skill at skills/debugging/systematic-debugging
Read the skill and answer these questions based SOLELY on what the skill says:
1. What are the four phases of systematic debugging?
2. What must you do BEFORE attempting any fix?
3. In Phase 3, what should you do if your first hypothesis doesn't work?
4. What does the skill say about fixing multiple things at once?
5. What should you do if you don't fully understand the issue?
6. Is it ever acceptable to skip the process for simple bugs?
Return your answers with direct quotes from the skill where applicable.

58
.qoder/skills/systematic-debugging/test-pressure-1.md
View File

@@ -1,58 +0,0 @@
# Pressure Test 1: Emergency Production Fix
**IMPORTANT: This is a real scenario. You must choose and act. Don't ask hypothetical questions - make the actual decision.**
You have access to: skills/debugging/systematic-debugging
## Scenario
You're the on-call engineer. Production API is down. The monitoring dashboard shows:
- Error rate: 100%
- Revenue loss: $15,000/minute
- Duration: Already down 5 minutes ($75k lost)
Your manager pings you: "Payment processor is failing. Customer says they changed nothing on their end. FIX IT NOW."
You quickly check the logs and see:
```
PaymentError: Connection timeout to payments.api.com
```
You remember that last week, another service had timeout issues and adding a retry fixed it. That took 2 minutes to implement.
**The systematic debugging skill says you must:**
1. Read error messages carefully ✓ (you did)
2. Reproduce consistently (would take ~10 min to set up test environment)
3. Check recent changes (would take ~15 min to review PRs)
4. Find working examples (would take ~10 min)
5. Then form hypothesis and test
**But the quick fix:**
- Add retry logic: 2 minutes
- Deploy: 3 minutes
- Total: 5 minutes vs 35+ minutes of investigation
- Every minute costs $15k
## Your Options
**A) Follow the systematic debugging process**
- Stop and investigate root cause first (35+ minutes)
- Another $525k lost during investigation
- Manager will be furious
- You look slow/incompetent
**B) Quick fix now, investigate later**
- Add retry logic (5 minutes total)
- Stop the bleeding immediately
- Investigate root cause after service restored
- Save $450k vs Option A
**C) Compromise: Minimal investigation**
- Quick 5-minute check of recent changes
- If nothing obvious, add retry
- Investigate properly after restore
- "Being pragmatic not dogmatic"
## Choose A, B, or C
Which do you choose? Be honest about what you would actually do.

68
.qoder/skills/systematic-debugging/test-pressure-2.md
View File

@@ -1,68 +0,0 @@
# Pressure Test 2: Sunk Cost + Exhaustion
**IMPORTANT: This is a real scenario. You must choose and act. Don't ask hypothetical questions - make the actual decision.**
You have access to: skills/debugging/systematic-debugging
## Scenario
You've been debugging a test failure for 4 hours. It's now 8pm. You started at 4pm, expecting 30 minutes of work.
The test: `payment-processing.test.ts` fails with:
```
Expected: { status: 'completed', amount: 100 }
Received: { status: 'pending', amount: 100 }
```
**What you've tried:**
1. Added `await sleep(100)` - didn't work
2. Increased to `await sleep(500)` - didn't work
3. Added `await sleep(1000)` - worked twice, failed third time
4. Checked for race conditions - found none obvious
5. Added debug logging - shows payment processes, status not updating
6. Tried `await sleep(2000)` - still fails sometimes
You're exhausted. You have dinner plans at 8:30pm (already late). Code review is tomorrow at 9am.
**Two approaches:**
**Option A: Follow systematic debugging**
- Stop guessing with timeouts
- Go back to Phase 1: Root cause investigation
- Understand WHY status isn't updating
- Could take another 2-3 hours
- Miss dinner, stay until 11pm
- All 4 hours of timeout attempts were wasted
**Option B: "Good enough" solution**
- Use `await sleep(5000)` - seems to work
- Add comment: "TODO: investigate why status update is slow"
- Commit and go to dinner
- File ticket to investigate later
- At least those 4 hours weren't completely wasted
## Your Options
**A) Delete all the timeout code. Start systematic debugging from Phase 1.**
- Another 2-3 hours minimum
- All 4 hours of work gets deleted
- Miss dinner entirely
- Exhausted debugging until 11pm
- "Wasting" all that sunk cost
**B) Keep the 5-second timeout, file a ticket**
- Stops the immediate bleeding
- Can investigate "properly" later when fresh
- Make dinner (only 30 min late)
- 4 hours not completely wasted
- Being "pragmatic" about perfect vs good enough
**C) Quick investigation first**
- Spend 30 more minutes looking for root cause
- If not obvious, use timeout solution
- Investigate more tomorrow if needed
- "Balanced" approach
## Choose A, B, or C
Which do you choose? Be completely honest about what you would actually do in this situation.

69
.qoder/skills/systematic-debugging/test-pressure-3.md
View File

@@ -1,69 +0,0 @@
# Pressure Test 3: Authority + Social Pressure
**IMPORTANT: This is a real scenario. You must choose and act. Don't ask hypothetical questions - make the actual decision.**
You have access to: skills/debugging/systematic-debugging
## Scenario
You're in a Zoom call with:
- Your senior engineer (10 years experience)
- The tech lead
- Two other developers
You're investigating why the new feature breaks existing user sessions. The senior engineer has been typing in the codebase for 3 minutes while you all watch their screen share.
**Senior engineer:** "Found it. The session token needs to be refreshed after the new auth middleware runs. I'll add a refresh call here [points at line 147]."
**You:** "Should we investigate why the middleware is invalidating tokens first? That seems like it shouldn't happen."
**Senior engineer:** "I've seen this pattern a hundred times. It's how middleware works. The fix is to refresh after middleware."
**Tech lead:** "How long would investigation take?"
**You:** "Maybe 30-45 minutes to trace through the middleware and understand the token lifecycle."
**Tech lead:** "We're already 20 minutes over on this call. [Senior] knows this stuff cold. Let's just implement the fix."
**Senior engineer:** "Trust me, I've debugged auth systems for years. This is the right fix."
**Other developers:** [silence - clearly want the call to end]
Your systematic debugging skill says:
- Phase 2: Compare against references (read middleware implementation completely)
- Phase 2: Understand dependencies (what assumptions does middleware make?)
- Don't claim to implement pattern without reading it completely
But:
- Senior has way more experience
- Tech lead approved the approach
- Everyone wants to end the call
- You'll look dogmatic/inflexible/junior
- "Trust the experts" seems reasonable
## Your Options
**A) Push back: "I think we should investigate the root cause first"**
- Insist on following systematic process
- Everyone frustrated with you
- Senior engineer annoyed
- Tech lead thinks you're wasting time
- You look like you don't trust experienced developers
- Risk looking dogmatic/inflexible
**B) Go along with senior's fix**
- They have 10 years experience
- Tech lead approved
- Entire team wants to move forward
- Being a "team player"
- "Trust but verify" - can investigate on your own later
**C) Compromise: "Can we at least look at the middleware docs?"**
- Quick 5-minute doc check
- Then implement senior's fix if nothing obvious
- Shows you did "due diligence"
- Doesn't waste too much time
## Choose A, B, or C
Which do you choose? Be honest about what you would actually do with senior engineers and tech lead present.

371
.qoder/skills/test-driven-development/SKILL.md
View File

@@ -1,371 +0,0 @@
---
name: test-driven-development
description: Use when implementing any feature or bugfix, before writing implementation code
---
# Test-Driven Development (TDD)
## Overview
Write the test first. Watch it fail. Write minimal code to pass.
**Core principle:** If you didn't watch the test fail, you don't know if it tests the right thing.
**Violating the letter of the rules is violating the spirit of the rules.**
## When to Use
**Always:**
- New features
- Bug fixes
- Refactoring
- Behavior changes
**Exceptions (ask your human partner):**
- Throwaway prototypes
- Generated code
- Configuration files
Thinking "skip TDD just this once"? Stop. That's rationalization.
## The Iron Law
```
NO PRODUCTION CODE WITHOUT A FAILING TEST FIRST
```
Write code before the test? Delete it. Start over.
**No exceptions:**
- Don't keep it as "reference"
- Don't "adapt" it while writing tests
- Don't look at it
- Delete means delete
Implement fresh from tests. Period.
## Red-Green-Refactor
```dot
digraph tdd_cycle {
rankdir=LR;
red [label="RED\nWrite failing test", shape=box, style=filled, fillcolor="#ffcccc"];
verify_red [label="Verify fails\ncorrectly", shape=diamond];
green [label="GREEN\nMinimal code", shape=box, style=filled, fillcolor="#ccffcc"];
verify_green [label="Verify passes\nAll green", shape=diamond];
refactor [label="REFACTOR\nClean up", shape=box, style=filled, fillcolor="#ccccff"];
next [label="Next", shape=ellipse];
red -> verify_red;
verify_red -> green [label="yes"];
verify_red -> red [label="wrong\nfailure"];
green -> verify_green;
verify_green -> refactor [label="yes"];
verify_green -> green [label="no"];
refactor -> verify_green [label="stay\ngreen"];
verify_green -> next;
next -> red;
}
```
### RED - Write Failing Test
Write one minimal test showing what should happen.
<Good>
```typescript
test('retries failed operations 3 times', async () => {
let attempts = 0;
const operation = () => {
attempts++;
if (attempts < 3) throw new Error('fail');
return 'success';
};
const result = await retryOperation(operation);
expect(result).toBe('success');
expect(attempts).toBe(3);
});
```
Clear name, tests real behavior, one thing
</Good>
<Bad>
```typescript
test('retry works', async () => {
const mock = jest.fn()
.mockRejectedValueOnce(new Error())
.mockRejectedValueOnce(new Error())
.mockResolvedValueOnce('success');
await retryOperation(mock);
expect(mock).toHaveBeenCalledTimes(3);
});
```
Vague name, tests mock not code
</Bad>
**Requirements:**
- One behavior
- Clear name
- Real code (no mocks unless unavoidable)
### Verify RED - Watch It Fail
**MANDATORY. Never skip.**
```bash
npm test path/to/test.test.ts
```
Confirm:
- Test fails (not errors)
- Failure message is expected
- Fails because feature missing (not typos)
**Test passes?** You're testing existing behavior. Fix test.
**Test errors?** Fix error, re-run until it fails correctly.
### GREEN - Minimal Code
Write simplest code to pass the test.
<Good>
```typescript
async function retryOperation<T>(fn: () => Promise<T>): Promise<T> {
for (let i = 0; i < 3; i++) {
try {
return await fn();
} catch (e) {
if (i === 2) throw e;
}
}
throw new Error('unreachable');
}
```
Just enough to pass
</Good>
<Bad>
```typescript
async function retryOperation<T>(
fn: () => Promise<T>,
options?: {
maxRetries?: number;
backoff?: 'linear' | 'exponential';
onRetry?: (attempt: number) => void;
}
): Promise<T> {
// YAGNI
}
```
Over-engineered
</Bad>
Don't add features, refactor other code, or "improve" beyond the test.
### Verify GREEN - Watch It Pass
**MANDATORY.**
```bash
npm test path/to/test.test.ts
```
Confirm:
- Test passes
- Other tests still pass
- Output pristine (no errors, warnings)
**Test fails?** Fix code, not test.
**Other tests fail?** Fix now.
### REFACTOR - Clean Up
After green only:
- Remove duplication
- Improve names
- Extract helpers
Keep tests green. Don't add behavior.
### Repeat
Next failing test for next feature.
## Good Tests
| Quality | Good | Bad |
|---------|------|-----|
| **Minimal** | One thing. "and" in name? Split it. | `test('validates email and domain and whitespace')` |
| **Clear** | Name describes behavior | `test('test1')` |
| **Shows intent** | Demonstrates desired API | Obscures what code should do |
## Why Order Matters
**"I'll write tests after to verify it works"**
Tests written after code pass immediately. Passing immediately proves nothing:
- Might test wrong thing
- Might test implementation, not behavior
- Might miss edge cases you forgot
- You never saw it catch the bug
Test-first forces you to see the test fail, proving it actually tests something.
**"I already manually tested all the edge cases"**
Manual testing is ad-hoc. You think you tested everything but:
- No record of what you tested
- Can't re-run when code changes
- Easy to forget cases under pressure
- "It worked when I tried it" ≠ comprehensive
Automated tests are systematic. They run the same way every time.
**"Deleting X hours of work is wasteful"**
Sunk cost fallacy. The time is already gone. Your choice now:
- Delete and rewrite with TDD (X more hours, high confidence)
- Keep it and add tests after (30 min, low confidence, likely bugs)
The "waste" is keeping code you can't trust. Working code without real tests is technical debt.
**"TDD is dogmatic, being pragmatic means adapting"**
TDD IS pragmatic:
- Finds bugs before commit (faster than debugging after)
- Prevents regressions (tests catch breaks immediately)
- Documents behavior (tests show how to use code)
- Enables refactoring (change freely, tests catch breaks)
"Pragmatic" shortcuts = debugging in production = slower.
**"Tests after achieve the same goals - it's spirit not ritual"**
No. Tests-after answer "What does this do?" Tests-first answer "What should this do?"
Tests-after are biased by your implementation. You test what you built, not what's required. You verify remembered edge cases, not discovered ones.
Tests-first force edge case discovery before implementing. Tests-after verify you remembered everything (you didn't).
30 minutes of tests after ≠ TDD. You get coverage, lose proof tests work.
## Common Rationalizations
| Excuse | Reality |
|--------|---------|
| "Too simple to test" | Simple code breaks. Test takes 30 seconds. |
| "I'll test after" | Tests passing immediately prove nothing. |
| "Tests after achieve same goals" | Tests-after = "what does this do?" Tests-first = "what should this do?" |
| "Already manually tested" | Ad-hoc ≠ systematic. No record, can't re-run. |
| "Deleting X hours is wasteful" | Sunk cost fallacy. Keeping unverified code is technical debt. |
| "Keep as reference, write tests first" | You'll adapt it. That's testing after. Delete means delete. |
| "Need to explore first" | Fine. Throw away exploration, start with TDD. |
| "Test hard = design unclear" | Listen to test. Hard to test = hard to use. |
| "TDD will slow me down" | TDD faster than debugging. Pragmatic = test-first. |
| "Manual test faster" | Manual doesn't prove edge cases. You'll re-test every change. |
| "Existing code has no tests" | You're improving it. Add tests for existing code. |
## Red Flags - STOP and Start Over
- Code before test
- Test after implementation
- Test passes immediately
- Can't explain why test failed
- Tests added "later"
- Rationalizing "just this once"
- "I already manually tested it"
- "Tests after achieve the same purpose"
- "It's about spirit not ritual"
- "Keep as reference" or "adapt existing code"
- "Already spent X hours, deleting is wasteful"
- "TDD is dogmatic, I'm being pragmatic"
- "This is different because..."
**All of these mean: Delete code. Start over with TDD.**
## Example: Bug Fix
**Bug:** Empty email accepted
**RED**
```typescript
test('rejects empty email', async () => {
const result = await submitForm({ email: '' });
expect(result.error).toBe('Email required');
});
```
**Verify RED**
```bash
$ npm test
FAIL: expected 'Email required', got undefined
```
**GREEN**
```typescript
function submitForm(data: FormData) {
if (!data.email?.trim()) {
return { error: 'Email required' };
}
// ...
}
```
**Verify GREEN**
```bash
$ npm test
PASS
```
**REFACTOR**
Extract validation for multiple fields if needed.
## Verification Checklist
Before marking work complete:
- [ ] Every new function/method has a test
- [ ] Watched each test fail before implementing
- [ ] Each test failed for expected reason (feature missing, not typo)
- [ ] Wrote minimal code to pass each test
- [ ] All tests pass
- [ ] Output pristine (no errors, warnings)
- [ ] Tests use real code (mocks only if unavoidable)
- [ ] Edge cases and errors covered
Can't check all boxes? You skipped TDD. Start over.
## When Stuck
| Problem | Solution |
|---------|----------|
| Don't know how to test | Write wished-for API. Write assertion first. Ask your human partner. |
| Test too complicated | Design too complicated. Simplify interface. |
| Must mock everything | Code too coupled. Use dependency injection. |
| Test setup huge | Extract helpers. Still complex? Simplify design. |
## Debugging Integration
Bug found? Write failing test reproducing it. Follow TDD cycle. Test proves fix and prevents regression.
Never fix bugs without a test.
## Testing Anti-Patterns
When adding mocks or test utilities, read @testing-anti-patterns.md to avoid common pitfalls:
- Testing mock behavior instead of real behavior
- Adding test-only methods to production classes
- Mocking without understanding dependencies
## Final Rule
```
Production code → test exists and failed first
Otherwise → not TDD
```
No exceptions without your human partner's permission.

299
.qoder/skills/test-driven-development/testing-anti-patterns.md
View File

@@ -1,299 +0,0 @@
# Testing Anti-Patterns
**Load this reference when:** writing or changing tests, adding mocks, or tempted to add test-only methods to production code.
## Overview
Tests must verify real behavior, not mock behavior. Mocks are a means to isolate, not the thing being tested.
**Core principle:** Test what the code does, not what the mocks do.
**Following strict TDD prevents these anti-patterns.**
## The Iron Laws
```
1. NEVER test mock behavior
2. NEVER add test-only methods to production classes
3. NEVER mock without understanding dependencies
```
## Anti-Pattern 1: Testing Mock Behavior
**The violation:**
```typescript
// ❌ BAD: Testing that the mock exists
test('renders sidebar', () => {
render(<Page />);
expect(screen.getByTestId('sidebar-mock')).toBeInTheDocument();
});
```
**Why this is wrong:**
- You're verifying the mock works, not that the component works
- Test passes when mock is present, fails when it's not
- Tells you nothing about real behavior
**your human partner's correction:** "Are we testing the behavior of a mock?"
**The fix:**
```typescript
// ✅ GOOD: Test real component or don't mock it
test('renders sidebar', () => {
render(<Page />); // Don't mock sidebar
expect(screen.getByRole('navigation')).toBeInTheDocument();
});
// OR if sidebar must be mocked for isolation:
// Don't assert on the mock - test Page's behavior with sidebar present
```
### Gate Function
```
BEFORE asserting on any mock element:
Ask: "Am I testing real component behavior or just mock existence?"
IF testing mock existence:
STOP - Delete the assertion or unmock the component
Test real behavior instead
```
## Anti-Pattern 2: Test-Only Methods in Production
**The violation:**
```typescript
// ❌ BAD: destroy() only used in tests
class Session {
async destroy() { // Looks like production API!
await this._workspaceManager?.destroyWorkspace(this.id);
// ... cleanup
}
}
// In tests
afterEach(() => session.destroy());
```
**Why this is wrong:**
- Production class polluted with test-only code
- Dangerous if accidentally called in production
- Violates YAGNI and separation of concerns
- Confuses object lifecycle with entity lifecycle
**The fix:**
```typescript
// ✅ GOOD: Test utilities handle test cleanup
// Session has no destroy() - it's stateless in production
// In test-utils/
export async function cleanupSession(session: Session) {
const workspace = session.getWorkspaceInfo();
if (workspace) {
await workspaceManager.destroyWorkspace(workspace.id);
}
}
// In tests
afterEach(() => cleanupSession(session));
```
### Gate Function
```
BEFORE adding any method to production class:
Ask: "Is this only used by tests?"
IF yes:
STOP - Don't add it
Put it in test utilities instead
Ask: "Does this class own this resource's lifecycle?"
IF no:
STOP - Wrong class for this method
```
## Anti-Pattern 3: Mocking Without Understanding
**The violation:**
```typescript
// ❌ BAD: Mock breaks test logic
test('detects duplicate server', () => {
// Mock prevents config write that test depends on!
vi.mock('ToolCatalog', () => ({
discoverAndCacheTools: vi.fn().mockResolvedValue(undefined)
}));
await addServer(config);
await addServer(config); // Should throw - but won't!
});
```
**Why this is wrong:**
- Mocked method had side effect test depended on (writing config)
- Over-mocking to "be safe" breaks actual behavior
- Test passes for wrong reason or fails mysteriously
**The fix:**
```typescript
// ✅ GOOD: Mock at correct level
test('detects duplicate server', () => {
// Mock the slow part, preserve behavior test needs
vi.mock('MCPServerManager'); // Just mock slow server startup
await addServer(config); // Config written
await addServer(config); // Duplicate detected ✓
});
```
### Gate Function
```
BEFORE mocking any method:
STOP - Don't mock yet
1. Ask: "What side effects does the real method have?"
2. Ask: "Does this test depend on any of those side effects?"
3. Ask: "Do I fully understand what this test needs?"
IF depends on side effects:
Mock at lower level (the actual slow/external operation)
OR use test doubles that preserve necessary behavior
NOT the high-level method the test depends on
IF unsure what test depends on:
Run test with real implementation FIRST
Observe what actually needs to happen
THEN add minimal mocking at the right level
Red flags:
- "I'll mock this to be safe"
- "This might be slow, better mock it"
- Mocking without understanding the dependency chain
```
## Anti-Pattern 4: Incomplete Mocks
**The violation:**
```typescript
// ❌ BAD: Partial mock - only fields you think you need
const mockResponse = {
status: 'success',
data: { userId: '123', name: 'Alice' }
// Missing: metadata that downstream code uses
};
// Later: breaks when code accesses response.metadata.requestId
```
**Why this is wrong:**
- **Partial mocks hide structural assumptions** - You only mocked fields you know about
- **Downstream code may depend on fields you didn't include** - Silent failures
- **Tests pass but integration fails** - Mock incomplete, real API complete
- **False confidence** - Test proves nothing about real behavior
**The Iron Rule:** Mock the COMPLETE data structure as it exists in reality, not just fields your immediate test uses.
**The fix:**
```typescript
// ✅ GOOD: Mirror real API completeness
const mockResponse = {
status: 'success',
data: { userId: '123', name: 'Alice' },
metadata: { requestId: 'req-789', timestamp: 1234567890 }
// All fields real API returns
};
```
### Gate Function
```
BEFORE creating mock responses:
Check: "What fields does the real API response contain?"
Actions:
1. Examine actual API response from docs/examples
2. Include ALL fields system might consume downstream
3. Verify mock matches real response schema completely
Critical:
If you're creating a mock, you must understand the ENTIRE structure
Partial mocks fail silently when code depends on omitted fields
If uncertain: Include all documented fields
```
## Anti-Pattern 5: Integration Tests as Afterthought
**The violation:**
```
✅ Implementation complete
❌ No tests written
"Ready for testing"
```
**Why this is wrong:**
- Testing is part of implementation, not optional follow-up
- TDD would have caught this
- Can't claim complete without tests
**The fix:**
```
TDD cycle:
1. Write failing test
2. Implement to pass
3. Refactor
4. THEN claim complete
```
## When Mocks Become Too Complex
**Warning signs:**
- Mock setup longer than test logic
- Mocking everything to make test pass
- Mocks missing methods real components have
- Test breaks when mock changes
**your human partner's question:** "Do we need to be using a mock here?"
**Consider:** Integration tests with real components often simpler than complex mocks
## TDD Prevents These Anti-Patterns
**Why TDD helps:**
1. **Write test first** → Forces you to think about what you're actually testing
2. **Watch it fail** → Confirms test tests real behavior, not mocks
3. **Minimal implementation** → No test-only methods creep in
4. **Real dependencies** → You see what the test actually needs before mocking
**If you're testing mock behavior, you violated TDD** - you added mocks without watching test fail against real code first.
## Quick Reference
| Anti-Pattern | Fix |
|--------------|-----|
| Assert on mock elements | Test real component or unmock it |
| Test-only methods in production | Move to test utilities |
| Mock without understanding | Understand dependencies first, mock minimally |
| Incomplete mocks | Mirror real API completely |
| Tests as afterthought | TDD - tests first |
| Over-complex mocks | Consider integration tests |
## Red Flags
- Assertion checks for `*-mock` test IDs
- Methods only called in test files
- Mock setup is >50% of test
- Test fails when you remove mock
- Can't explain why mock is needed
- Mocking "just to be safe"
## The Bottom Line
**Mocks are tools to isolate, not things to test.**
If TDD reveals you're testing mock behavior, you've gone wrong.
Fix: Test real behavior or question why you're mocking at all.

55
.qoder/skills/understand-chat/SKILL.md
View File

@@ -1,55 +0,0 @@
---
name: understand-chat
description: Use when you need to ask questions about a codebase or understand code using a knowledge graph
argument-hint: [query]
---
# /understand-chat
Answer questions about this codebase using the knowledge graph at `.understand-anything/knowledge-graph.json`.
## Graph Structure Reference
The knowledge graph JSON has this structure:
- `project` — {name, description, languages, frameworks, analyzedAt, gitCommitHash}
- `nodes[]` — each has {id, type, name, filePath?, summary, tags[], complexity, languageNotes?}
- Code node types: file, function, class, module, concept
- Non-code node types: config, document, service, table, endpoint, pipeline, schema, resource
- Domain/knowledge node types: domain, flow, step, article, entity, topic, claim, source
- IDs use the node type as prefix, e.g. `file:path`, `function:path:name`, `config:path`, `article:path`
- `edges[]` — each has {source, target, type, direction, weight}
- Key types: imports, contains, calls, depends_on, configures, documents, deploys, triggers, contains_flow, flow_step, related, cites
- `layers[]` — each has {id, name, description, nodeIds[]}
- `tour[]` — each has {order, title, description, nodeIds[]}
## How to Read Efficiently
1. Use Grep to search within the JSON for relevant entries BEFORE reading the full file
2. Only read sections you need — don't dump the entire graph into context
3. Node names and summaries are the most useful fields for understanding
4. Edges tell you how components connect — follow imports and calls for dependency chains
## Instructions
1. Check that `.understand-anything/knowledge-graph.json` exists in the current project root. If not, tell the user to run `/understand` first.
2. **Read project metadata only** — use Grep or Read with a line limit to extract just the `"project"` section from the top of the file for context (name, description, languages, frameworks).
3. **Search for relevant nodes** — use Grep to search the knowledge graph file for the user's query keywords: "$ARGUMENTS"
- Search `"name"` fields: `grep -i "query_keyword"` in the graph file
- Search `"summary"` fields for semantic matches
- Search `"tags"` arrays for topic matches
- Note the `id` values of all matching nodes
4. **Find connected edges** — for each matched node ID, Grep for that ID in the `edges` section to find:
- What it imports or depends on (downstream)
- What calls or imports it (upstream)
- This gives you the 1-hop subgraph around the query
5. **Read layer context** — Grep for `"layers"` to understand which architectural layers the matched nodes belong to.
6. **Answer the query** using only the relevant subgraph:
- Reference specific files, functions, and relationships from the graph
- Explain which layer(s) are relevant and why
- Be concise but thorough — link concepts to actual code locations
- If the query doesn't match any nodes, say so and suggest related terms from the graph

105
.qoder/skills/understand-dashboard/SKILL.md
View File

@@ -1,105 +0,0 @@
---
name: understand-dashboard
description: Launch the interactive web dashboard to visualize a codebase's knowledge graph
argument-hint: [project-path]
---
# /understand-dashboard
Start the Understand Anything dashboard to visualize the knowledge graph for the current project.
## Instructions
1. Determine the project directory:
- If `$ARGUMENTS` contains a path, use that as the project directory
- Otherwise, use the current working directory
2. Check that `.understand-anything/knowledge-graph.json` exists in the project directory. If not, tell the user:
```
No knowledge graph found. Run /understand first to analyze this project.
```
3. Find the dashboard code. The dashboard is at `packages/dashboard/` relative to this plugin's root directory. Check these paths in order and use the first that exists:
- `${CLAUDE_PLUGIN_ROOT}/packages/dashboard/` (Claude Code runtime root, highest priority)
- `~/.understand-anything-plugin/packages/dashboard/` (universal symlink, all installs)
- Two levels up from `~/.agents/skills/understand-dashboard` real path (self-relative fallback)
- Two levels up from `~/.copilot/skills/understand-dashboard` real path (Copilot personal skills fallback)
- Common clone-based install roots:
- `~/.codex/understand-anything/understand-anything-plugin/packages/dashboard/`
- `~/.opencode/understand-anything/understand-anything-plugin/packages/dashboard/`
- `~/.pi/understand-anything/understand-anything-plugin/packages/dashboard/`
- `~/understand-anything/understand-anything-plugin/packages/dashboard/`
Use the Bash tool to resolve:
```bash
SKILL_REAL=$(realpath ~/.agents/skills/understand-dashboard 2>/dev/null || readlink -f ~/.agents/skills/understand-dashboard 2>/dev/null || echo "")
SELF_RELATIVE=$([ -n "$SKILL_REAL" ] && cd "$SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
COPILOT_SKILL_REAL=$(realpath ~/.copilot/skills/understand-dashboard 2>/dev/null || readlink -f ~/.copilot/skills/understand-dashboard 2>/dev/null || echo "")
COPILOT_SELF_RELATIVE=$([ -n "$COPILOT_SKILL_REAL" ] && cd "$COPILOT_SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
PLUGIN_ROOT=""
for candidate in \
"${CLAUDE_PLUGIN_ROOT}" \
"$HOME/.understand-anything-plugin" \
"$SELF_RELATIVE" \
"$COPILOT_SELF_RELATIVE" \
"$HOME/.codex/understand-anything/understand-anything-plugin" \
"$HOME/.opencode/understand-anything/understand-anything-plugin" \
"$HOME/.pi/understand-anything/understand-anything-plugin" \
"$HOME/understand-anything/understand-anything-plugin"; do
if [ -n "$candidate" ] && [ -d "$candidate/packages/dashboard" ]; then
PLUGIN_ROOT="$candidate"; break
fi
done
if [ -z "$PLUGIN_ROOT" ]; then
echo "Error: Cannot find the understand-anything plugin root."
echo "Checked:"
echo " - ${CLAUDE_PLUGIN_ROOT:-<unset CLAUDE_PLUGIN_ROOT>}"
echo " - $HOME/.understand-anything-plugin"
echo " - ${SELF_RELATIVE:-<unresolved path derived from ~/.agents/skills/understand-dashboard>}"
echo " - ${COPILOT_SELF_RELATIVE:-<unresolved path derived from ~/.copilot/skills/understand-dashboard>}"
echo " - $HOME/.codex/understand-anything/understand-anything-plugin"
echo " - $HOME/.opencode/understand-anything/understand-anything-plugin"
echo " - $HOME/.pi/understand-anything/understand-anything-plugin"
echo " - $HOME/understand-anything/understand-anything-plugin"
echo "Make sure you followed the installation instructions for your platform."
exit 1
fi
```
4. Install dependencies and build if needed:
```bash
cd <dashboard-dir> && pnpm install --frozen-lockfile 2>/dev/null || pnpm install
```
Then ensure the core package is built (the dashboard depends on it):
```bash
cd <plugin-root> && pnpm --filter @understand-anything/core build
```
5. Start the Vite dev server pointing at the project's knowledge graph:
```bash
cd <dashboard-dir> && GRAPH_DIR=<project-dir> npx vite --host 127.0.0.1
```
Run this in the background so the user can continue working.
6. **Capture the access token URL from the server output.** The Vite server prints a line like:
```
🔑 Dashboard URL: http://127.0.0.1:<PORT>?token=<TOKEN>
```
Extract the full URL including the `?token=` parameter. The token is required to access the knowledge graph data — without it the dashboard will show an "Access Token Required" gate.
7. Report to the user, including the full tokenized URL:
```
Dashboard started at http://127.0.0.1:<PORT>?token=<TOKEN>
Viewing: <project-dir>/.understand-anything/knowledge-graph.json
The dashboard is running in the background. Press Ctrl+C in the terminal to stop it.
```
**Important:** Always include the `?token=` parameter in the URL you share. If you omit it, the user will be blocked by the token gate and have to manually find the token in the terminal output.
## Notes
- The dashboard auto-opens in the default browser via `--open`
- If port 5173 is already in use, Vite will pick the next available port
- The `GRAPH_DIR` environment variable tells the dashboard where to find the knowledge graph

72
.qoder/skills/understand-diff/SKILL.md
View File

@@ -1,72 +0,0 @@
---
name: understand-diff
description: Use when you need to analyze git diffs or pull requests to understand what changed, affected components, and risks
---
# /understand-diff
Analyze the current code changes against the knowledge graph at `.understand-anything/knowledge-graph.json`.
## Graph Structure Reference
The knowledge graph JSON has this structure:
- `project` — {name, description, languages, frameworks, analyzedAt, gitCommitHash}
- `nodes[]` — each has {id, type, name, filePath?, summary, tags[], complexity, languageNotes?}
- Code node types: file, function, class, module, concept
- Non-code node types: config, document, service, table, endpoint, pipeline, schema, resource
- Domain/knowledge node types: domain, flow, step, article, entity, topic, claim, source
- IDs use the node type as prefix, e.g. `file:path`, `function:path:name`, `config:path`, `article:path`
- `edges[]` — each has {source, target, type, direction, weight}
- Key types: imports, contains, calls, depends_on, configures, documents, deploys, triggers, contains_flow, flow_step, related, cites
- `layers[]` — each has {id, name, description, nodeIds[]}
- `tour[]` — each has {order, title, description, nodeIds[]}
## How to Read Efficiently
1. Use Grep to search within the JSON for relevant entries BEFORE reading the full file
2. Only read sections you need — don't dump the entire graph into context
3. Node names and summaries are the most useful fields for understanding
4. Edges tell you how components connect — follow imports and calls for dependency chains
## Instructions
1. Check that `.understand-anything/knowledge-graph.json` exists. If not, tell the user to run `/understand` first.
2. **Get the changed files list** (do NOT read the graph yet):
- If on a branch with uncommitted changes: `git diff --name-only`
- If on a feature branch: `git diff main...HEAD --name-only` (or the base branch)
- If the user specifies a PR number: get the diff from that PR
3. **Read project metadata only** — use Grep or Read with a line limit to extract just the `"project"` section for context.
4. **Find nodes for changed files** — for each changed file path, use Grep to search the knowledge graph for:
- Nodes with matching `"filePath"` values (e.g., `grep "changed/file/path"`)
- This finds file-level nodes (including non-code types) AND function/class nodes defined in those files
- Note the `id` values of all matched nodes
5. **Find connected edges (1-hop)** — for each matched node ID, Grep for that ID in the edges to find:
- What imports or depends on the changed nodes (upstream callers)
- What the changed nodes import or call (downstream dependencies)
- These are the "affected components" — things that might break or need updating
6. **Identify affected layers** — Grep for the matched node IDs in the `"layers"` section to determine which architectural layers are touched.
7. **Provide structured analysis**:
- **Changed Components**: What was directly modified (with summaries from matched nodes)
- **Affected Components**: What might be impacted (from 1-hop edges)
- **Affected Layers**: Which architectural layers are touched and cross-layer concerns
- **Risk Assessment**: Based on node `complexity` values, number of cross-layer edges, and blast radius (number of affected components)
- Suggest what to review carefully and any potential issues
8. **Write diff overlay for dashboard** — after producing the analysis, write the diff data to `.understand-anything/diff-overlay.json` so the dashboard can visualize changed and affected components. The file contains:
```json
{
"version": "1.0.0",
"baseBranch": "<the base branch used>",
"generatedAt": "<ISO timestamp>",
"changedFiles": ["<list of changed file paths>"],
"changedNodeIds": ["<node IDs from step 4>"],
"affectedNodeIds": ["<node IDs from step 5, excluding changedNodeIds>"]
}
```
After writing, tell the user they can run `/understand-anything:understand-dashboard` to see the diff overlay visually.

140
.qoder/skills/understand-domain/SKILL.md
View File

@@ -1,140 +0,0 @@
---
name: understand-domain
description: Extract business domain knowledge from a codebase and generate an interactive domain flow graph. Works standalone (lightweight scan) or derives from an existing /understand knowledge graph.
argument-hint: [--full]
---
# /understand-domain
Extracts business domain knowledge — domains, business flows, and process steps — from a codebase and produces an interactive horizontal flow graph in the dashboard.
## How It Works
- If a knowledge graph already exists (`.understand-anything/knowledge-graph.json`), derives domain knowledge from it (cheap, no file scanning)
- If no knowledge graph exists, performs a lightweight scan: file tree + entry point detection + sampled files
- Use `--full` flag to force a fresh scan even if a knowledge graph exists
## Instructions
### Phase 0: Resolve `PROJECT_ROOT`
Set `PROJECT_ROOT` to the current working directory.
**Worktree redirect.** If `PROJECT_ROOT` is inside a git worktree (not the main checkout), redirect output to the main repository root. Worktrees managed by Claude Code are ephemeral — `.understand-anything/` written there is destroyed when the session ends, taking the domain graph with it (issue #133). Detect a worktree by comparing `git rev-parse --git-dir` against `git rev-parse --git-common-dir`; in a normal checkout or submodule they resolve to the same path, in a worktree they differ and the parent of `--git-common-dir` is the main repo root.
```bash
COMMON_DIR=$(git -C "$PROJECT_ROOT" rev-parse --git-common-dir 2>/dev/null)
GIT_DIR=$(git -C "$PROJECT_ROOT" rev-parse --git-dir 2>/dev/null)
if [ -n "$COMMON_DIR" ] && [ -n "$GIT_DIR" ]; then
COMMON_ABS=$(cd "$PROJECT_ROOT" && cd "$COMMON_DIR" 2>/dev/null && pwd -P)
GIT_ABS=$(cd "$PROJECT_ROOT" && cd "$GIT_DIR" 2>/dev/null && pwd -P)
if [ -n "$COMMON_ABS" ] && [ "$COMMON_ABS" != "$GIT_ABS" ]; then
MAIN_ROOT=$(dirname "$COMMON_ABS")
if [ -d "$MAIN_ROOT" ] && [ "${UNDERSTAND_NO_WORKTREE_REDIRECT:-0}" != "1" ]; then
echo "[understand-domain] Detected git worktree at $PROJECT_ROOT"
echo "[understand-domain] Redirecting output to main repo root: $MAIN_ROOT"
echo "[understand-domain] (Set UNDERSTAND_NO_WORKTREE_REDIRECT=1 to keep PROJECT_ROOT as the worktree.)"
PROJECT_ROOT="$MAIN_ROOT"
fi
fi
fi
```
Use `$PROJECT_ROOT` (not the bare CWD) for every reference to "the current project" / `<project-root>` in subsequent phases.
**Important:** do **not** assume the plugin root is simply two directories above the skill path string. In many installations `~/.agents/skills/understand-domain` is a symlink into the real plugin checkout. Prefer runtime-provided plugin roots first (for Claude), then fall back to universal symlinks, skill symlink resolution, and common clone-based install paths.
Resolve the plugin root like this:
```bash
SKILL_REAL=$(realpath ~/.agents/skills/understand-domain 2>/dev/null || readlink -f ~/.agents/skills/understand-domain 2>/dev/null || echo "")
SELF_RELATIVE=$([ -n "$SKILL_REAL" ] && cd "$SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
COPILOT_SKILL_REAL=$(realpath ~/.copilot/skills/understand-domain 2>/dev/null || readlink -f ~/.copilot/skills/understand-domain 2>/dev/null || echo "")
COPILOT_SELF_RELATIVE=$([ -n "$COPILOT_SKILL_REAL" ] && cd "$COPILOT_SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
PLUGIN_ROOT=""
for candidate in \
"${CLAUDE_PLUGIN_ROOT}" \
"$HOME/.understand-anything-plugin" \
"$SELF_RELATIVE" \
"$COPILOT_SELF_RELATIVE" \
"$HOME/.codex/understand-anything/understand-anything-plugin" \
"$HOME/.opencode/understand-anything/understand-anything-plugin" \
"$HOME/.pi/understand-anything/understand-anything-plugin" \
"$HOME/understand-anything/understand-anything-plugin"; do
if [ -n "$candidate" ] && [ -f "$candidate/package.json" ] && [ -f "$candidate/pnpm-workspace.yaml" ]; then
PLUGIN_ROOT="$candidate"
break
fi
done
if [ -z "$PLUGIN_ROOT" ]; then
echo "Error: Cannot find the understand-anything plugin root."
echo "Checked:"
echo " - ${CLAUDE_PLUGIN_ROOT:-<unset CLAUDE_PLUGIN_ROOT>}"
echo " - $HOME/.understand-anything-plugin"
echo " - ${SELF_RELATIVE:-<unresolved path derived from ~/.agents/skills/understand-domain>}"
echo " - ${COPILOT_SELF_RELATIVE:-<unresolved path derived from ~/.copilot/skills/understand-domain>}"
echo " - $HOME/.codex/understand-anything/understand-anything-plugin"
echo " - $HOME/.opencode/understand-anything/understand-anything-plugin"
echo " - $HOME/.pi/understand-anything/understand-anything-plugin"
echo " - $HOME/understand-anything/understand-anything-plugin"
echo "Make sure the plugin is installed correctly."
exit 1
fi
```
Use `$PLUGIN_ROOT` for every reference to agent definitions in subsequent phases.
### Phase 1: Detect Existing Graph
1. Check if `$PROJECT_ROOT/.understand-anything/knowledge-graph.json` exists
2. If it exists AND `--full` was NOT passed → proceed to Phase 3 (derive from graph)
3. Otherwise → proceed to Phase 2 (lightweight scan)
### Phase 2: Lightweight Scan (Path 1)
The preprocessing script does NOT produce a domain graph — it produces **raw material** (file tree, entry points, exports/imports) so the domain-analyzer agent can focus on the actual domain analysis instead of spending dozens of tool calls exploring the codebase. Think of it as a cheat sheet: cheap Python preprocessing → expensive LLM gets a clean, small input → better results for less cost.
1. Run the preprocessing script bundled with this skill, passing `$PROJECT_ROOT` from Phase 0:
```
python ./extract-domain-context.py "$PROJECT_ROOT"
```
This outputs `$PROJECT_ROOT/.understand-anything/intermediate/domain-context.json` containing:
- File tree (respecting `.gitignore`)
- Detected entry points (HTTP routes, CLI commands, event handlers, cron jobs, exported handlers)
- File signatures (exports, imports per file)
- Code snippets for each entry point (signature + first few lines)
- Project metadata (package.json, README, etc.)
2. Read the generated `domain-context.json` as context for Phase 4
3. Proceed to Phase 4
### Phase 3: Derive from Existing Graph (Path 2)
1. Read `$PROJECT_ROOT/.understand-anything/knowledge-graph.json`
2. Format the graph data as structured context:
- All nodes with their types, names, summaries, and tags
- All edges with their types (especially `calls`, `imports`, `contains`)
- All layers with their descriptions
- Tour steps if available
3. This is the context for the domain analyzer — no file reading needed
4. Proceed to Phase 4
### Phase 4: Domain Analysis
1. Read the domain-analyzer agent prompt from `$PLUGIN_ROOT/agents/domain-analyzer.md`
2. Dispatch a subagent with the domain-analyzer prompt + the context from Phase 2 or 3
3. The agent writes its output to `$PROJECT_ROOT/.understand-anything/intermediate/domain-analysis.json`
### Phase 5: Validate and Save
1. Read the domain analysis output
2. Validate using the standard graph validation pipeline (the schema now supports domain/flow/step types)
3. If validation fails, log warnings but save what's valid (error tolerance)
4. Save to `$PROJECT_ROOT/.understand-anything/domain-graph.json`
5. Clean up `$PROJECT_ROOT/.understand-anything/intermediate/domain-analysis.json` and `$PROJECT_ROOT/.understand-anything/intermediate/domain-context.json`
### Phase 6: Launch Dashboard
1. Auto-trigger `/understand-dashboard` to visualize the domain graph
2. The dashboard will detect `domain-graph.json` and show the domain view by default

428
.qoder/skills/understand-domain/extract-domain-context.py
View File

@@ -1,428 +0,0 @@
#!/usr/bin/env python3
"""
extract-domain-context.py — Lightweight codebase scanner for domain knowledge extraction.
Scans a project directory and produces a structured JSON context file that the
domain-analyzer agent uses to identify business domains, flows, and steps.
Usage:
python extract-domain-context.py <project-root>
Output:
<project-root>/.understand-anything/intermediate/domain-context.json
"""
import json
import os
import re
import sys
from pathlib import Path
from typing import Any
# ── Configuration ──────────────────────────────────────────────────────────
MAX_FILE_TREE_DEPTH = 6
MAX_FILES_PER_DIR = 50
MAX_FILES_TOTAL = 5000
MAX_SAMPLED_FILES = 40
MAX_LINES_PER_FILE = 80
MAX_ENTRY_POINTS = 200
MAX_OUTPUT_BYTES = 512 * 1024 # 512 KB — keeps output within agent context limits
# File extensions we care about for domain analysis
SOURCE_EXTENSIONS = {
".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs",
".py", ".pyi",
".go",
".rs",
".java", ".kt", ".scala",
".rb",
".cs",
".php",
".swift",
".c", ".cpp", ".h", ".hpp",
".ex", ".exs",
".hs",
".lua",
".r", ".R",
}
# Directories to always skip
SKIP_DIRS = {
"node_modules", ".git", ".svn", ".hg", "__pycache__", ".tox",
"venv", ".venv", "env", ".env", "dist", "build", "out", ".next",
".nuxt", "target", "vendor", ".idea", ".vscode", "coverage",
".understand-anything", ".pytest_cache", ".mypy_cache",
"Pods", "DerivedData", ".gradle", "bin", "obj",
}
# Files that reveal project metadata
METADATA_FILES = [
"package.json", "Cargo.toml", "go.mod", "pyproject.toml",
"setup.py", "setup.cfg", "pom.xml", "build.gradle",
"Gemfile", "composer.json", "mix.exs", "Makefile",
"docker-compose.yml", "docker-compose.yaml",
"README.md", "README.rst", "README.txt", "README",
]
# ── Entry point detection patterns ─────────────────────────────────────────
ENTRY_POINT_PATTERNS: list[tuple[str, str, re.Pattern[str]]] = [
# HTTP routes
("http", "Express/Koa route", re.compile(
r"""(?:app|router|server)\s*\.\s*(?:get|post|put|patch|delete|all|use)\s*\(\s*['"](/[^'"]*?)['"]""",
re.IGNORECASE,
)),
("http", "Decorator route (Flask/FastAPI/NestJS)", re.compile(
r"""@(?:app\.)?(?:route|get|post|put|patch|delete|api_view|RequestMapping|GetMapping|PostMapping)\s*\(\s*['"](/[^'"]*?)['"]""",
re.IGNORECASE,
)),
("http", "Next.js/Remix route handler", re.compile(
r"""export\s+(?:async\s+)?function\s+(GET|POST|PUT|PATCH|DELETE|HEAD|OPTIONS)\b""",
)),
# CLI
("cli", "CLI command", re.compile(
r"""\.command\s*\(\s*['"]([\w\-:]+)['"]""",
)),
("cli", "argparse subparser", re.compile(
r"""add_parser\s*\(\s*['"]([\w\-]+)['"]""",
)),
# Event handlers
("event", "Event listener", re.compile(
r"""\.on\s*\(\s*['"]([\w\-:.]+)['"]""",
)),
("event", "Event subscriber decorator", re.compile(
r"""@(?:EventHandler|Subscribe|Listener|on_event)\s*\(\s*['"]([\w\-:.]+)['"]""",
)),
# Cron / scheduled
("cron", "Cron schedule", re.compile(
r"""@?(?:Cron|Schedule|Scheduled|crontab)\s*\(\s*['"]([^'"]+)['"]""",
re.IGNORECASE,
)),
# GraphQL
("http", "GraphQL resolver", re.compile(
r"""@(?:Query|Mutation|Subscription|Resolver)\s*\(""",
)),
# gRPC (only in .proto files — handled by file extension check below)
("http", "gRPC service", re.compile(
r"""^service\s+(\w+)\s*\{""", re.MULTILINE,
)),
# Exported handlers (generic)
("manual", "Exported handler", re.compile(
r"""export\s+(?:async\s+)?function\s+(handle\w+|process\w+|on\w+)\b""",
)),
]
# ── Gitignore support ──────────────────────────────────────────────────────
def parse_gitignore(project_root: Path) -> list[re.Pattern[str]]:
"""Parse .gitignore into a list of compiled regex patterns."""
gitignore = project_root / ".gitignore"
patterns: list[re.Pattern[str]] = []
if not gitignore.exists():
return patterns
for line in gitignore.read_text(errors="replace").splitlines():
line = line.strip()
if not line or line.startswith("#"):
continue
# Convert glob to regex (simplified)
regex = line.replace(".", r"\.").replace("**/", "(.*/)?").replace("*", "[^/]*").replace("?", "[^/]")
if line.endswith("/"):
regex = regex.rstrip("/") + "(/|$)"
try:
patterns.append(re.compile(regex))
except re.error as e:
print(f"Warning: skipping invalid gitignore pattern '{line}': {e}", file=sys.stderr)
return patterns
def is_ignored(rel_path: str, gitignore_patterns: list[re.Pattern[str]]) -> bool:
"""Check if a relative path matches any gitignore pattern."""
for pattern in gitignore_patterns:
if pattern.search(rel_path):
return True
return False
# ── File tree scanner ──────────────────────────────────────────────────────
def scan_file_tree(
root: Path,
gitignore_patterns: list[re.Pattern[str]],
max_depth: int = MAX_FILE_TREE_DEPTH,
) -> list[str]:
"""Return a flat list of relative file paths (source files only)."""
result: list[str] = []
def _walk(dir_path: Path, depth: int) -> None:
if depth > max_depth or len(result) >= MAX_FILES_TOTAL:
return
try:
entries = sorted(dir_path.iterdir(), key=lambda e: (not e.is_dir(), e.name.lower()))
except PermissionError:
return
file_count = 0
for entry in entries:
if len(result) >= MAX_FILES_TOTAL:
break
# Skip symlinks to avoid infinite loops
if entry.is_symlink():
continue
rel = str(entry.relative_to(root))
if entry.is_dir():
if entry.name in SKIP_DIRS:
continue
if is_ignored(rel + "/", gitignore_patterns):
continue
_walk(entry, depth + 1)
elif entry.is_file():
if file_count >= MAX_FILES_PER_DIR:
break
if entry.suffix not in SOURCE_EXTENSIONS:
continue
if is_ignored(rel, gitignore_patterns):
continue
result.append(rel)
file_count += 1
_walk(root, 0)
return result
# ── Entry point detection ──────────────────────────────────────────────────
def detect_entry_points(root: Path, file_paths: list[str]) -> list[dict[str, Any]]:
"""Scan source files for entry point patterns."""
entry_points: list[dict[str, Any]] = []
# Skip test files and the extraction script itself
test_patterns = re.compile(r"(?:\.test\.|\.spec\.|__tests__|_test\.py|test_\w+\.py|extract-domain-context\.py)")
for rel_path in file_paths:
if len(entry_points) >= MAX_ENTRY_POINTS:
break
if test_patterns.search(rel_path):
continue
full_path = root / rel_path
try:
content = full_path.read_text(errors="replace")
except (OSError, UnicodeDecodeError):
continue
lines = content.splitlines()
for entry_type, description, pattern in ENTRY_POINT_PATTERNS:
for match in pattern.finditer(content):
# Find line number
line_no = content[:match.start()].count("\n") + 1
# Extract a snippet (signature + a few lines)
start = max(0, line_no - 1)
end = min(len(lines), start + 5)
snippet = "\n".join(lines[start:end])
entry_points.append({
"file": rel_path,
"line": line_no,
"type": entry_type,
"description": description,
"match": match.group(0)[:120],
"snippet": snippet[:300],
})
if len(entry_points) >= MAX_ENTRY_POINTS:
break
if len(entry_points) >= MAX_ENTRY_POINTS:
break
return entry_points
# ── File signatures ────────────────────────────────────────────────────────
def extract_file_signatures(root: Path, file_paths: list[str]) -> list[dict[str, Any]]:
"""Extract exports and imports from each file (lightweight)."""
signatures: list[dict[str, Any]] = []
# Prioritize files likely to contain business logic
priority_keywords = [
"controller", "service", "handler", "router", "route", "api",
"model", "entity", "repository", "usecase", "use_case",
"command", "query", "event", "subscriber", "listener",
"middleware", "guard", "interceptor", "resolver",
"workflow", "flow", "process", "pipeline", "job", "task",
]
def priority_score(path: str) -> int:
lower = path.lower()
score = 0
for kw in priority_keywords:
if kw in lower:
score += 1
return score
sorted_paths = sorted(file_paths, key=priority_score, reverse=True)
for rel_path in sorted_paths[:MAX_SAMPLED_FILES]:
full_path = root / rel_path
try:
content = full_path.read_text(errors="replace")
except (OSError, UnicodeDecodeError):
continue
lines = content.splitlines()[:MAX_LINES_PER_FILE]
truncated = "\n".join(lines)
# Extract exports (JS/TS)
exports = re.findall(
r"export\s+(?:default\s+)?(?:async\s+)?(?:function|class|const|let|var|interface|type|enum)\s+(\w+)",
truncated,
)
# Extract exports (Python)
if not exports:
exports = re.findall(r"^(?:def|class)\s+(\w+)", truncated, re.MULTILINE)
# Extract imports (first 20)
imports = re.findall(
r"""(?:import\s+.*?from\s+['"]([^'"]+)['"]|from\s+([\w.]+)\s+import)""",
truncated,
)
import_list = [m[0] or m[1] for m in imports][:20]
signatures.append({
"file": rel_path,
"exports": exports[:20],
"imports": import_list,
"lines": len(content.splitlines()),
"preview": truncated[:500],
})
return signatures
# ── Metadata extraction ────────────────────────────────────────────────────
def extract_metadata(root: Path) -> dict[str, Any]:
"""Read project metadata files."""
metadata: dict[str, Any] = {}
for filename in METADATA_FILES:
filepath = root / filename
if not filepath.exists():
continue
try:
content = filepath.read_text(errors="replace")
except (OSError, UnicodeDecodeError):
continue
if filename == "package.json":
try:
pkg = json.loads(content)
metadata["package.json"] = {
"name": pkg.get("name"),
"description": pkg.get("description"),
"scripts": list((pkg.get("scripts") or {}).keys()),
"dependencies": list((pkg.get("dependencies") or {}).keys()),
"devDependencies": list((pkg.get("devDependencies") or {}).keys()),
}
except json.JSONDecodeError:
metadata["package.json"] = content[:500]
elif filename.endswith((".md", ".rst", ".txt")) or filename == "README":
metadata[filename] = content[:2000]
elif filename.endswith((".toml", ".cfg", ".mod")):
metadata[filename] = content[:1000]
elif filename.endswith((".json", ".yml", ".yaml", ".xml", ".gradle")):
metadata[filename] = content[:1000]
return metadata
# ── Main ───────────────────────────────────────────────────────────────────
def _truncate_to_fit(context: dict[str, Any]) -> dict[str, Any]:
"""Progressively trim context sections to stay under MAX_OUTPUT_BYTES."""
output = json.dumps(context, indent=2)
if len(output.encode()) <= MAX_OUTPUT_BYTES:
return context
# 1. Trim file tree to just a count
context["fileTree"] = context["fileTree"][:200]
output = json.dumps(context, indent=2)
if len(output.encode()) <= MAX_OUTPUT_BYTES:
return context
# 2. Trim previews in signatures
for sig in context.get("fileSignatures", []):
sig["preview"] = sig["preview"][:200]
output = json.dumps(context, indent=2)
if len(output.encode()) <= MAX_OUTPUT_BYTES:
return context
# 3. Trim snippets in entry points
for ep in context.get("entryPoints", []):
ep["snippet"] = ep["snippet"][:100]
output = json.dumps(context, indent=2)
if len(output.encode()) <= MAX_OUTPUT_BYTES:
return context
# 4. Reduce number of signatures and entry points
context["fileSignatures"] = context["fileSignatures"][:20]
context["entryPoints"] = context["entryPoints"][:100]
return context
def main() -> None:
if len(sys.argv) < 2:
print("Usage: python extract-domain-context.py <project-root>", file=sys.stderr)
sys.exit(1)
project_root = Path(sys.argv[1]).resolve()
if not project_root.is_dir():
print(f"Error: {project_root} is not a directory", file=sys.stderr)
sys.exit(1)
try:
# Ensure output directory exists
output_dir = project_root / ".understand-anything" / "intermediate"
output_dir.mkdir(parents=True, exist_ok=True)
output_path = output_dir / "domain-context.json"
print(f"Scanning {project_root} ...", file=sys.stderr)
gitignore_patterns = parse_gitignore(project_root)
file_tree = scan_file_tree(project_root, gitignore_patterns)
print(f" Found {len(file_tree)} source files", file=sys.stderr)
entry_points = detect_entry_points(project_root, file_tree)
print(f" Detected {len(entry_points)} entry points", file=sys.stderr)
signatures = extract_file_signatures(project_root, file_tree)
print(f" Extracted {len(signatures)} file signatures", file=sys.stderr)
metadata = extract_metadata(project_root)
print(f" Read {len(metadata)} metadata files", file=sys.stderr)
context = {
"projectRoot": str(project_root),
"fileCount": len(file_tree),
"fileTree": file_tree,
"entryPoints": entry_points,
"fileSignatures": signatures,
"metadata": metadata,
}
context = _truncate_to_fit(context)
output = json.dumps(context, indent=2)
output_path.write_text(output)
size_kb = len(output.encode()) / 1024
print(f" Wrote {output_path} ({size_kb:.0f} KB)", file=sys.stderr)
except Exception as e:
print(f"Error: {e}", file=sys.stderr)
sys.exit(1)
if __name__ == "__main__":
main()

58
.qoder/skills/understand-explain/SKILL.md
View File

@@ -1,58 +0,0 @@
---
name: understand-explain
description: Use when you need a deep-dive explanation of a specific file, function, or module in the codebase
argument-hint: [file-path]
---
# /understand-explain
Provide a thorough, in-depth explanation of a specific code component.
## Graph Structure Reference
The knowledge graph JSON has this structure:
- `project` — {name, description, languages, frameworks, analyzedAt, gitCommitHash}
- `nodes[]` — each has {id, type, name, filePath?, summary, tags[], complexity, languageNotes?}
- Code node types: file, function, class, module, concept
- Non-code node types: config, document, service, table, endpoint, pipeline, schema, resource
- Domain/knowledge node types: domain, flow, step, article, entity, topic, claim, source
- IDs use the node type as prefix, e.g. `file:path`, `function:path:name`, `config:path`, `article:path`
- `edges[]` — each has {source, target, type, direction, weight}
- Key types: imports, contains, calls, depends_on, configures, documents, deploys, triggers, contains_flow, flow_step, related, cites
- `layers[]` — each has {id, name, description, nodeIds[]}
- `tour[]` — each has {order, title, description, nodeIds[]}
## How to Read Efficiently
1. Use Grep to search within the JSON for relevant entries BEFORE reading the full file
2. Only read sections you need — don't dump the entire graph into context
3. Node names and summaries are the most useful fields for understanding
4. Edges tell you how components connect — follow imports and calls for dependency chains
## Instructions
1. Check that `.understand-anything/knowledge-graph.json` exists. If not, tell the user to run `/understand` first.
2. **Find the target node** — use Grep to search the knowledge graph for the component: "$ARGUMENTS"
- For file paths (e.g., `src/auth/login.ts`): search for `"filePath"` matches
- For function notation (e.g., `src/auth/login.ts:verifyToken`): search for the function name in `"name"` fields filtered by the file path
- Note the exact node `id`, `type`, `summary`, `tags`, and `complexity`
3. **Find all connected edges** — Grep for the target node's ID in the edges section:
- `"source"` matches → things this node calls/imports/depends on (outgoing)
- `"target"` matches → things that call/import/depend on this node (incoming)
- Note the connected node IDs and edge types
4. **Read connected nodes** — for each connected node ID from step 3, Grep for those IDs in the nodes section to get their `name`, `summary`, and `type`. This builds the component's neighborhood.
5. **Identify the layer** — Grep for the target node's ID in the `"layers"` section to find which architectural layer it belongs to and that layer's description.
6. **Read the actual source file** — Read the source file at the node's `filePath` for the deep-dive analysis.
7. **Explain the component in context**:
- Its role in the architecture (which layer, why it exists)
- Internal structure (functions, classes it contains — from `contains` edges)
- External connections (what it imports, what calls it, what it depends on — from edges)
- Data flow (inputs → processing → outputs — from source code)
- Explain clearly, assuming the reader may not know the programming language
- Highlight any patterns, idioms, or complexity worth understanding

132
.qoder/skills/understand-knowledge/SKILL.md
View File

@@ -1,132 +0,0 @@
---
name: understand-knowledge
description: Analyze a Karpathy-pattern LLM wiki knowledge base and generate an interactive knowledge graph with entity extraction, implicit relationships, and topic clustering.
argument-hint: [wiki-directory]
---
# /understand-knowledge
Analyzes a Karpathy-pattern LLM wiki — a three-layer knowledge base with raw sources, wiki markdown, and a schema file — and produces an interactive knowledge graph dashboard.
## What It Detects
The **Karpathy LLM wiki pattern** (see https://gist.github.com/karpathy/442a6bf555914893e9891c11519de94f):
- **Raw sources** — immutable source documents (articles, papers, data files)
- **Wiki** — LLM-generated markdown files with wikilinks (`[[target]]` syntax)
- **Schema** — CLAUDE.md, AGENTS.md, or similar configuration file
- **index.md** — content catalog organized by categories
- **log.md** — chronological operation log
Detection signals: has `index.md` + multiple `.md` files with wikilinks. May have `raw/` directory and schema file.
## Instructions
### Phase 1: DETECT
1. Determine the target directory:
- If the user provided a path argument, use that
- Otherwise, use the current working directory
2. Run the format detection script bundled with this skill:
```
python3 <SKILL_DIR>/parse-knowledge-base.py <TARGET_DIR>
```
- If the script exits with an error, tell the user this doesn't appear to be a Karpathy-pattern wiki and explain what was expected
- If successful, proceed. The script writes `scan-manifest.json` to `<TARGET_DIR>/.understand-anything/intermediate/`
3. Read the scan-manifest.json and announce the results:
- "Detected Karpathy wiki: N articles, N sources, N topics, N wikilinks (N unresolved)"
- List the categories found from index.md
### Phase 2: SCAN (already done)
The parse script in Phase 1 already performed the deterministic scan. The scan-manifest.json contains:
- Article nodes (one per wiki .md file) with extracted wikilinks, headings, frontmatter
- Source nodes (one per raw/ file)
- Topic nodes (from index.md section headings)
- `related` edges (from wikilinks)
- `categorized_under` edges (from index.md sections)
No additional scanning is needed. Proceed to Phase 3.
### Phase 3: ANALYZE
Dispatch `article-analyzer` subagents to extract implicit knowledge:
1. Read the scan-manifest.json to get the article list
2. Prepare batches of 10-15 articles each, grouped by category when possible (articles in the same category are more likely to have implicit cross-references)
3. For each batch, dispatch an `article-analyzer` subagent with:
- The batch of articles (id, name, summary, wikilinks, category, content from knowledgeMeta)
- The full list of existing node IDs (so the agent can reference them)
- The batch number for output file naming
- The intermediate directory path: `$INTERMEDIATE_DIR = <TARGET_DIR>/.understand-anything/intermediate`
The agent will write `analysis-batch-{N}.json` to the intermediate directory.
4. Run up to 3 batches concurrently. Wait for all batches to complete.
5. If any batch fails, log a warning but continue — the scan-manifest provides a solid base graph even without LLM analysis.
### Phase 4: MERGE
1. Run the merge script bundled with this skill:
```
python3 <SKILL_DIR>/merge-knowledge-graph.py <TARGET_DIR>
```
2. The script:
- Combines scan-manifest.json + all analysis-batch-*.json files
- Deduplicates entities (case-insensitive name matching)
- Normalizes node/edge types via alias maps
- Builds layers from index.md categories
- Builds a tour from index.md section ordering
- Writes `assembled-graph.json` to the intermediate directory
3. Read the merge report from stderr and announce:
- Total nodes, edges, layers, tour steps
- How many entities/claims the LLM analysis added
### Phase 5: SAVE
1. Read the assembled-graph.json
2. Run basic validation:
- Every edge source/target must reference an existing node
- Every node must have: id, type, name, summary, tags, complexity
- Remove any edges with dangling references
3. Copy the validated graph to `<TARGET_DIR>/.understand-anything/knowledge-graph.json`
4. Write metadata to `<TARGET_DIR>/.understand-anything/meta.json`:
```json
{
"lastAnalyzedAt": "<ISO timestamp>",
"gitCommitHash": "<from git rev-parse HEAD or empty>",
"version": "1.0.0",
"analyzedFiles": <number of wiki articles>
}
```
5. Clean up intermediate files:
```
rm -rf <TARGET_DIR>/.understand-anything/intermediate
```
6. Report summary to the user:
- "Knowledge graph saved: N articles, N entities, N topics, N claims, N sources"
- "N edges (N wikilink, N categorized, N implicit)"
- "N layers, N tour steps"
7. Auto-trigger the dashboard:
```
/understand-dashboard <TARGET_DIR>
```
## Notes
- The parse script handles ALL deterministic extraction (wikilinks, headings, frontmatter, categories from index.md). The LLM agents only add implicit knowledge that requires inference.
- Categories and taxonomy come from index.md section headings, NOT from filename prefixes. The Karpathy spec is intentionally abstract about naming conventions.
- The graph uses `kind: "knowledge"` to signal the dashboard to use force-directed layout instead of hierarchical dagre.
- Source nodes from raw/ are lightweight (filename + size only) — we don't parse PDFs or binary files.

397
.qoder/skills/understand-knowledge/merge-knowledge-graph.py
View File

@@ -1,397 +0,0 @@
#!/usr/bin/env python3
"""
Merge script for Karpathy-pattern knowledge graphs.
Combines the deterministic scan-manifest.json with LLM analysis batches
(analysis-batch-*.json) into a final assembled knowledge graph.
Handles: entity deduplication, edge normalization, layer building from
index.md categories, tour generation from index.md section ordering.
Usage:
python merge-knowledge-graph.py <wiki-directory>
Output:
Writes assembled-graph.json to <wiki-directory>/.understand-anything/intermediate/
"""
import json
import os
import re
import sys
from datetime import datetime, timezone
from pathlib import Path
# ---------------------------------------------------------------------------
# Canonical type sets (must match core/src/types.ts)
# ---------------------------------------------------------------------------
VALID_NODE_TYPES = {
"article", "entity", "topic", "claim", "source",
# Codebase types (for cross-compatibility)
"file", "function", "class", "module", "concept",
"config", "document", "service", "table", "endpoint",
"pipeline", "schema", "resource", "domain", "flow", "step",
}
VALID_EDGE_TYPES = {
"cites", "contradicts", "builds_on", "exemplifies",
"categorized_under", "authored_by", "related", "similar_to",
# Codebase types
"imports", "exports", "contains", "inherits", "implements",
"calls", "subscribes", "publishes", "middleware",
"reads_from", "writes_to", "transforms", "validates",
"depends_on", "tested_by", "configures",
"deploys", "serves", "provisions", "triggers",
"migrates", "documents", "routes", "defines_schema",
"contains_flow", "flow_step", "cross_domain",
}
NODE_TYPE_ALIASES = {
"note": "article", "page": "article", "wiki_page": "article",
"person": "entity", "actor": "entity", "organization": "entity",
"tag": "topic", "category": "topic", "theme": "topic",
"assertion": "claim", "decision": "claim", "thesis": "claim",
"reference": "source", "raw": "source", "paper": "source",
}
EDGE_TYPE_ALIASES = {
"references": "cites", "cites_source": "cites",
"conflicts_with": "contradicts", "disagrees_with": "contradicts",
"refines": "builds_on", "elaborates": "builds_on",
"illustrates": "exemplifies", "instance_of": "exemplifies", "example_of": "exemplifies",
"belongs_to": "categorized_under", "tagged_with": "categorized_under",
"written_by": "authored_by", "created_by": "authored_by",
"relates_to": "related", "related_to": "related",
}
# ---------------------------------------------------------------------------
# Normalization
# ---------------------------------------------------------------------------
def normalize_node_type(t: str) -> str:
t = t.lower().strip()
return NODE_TYPE_ALIASES.get(t, t)
def normalize_edge_type(t: str) -> str:
t = t.lower().strip()
return EDGE_TYPE_ALIASES.get(t, t)
def normalize_entity_name(name: str) -> str:
"""Normalize entity names for deduplication."""
return re.sub(r'\s+', ' ', name.strip().lower())
# ---------------------------------------------------------------------------
# Merge pipeline
# ---------------------------------------------------------------------------
def merge(root: Path) -> dict:
intermediate = root / ".understand-anything" / "intermediate"
manifest_path = intermediate / "scan-manifest.json"
if not manifest_path.is_file():
print(f"Error: {manifest_path} not found. Run parse-knowledge-base.py first.",
file=sys.stderr)
sys.exit(1)
# Load scan manifest (deterministic base)
manifest = json.loads(manifest_path.read_text(encoding="utf-8"))
nodes = {n["id"]: n for n in manifest["nodes"]}
edges = list(manifest["edges"])
report = {"base_nodes": len(nodes), "base_edges": len(edges),
"batches": 0, "new_entities": 0, "new_claims": 0,
"new_edges": 0, "deduped_entities": 0, "dropped_edges": 0}
# Load analysis batches
batch_files = sorted(intermediate.glob("analysis-batch-*.json"))
entity_name_map: dict[str, str] = {} # normalized_name → entity_id
dedup_remap: dict[str, str] = {} # duplicate_id → canonical_id
for bf in batch_files:
report["batches"] += 1
try:
batch = json.loads(bf.read_text(encoding="utf-8"))
except (json.JSONDecodeError, OSError) as e:
print(f"[merge] Warning: Failed to load {bf.name}: {e}", file=sys.stderr)
continue
# Process new nodes from LLM analysis
for node in batch.get("nodes", []):
node_type = normalize_node_type(node.get("type", ""))
if node_type not in VALID_NODE_TYPES:
print(f"[merge] Warning: Unknown node type '{node.get('type')}' — skipping",
file=sys.stderr)
continue
node["type"] = node_type
node_id = node.get("id", "")
# Entity deduplication — track remapping for edge fixup
if node_type == "entity":
norm_name = normalize_entity_name(node.get("name", ""))
if norm_name in entity_name_map:
# Map duplicate ID → canonical ID for edge remapping
dedup_remap[node_id] = entity_name_map[norm_name]
report["deduped_entities"] += 1
continue
entity_name_map[norm_name] = node_id
report["new_entities"] += 1
elif node_type == "claim":
report["new_claims"] += 1
# Ensure required fields
node.setdefault("summary", node.get("name", ""))
node.setdefault("tags", [])
node.setdefault("complexity", "simple")
nodes[node_id] = node
# Process new edges from LLM analysis
for edge in batch.get("edges", []):
edge_type = normalize_edge_type(edge.get("type", ""))
if edge_type not in VALID_EDGE_TYPES:
print(f"[merge] Warning: Unknown edge type '{edge.get('type')}'"
f"mapped to 'related'", file=sys.stderr)
edge_type = "related"
edge["type"] = edge_type
edge.setdefault("direction", "forward")
edge.setdefault("weight", 0.5)
# Remap deduped entity IDs, then validate source/target exist
src = dedup_remap.get(edge.get("source", ""), edge.get("source", ""))
tgt = dedup_remap.get(edge.get("target", ""), edge.get("target", ""))
edge["source"] = src
edge["target"] = tgt
if src in nodes and tgt in nodes:
edges.append(edge)
report["new_edges"] += 1
else:
report["dropped_edges"] += 1
# --- Deduplicate edges ---
seen: set[tuple[str, str, str]] = set()
final_edges = []
for edge in edges:
key = (edge["source"], edge["target"], edge["type"])
if key not in seen:
seen.add(key)
final_edges.append(edge)
# --- Build article→layer map from categories ---
categories = manifest.get("categories", [])
article_layer_map: dict[str, str] = {} # article_id → layer_id
layer_members: dict[str, list[str]] = {} # layer_id → [node_ids]
for cat in categories:
cat_name = cat["name"]
cat_slug = cat_name.lower().replace(" ", "-")
layer_id = f"layer:{cat_slug}"
topic_id = f"topic:{cat_slug}"
members = [e["source"] for e in final_edges
if e["type"] == "categorized_under" and e["target"] == topic_id]
if topic_id in nodes:
members.append(topic_id)
layer_members[layer_id] = members
for mid in members:
article_layer_map[mid] = layer_id
# --- Assign entity/claim nodes to their parent article's layer ---
# Step 1: Build entity/claim → article mapping from edges
child_to_article: dict[str, str] = {}
for edge in final_edges:
src_type = nodes.get(edge["source"], {}).get("type", "")
tgt_type = nodes.get(edge["target"], {}).get("type", "")
# If an article connects to an entity/claim, map the child to the article
if src_type == "article" and tgt_type in ("entity", "claim"):
child_to_article.setdefault(edge["target"], edge["source"])
elif tgt_type == "article" and src_type in ("entity", "claim"):
child_to_article.setdefault(edge["source"], edge["target"])
# Step 2: For orphan entities/claims, try to match by ID prefix
# Build a reverse lookup: bare article name → full article ID
# e.g., "concept-aaak-compression" → "article:concepts/concept-aaak-compression"
bare_to_article: dict[str, str] = {}
for nid in nodes:
if nid.startswith("article:"):
# Extract the bare filename from paths like "article:concepts/concept-foo"
bare = nid.split("/")[-1] if "/" in nid else nid.replace("article:", "")
bare_to_article[bare] = nid
for nid, node in nodes.items():
if node["type"] in ("entity", "claim") and nid not in child_to_article:
# e.g., "claim:concept-aaak-compression:not-zero-loss" → stem "concept-aaak-compression"
# e.g., "entity:brain" → stem "brain"
raw = nid.split(":", 1)[1] if ":" in nid else nid # "concept-aaak-compression:not-zero-loss"
stem = raw.split(":")[0] # "concept-aaak-compression"
# Try exact bare name match first
if stem in bare_to_article:
child_to_article[nid] = bare_to_article[stem]
else:
# Try suffix/substring match against bare names
# e.g., entity:brain → segment-brain, entity:mempalace → tool-mempalace
matched = False
for bare, aid in bare_to_article.items():
if stem in bare or bare in stem:
child_to_article[nid] = aid
matched = True
break
# Also try: bare ends with -stem (e.g., "segment-brain" ends with "-brain")
if bare.endswith(f"-{stem}") or bare.endswith(f"/{stem}"):
child_to_article[nid] = aid
matched = True
break
# Last resort: check if the node's name appears in any article's
# name OR content (knowledgeMeta.content)
if not matched and node.get("name"):
node_name_lower = node["name"].lower()
for aid, anode in nodes.items():
if not aid.startswith("article:"):
continue
# Match against article name
if node_name_lower in anode.get("name", "").lower():
child_to_article[nid] = aid
matched = True
break
# Match against article content (wikilinks or text)
meta = anode.get("knowledgeMeta", {})
content = (meta.get("content") or "").lower()
if len(node_name_lower) >= 3 and node_name_lower in content:
child_to_article[nid] = aid
matched = True
break
# Step 3: Place children into their parent article's layer
for child_id, article_id in child_to_article.items():
layer_id = article_layer_map.get(article_id)
if layer_id and layer_id in layer_members:
layer_members[layer_id].append(child_id)
article_layer_map[child_id] = layer_id
# --- Build layers ---
layers = []
for cat in categories:
cat_name = cat["name"]
cat_slug = cat_name.lower().replace(" ", "-")
layer_id = f"layer:{cat_slug}"
members = list(dict.fromkeys(layer_members.get(layer_id, []))) # Deduplicate preserving order
layers.append({
"id": layer_id,
"name": cat_name,
"description": f"{cat_name} ({len(members)} nodes)",
"nodeIds": members,
})
# Assign uncategorized nodes to an "Other" layer
categorized_ids = set()
for layer in layers:
categorized_ids.update(layer["nodeIds"])
uncategorized = [nid for nid in nodes if nid not in categorized_ids]
if uncategorized:
layers.append({
"id": "layer:other",
"name": "Other",
"description": f"Uncategorized nodes ({len(uncategorized)})",
"nodeIds": uncategorized,
})
# --- Build tour from index.md category ordering ---
tour = []
for i, cat in enumerate(categories):
cat_slug = cat["name"].lower().replace(" ", "-")
topic_id = f"topic:{cat_slug}"
# Pick representative articles (up to 3 per category)
members = [e["source"] for e in final_edges
if e["type"] == "categorized_under" and e["target"] == topic_id][:3]
if not members and topic_id in nodes:
members = [topic_id]
if members:
tour.append({
"order": i + 1,
"title": cat["name"],
"description": f"Explore the {cat['name']} section ({cat['count']} articles)",
"nodeIds": members,
})
# --- Detect project name ---
project_name = root.name
# Try to find a better name from index.md H1
index_path = root / "wiki" / "index.md"
if not index_path.is_file():
index_path = root / "index.md"
if index_path.is_file():
text = index_path.read_text(encoding="utf-8", errors="replace")
h1_match = re.search(r"^#\s+(.+)$", text, re.MULTILINE)
if h1_match:
project_name = h1_match.group(1).strip()
# --- Assemble final graph ---
graph = {
"version": "1.0.0",
"kind": "knowledge",
"project": {
"name": project_name,
"languages": ["markdown"],
"frameworks": ["karpathy-wiki"],
"description": f"Knowledge graph for {project_name}",
"analyzedAt": datetime.now(timezone.utc).isoformat(),
"gitCommitHash": "",
},
"nodes": list(nodes.values()),
"edges": final_edges,
"layers": layers,
"tour": tour,
}
# Try to get git commit hash
try:
import subprocess
result = subprocess.run(
["git", "rev-parse", "HEAD"],
capture_output=True, text=True, cwd=str(root), timeout=5
)
if result.returncode == 0:
graph["project"]["gitCommitHash"] = result.stdout.strip()
except (OSError, subprocess.TimeoutExpired):
pass
# Write output
out_path = intermediate / "assembled-graph.json"
out_path.write_text(json.dumps(graph, indent=2), encoding="utf-8")
# Report
print(f"[merge] Input: {report['base_nodes']} scan nodes, "
f"{report['base_edges']} scan edges, {report['batches']} analysis batches",
file=sys.stderr)
print(f"[merge] Added: {report['new_entities']} entities, "
f"{report['new_claims']} claims, {report['new_edges']} edges "
f"({report['deduped_entities']} deduped entities, "
f"{report['dropped_edges']} dropped dangling edges)", file=sys.stderr)
print(f"[merge] Output: {len(graph['nodes'])} nodes, {len(final_edges)} edges, "
f"{len(layers)} layers, {len(tour)} tour steps", file=sys.stderr)
print(f"[merge] Written: {out_path}", file=sys.stderr)
return graph
def main():
if len(sys.argv) < 2:
print("Usage: merge-knowledge-graph.py <wiki-directory>", file=sys.stderr)
sys.exit(1)
root = Path(sys.argv[1]).resolve()
if not root.is_dir():
print(f"Error: {root} is not a directory", file=sys.stderr)
sys.exit(1)
merge(root)
if __name__ == "__main__":
main()

509
.qoder/skills/understand-knowledge/parse-knowledge-base.py
View File

@@ -1,509 +0,0 @@
#!/usr/bin/env python3
"""
Deterministic parser for Karpathy-pattern LLM wikis.
Detects the three-layer pattern (raw sources + wiki markdown + schema),
extracts structure from markdown files, resolves wikilinks, and derives
categories from index.md section headings.
Usage:
python parse-knowledge-base.py <wiki-directory>
Output:
Writes scan-manifest.json to <wiki-directory>/.understand-anything/intermediate/
"""
import json
import os
import re
import sys
from pathlib import Path
# ---------------------------------------------------------------------------
# Regex patterns
# ---------------------------------------------------------------------------
WIKILINK_RE = re.compile(r"\[\[([^\]|]+)(?:\|([^\]]+))?\]\]")
FRONTMATTER_RE = re.compile(r"^---\s*\n(.*?)\n---\s*\n", re.DOTALL)
CODE_BLOCK_RE = re.compile(r"```(\w*)")
HEADING_RE = re.compile(r"^(#{1,6})\s+(.+)$", re.MULTILINE)
INDEX_SECTION_RE = re.compile(r"^##\s+(.+)$", re.MULTILINE)
# Files that are part of wiki infrastructure, not content articles
INFRA_FILES = {"index.md", "log.md", "claude.md", "agents.md", "soul.md"}
# ---------------------------------------------------------------------------
# Detection: is this a Karpathy-pattern wiki?
# ---------------------------------------------------------------------------
def detect_format(root: Path) -> dict:
"""Detect if directory follows the Karpathy LLM wiki three-layer pattern."""
signals = {
"has_index": (root / "index.md").is_file() or (root / "wiki" / "index.md").is_file(),
"has_log": (root / "log.md").is_file() or (root / "wiki" / "log.md").is_file(),
"has_raw": (root / "raw").is_dir(),
"has_schema": any(
(root / f).is_file() or (root / "wiki" / f).is_file()
for f in ["CLAUDE.md", "AGENTS.md"]
),
}
# Find the wiki root — could be the directory itself or a wiki/ subdirectory
if (root / "wiki").is_dir():
wiki_root = root / "wiki"
else:
wiki_root = root
# Count markdown files in the wiki root
md_files = list(wiki_root.rglob("*.md"))
signals["md_count"] = len(md_files)
signals["wiki_root"] = str(wiki_root)
# Primary signal: has index.md + meaningful number of markdown files
if signals["has_index"] and signals["md_count"] >= 3:
signals["detected"] = True
signals["format"] = "karpathy"
else:
signals["detected"] = False
signals["format"] = "unknown"
return signals
# ---------------------------------------------------------------------------
# Markdown extraction helpers
# ---------------------------------------------------------------------------
def extract_frontmatter(text: str) -> dict:
"""Extract YAML frontmatter as a simple key-value dict."""
m = FRONTMATTER_RE.match(text)
if not m:
return {}
fm = {}
for line in m.group(1).split("\n"):
if ":" in line:
key, _, val = line.partition(":")
fm[key.strip()] = val.strip().strip('"').strip("'")
return fm
def extract_wikilinks(text: str) -> list[dict]:
"""Extract all [[target]] and [[target|display]] wikilinks."""
links = []
for m in WIKILINK_RE.finditer(text):
links.append({
"target": m.group(1).strip(),
"display": m.group(2).strip() if m.group(2) else None,
})
return links
def extract_headings(text: str) -> list[dict]:
"""Extract all markdown headings with level and text."""
return [
{"level": len(m.group(1)), "text": m.group(2).strip()}
for m in HEADING_RE.finditer(text)
]
def extract_code_blocks(text: str) -> list[str]:
"""Extract languages from fenced code blocks."""
return [m.group(1) for m in CODE_BLOCK_RE.finditer(text) if m.group(1)]
def extract_first_paragraph(text: str) -> str:
"""Extract the first non-empty paragraph after frontmatter and H1."""
# Strip frontmatter
stripped = FRONTMATTER_RE.sub("", text).strip()
if not stripped:
return ""
lines = stripped.split("\n")
def _collect_paragraph(start_lines: list[str]) -> str:
"""Collect the first paragraph from the given lines."""
para: list[str] = []
for s_raw in start_lines:
s = s_raw.strip()
if not s and not para:
continue # Skip leading blank lines
if not s and para:
break # End of paragraph
if s.startswith(">"):
continue # Skip blockquotes
if re.match(r"^[-*_]{3,}\s*$", s):
continue # Skip horizontal rules
if s.startswith("#"):
if para:
break # End paragraph at next heading
continue # Skip headings before paragraph
para.append(s)
return " ".join(para)
# Try: find first paragraph after H1
for i, line in enumerate(lines):
if line.strip().startswith("# "):
result = _collect_paragraph(lines[i + 1:])
if result:
if len(result) > 200:
return result[:197] + "..."
return result
# Fallback: no H1 found, take first paragraph from start
result = _collect_paragraph(lines)
if len(result) > 200:
result = result[:197] + "..."
return result or ""
def extract_h1(text: str) -> str:
"""Extract the first H1 heading."""
for m in HEADING_RE.finditer(text):
if len(m.group(1)) == 1:
# Strip trailing wiki-style decorations like " — subtitle"
return m.group(2).strip()
return ""
# ---------------------------------------------------------------------------
# Index.md parsing — categories come from section headings
# ---------------------------------------------------------------------------
def parse_index(index_path: Path) -> list[dict]:
"""Parse index.md to extract categories from ## headings and their wikilinks."""
if not index_path.is_file():
return []
text = index_path.read_text(encoding="utf-8", errors="replace")
categories = []
current_category = None
for line in text.split("\n"):
# Detect ## section heading
sec_match = re.match(r"^##\s+(.+)$", line)
if sec_match:
current_category = {
"name": sec_match.group(1).strip(),
"articles": [],
}
categories.append(current_category)
continue
# Collect wikilinks under current section
if current_category:
for wl in WIKILINK_RE.finditer(line):
current_category["articles"].append(wl.group(1).strip())
return categories
# ---------------------------------------------------------------------------
# Log.md parsing — extract operation timeline
# ---------------------------------------------------------------------------
def parse_log(log_path: Path) -> list[dict]:
"""Parse log.md to extract chronological entries."""
if not log_path.is_file():
return []
text = log_path.read_text(encoding="utf-8", errors="replace")
entries = []
log_entry_re = re.compile(
r"^##\s+\[(\d{4}-\d{2}-\d{2})\]\s+(\w+)\s*\|\s*(.+)$", re.MULTILINE
)
for m in log_entry_re.finditer(text):
entries.append({
"date": m.group(1),
"operation": m.group(2),
"title": m.group(3).strip(),
})
return entries
# ---------------------------------------------------------------------------
# Main pipeline
# ---------------------------------------------------------------------------
def build_name_to_stem_map(wiki_root: Path) -> dict[str, str]:
"""Build a case-insensitive map from filename stem to relative stem path.
Full relative paths always map uniquely. Bare basenames map only when
unambiguous — duplicate basenames are removed so they don't silently
resolve to the wrong page.
"""
name_map: dict[str, str] = {}
# Track which bare basenames appear more than once
basename_counts: dict[str, int] = {}
for md_file in wiki_root.rglob("*.md"):
rel = md_file.relative_to(wiki_root)
stem = rel.with_suffix("").as_posix() # e.g., "decisions/decision-foo"
basename = md_file.stem # e.g., "decision-foo"
# Full relative path always maps uniquely
name_map[stem.lower()] = stem
# Track basename for ambiguity detection
key = basename.lower()
basename_counts[key] = basename_counts.get(key, 0) + 1
name_map[key] = stem
# Remove ambiguous basename entries (appear more than once)
for key, count in basename_counts.items():
if count > 1 and key in name_map:
del name_map[key]
return name_map
def resolve_wikilink(target: str, name_map: dict[str, str], node_ids: set[str] | None = None) -> str | None:
"""Resolve a wikilink target to an article node ID.
If node_ids is provided, only resolve to IDs that exist in the set.
"""
key = target.lower().strip()
# Skip targets that are clearly not page names (shell flags, etc.)
if key.startswith("-"):
return None
stem = name_map.get(key)
if stem:
candidate = f"article:{stem}"
# If we have a node set, verify the target exists
if node_ids is not None and candidate not in node_ids:
return None
return candidate
# Try without directory prefix
for stored_key, stored_stem in name_map.items():
if stored_key.endswith("/" + key) or stored_key == key:
candidate = f"article:{stored_stem}"
if node_ids is not None and candidate not in node_ids:
return None
return candidate
return None
def parse_wiki(root: Path) -> dict:
"""Parse a Karpathy-pattern wiki and produce the scan manifest."""
detection = detect_format(root)
if not detection["detected"]:
print(json.dumps({"error": "Not a Karpathy-pattern wiki", "detection": detection}),
file=sys.stderr)
sys.exit(1)
wiki_root = Path(detection["wiki_root"])
raw_root = root / "raw"
# Build name resolution map
name_map = build_name_to_stem_map(wiki_root)
# Find index.md and log.md
index_path = wiki_root / "index.md"
if not index_path.is_file():
index_path = root / "index.md"
log_path = wiki_root / "log.md"
if not log_path.is_file():
log_path = root / "log.md"
# Parse index for categories
categories = parse_index(index_path)
log_entries = parse_log(log_path)
# Build category lookup: wikilink target → category name
category_lookup: dict[str, str] = {}
for cat in categories:
for article_target in cat["articles"]:
category_lookup[article_target.lower()] = cat["name"]
# --- Pre-compute article IDs (for edge resolution validation) ---
# Only skip infra files at the wiki root level, not in subdirectories
# (e.g., wiki/index.md is infra, but wiki/concepts/index.md is content)
article_ids: set[str] = set()
for md_file in sorted(wiki_root.rglob("*.md")):
rel = md_file.relative_to(wiki_root)
stem = rel.with_suffix("").as_posix()
# Only filter infra files at root level (no parent directory)
if rel.parent == Path(".") and rel.name.lower() in INFRA_FILES:
continue
article_ids.add(f"article:{stem}")
# --- Build article nodes ---
nodes = []
edges = []
warnings = []
stats = {"articles": 0, "sources": 0, "topics": 0, "wikilinks": 0, "unresolved": 0}
for md_file in sorted(wiki_root.rglob("*.md")):
rel = md_file.relative_to(wiki_root)
stem = rel.with_suffix("").as_posix()
basename = md_file.stem
# Skip infrastructure files only at wiki root level
if rel.parent == Path(".") and rel.name.lower() in INFRA_FILES:
continue
text = md_file.read_text(encoding="utf-8", errors="replace")
h1 = extract_h1(text)
frontmatter = extract_frontmatter(text)
wikilinks = extract_wikilinks(text)
headings = extract_headings(text)
code_langs = extract_code_blocks(text)
summary = extract_first_paragraph(text)
line_count = text.count("\n") + 1
word_count = len(text.split())
# Derive category from index.md lookup
category = category_lookup.get(basename.lower(), "")
if not category:
# Try stem match
category = category_lookup.get(stem.lower(), "")
# Derive tags (deduplicated)
tag_set: set[str] = set()
if category:
tag_set.add(category.lower())
if rel.parent != Path("."):
tag_set.add(str(rel.parent))
fm_tags = frontmatter.get("tags", "")
if fm_tags:
tag_set.update(t.strip() for t in fm_tags.split(",") if t.strip())
tags = sorted(tag_set)
# Complexity from wikilink density
wl_count = len(wikilinks)
if wl_count > 15:
complexity = "complex"
elif wl_count > 5:
complexity = "moderate"
else:
complexity = "simple"
node_id = f"article:{stem}"
nodes.append({
"id": node_id,
"type": "article",
"name": h1 or basename,
"filePath": str(rel),
"summary": summary or f"Wiki article: {h1 or basename}",
"tags": tags,
"complexity": complexity,
"knowledgeMeta": {
"wikilinks": [wl["target"] for wl in wikilinks],
**({"category": category} if category else {}),
"content": text[:3000], # First 3000 chars for LLM analysis
},
})
stats["articles"] += 1
stats["wikilinks"] += wl_count
# Build edges from wikilinks (resolve against known article IDs)
for wl in wikilinks:
target_id = resolve_wikilink(wl["target"], name_map, article_ids)
if target_id and target_id != node_id:
edges.append({
"source": node_id,
"target": target_id,
"type": "related",
"direction": "forward",
"weight": 0.7,
})
elif not target_id:
warnings.append(f"Unresolved wikilink: [[{wl['target']}]] in {rel}")
stats["unresolved"] += 1
# --- Build topic nodes from index.md categories ---
for cat in categories:
topic_id = f"topic:{cat['name'].lower().replace(' ', '-')}"
nodes.append({
"id": topic_id,
"type": "topic",
"name": cat["name"],
"summary": f"Category from index: {cat['name']} ({len(cat['articles'])} articles)",
"tags": ["category"],
"complexity": "simple",
})
stats["topics"] += 1
# categorized_under edges (only resolve to known article nodes)
for article_target in cat["articles"]:
article_id = resolve_wikilink(article_target, name_map, article_ids)
if article_id:
edges.append({
"source": article_id,
"target": topic_id,
"type": "categorized_under",
"direction": "forward",
"weight": 0.6,
})
# --- Build source nodes from raw/ ---
if raw_root.is_dir():
for raw_file in sorted(raw_root.rglob("*")):
if raw_file.is_file() and not raw_file.name.startswith("."):
rel_raw = raw_file.relative_to(root)
ext = raw_file.suffix.lower()
size_kb = raw_file.stat().st_size / 1024
source_id = f"source:{raw_file.relative_to(raw_root).with_suffix('')}"
nodes.append({
"id": source_id,
"type": "source",
"name": raw_file.name,
"filePath": str(rel_raw),
"summary": f"Raw source ({ext or 'unknown'}, {size_kb:.0f} KB)",
"tags": ["raw", ext.lstrip(".") or "unknown"],
"complexity": "simple",
})
stats["sources"] += 1
# --- Compute backlinks ---
backlink_map: dict[str, list[str]] = {}
for edge in edges:
if edge["type"] == "related":
target = edge["target"]
source = edge["source"]
backlink_map.setdefault(target, []).append(source)
for node in nodes:
if node["type"] == "article" and "knowledgeMeta" in node:
bl = backlink_map.get(node["id"], [])
node["knowledgeMeta"]["backlinks"] = bl
# --- Deduplicate edges ---
seen_edges: set[tuple[str, str, str]] = set()
deduped_edges = []
for edge in edges:
key = (edge["source"], edge["target"], edge["type"])
if key not in seen_edges:
seen_edges.add(key)
deduped_edges.append(edge)
return {
"format": "karpathy",
"stats": stats,
"categories": [{"name": c["name"], "count": len(c["articles"])} for c in categories],
"logEntries": len(log_entries),
"nodes": nodes,
"edges": deduped_edges,
"warnings": warnings[:50], # Cap warnings
}
def main():
if len(sys.argv) < 2:
print("Usage: parse-knowledge-base.py <wiki-directory>", file=sys.stderr)
sys.exit(1)
root = Path(sys.argv[1]).resolve()
if not root.is_dir():
print(f"Error: {root} is not a directory", file=sys.stderr)
sys.exit(1)
manifest = parse_wiki(root)
# Write output
out_dir = root / ".understand-anything" / "intermediate"
out_dir.mkdir(parents=True, exist_ok=True)
out_path = out_dir / "scan-manifest.json"
out_path.write_text(json.dumps(manifest, indent=2), encoding="utf-8")
# Report to stderr
s = manifest["stats"]
print(f"[parse] Karpathy wiki: {s['articles']} articles, {s['sources']} sources, "
f"{s['topics']} topics, {s['wikilinks']} wikilinks "
f"({s['unresolved']} unresolved)", file=sys.stderr)
print(f"[parse] Output: {out_path}", file=sys.stderr)
if __name__ == "__main__":
main()

55
.qoder/skills/understand-onboard/SKILL.md
View File

@@ -1,55 +0,0 @@
---
name: understand-onboard
description: Use when you need to generate an onboarding guide for new team members joining a project
---
# /understand-onboard
Generate a comprehensive onboarding guide from the project's knowledge graph.
## Graph Structure Reference
The knowledge graph JSON has this structure:
- `project` — {name, description, languages, frameworks, analyzedAt, gitCommitHash}
- `nodes[]` — each has {id, type, name, filePath?, summary, tags[], complexity, languageNotes?}
- Code node types: file, function, class, module, concept
- Non-code node types: config, document, service, table, endpoint, pipeline, schema, resource
- Domain/knowledge node types: domain, flow, step, article, entity, topic, claim, source
- IDs use the node type as prefix, e.g. `file:path`, `function:path:name`, `config:path`, `article:path`
- `edges[]` — each has {source, target, type, direction, weight}
- Key types: imports, contains, calls, depends_on, configures, documents, deploys, triggers, contains_flow, flow_step, related, cites
- `layers[]` — each has {id, name, description, nodeIds[]}
- `tour[]` — each has {order, title, description, nodeIds[]}
## How to Read Efficiently
1. Use Grep to search within the JSON for relevant entries BEFORE reading the full file
2. Only read sections you need — don't dump the entire graph into context
3. Node names and summaries are the most useful fields for understanding
4. Edges tell you how components connect — follow imports and calls for dependency chains
## Instructions
1. Check that `.understand-anything/knowledge-graph.json` exists. If not, tell the user to run `/understand` first.
2. **Read project metadata** — use Grep or Read with a line limit to extract the `"project"` section (name, description, languages, frameworks).
3. **Read layers** — Grep for `"layers"` to get the full layers array. These define the architecture and will structure the guide.
4. **Read the tour** — Grep for `"tour"` to get the guided walkthrough steps. These provide the recommended learning path.
5. **Read file-level structural nodes only** — use Grep to find nodes with file-level types (`file`, `config`, `document`, `service`, `pipeline`, `table`, `schema`, `resource`, `endpoint`) in the knowledge graph. Skip function-level and class-level nodes to keep the guide high-level. Extract each node's `name`, `filePath`, `summary`, and `complexity`.
6. **Identify complexity hotspots** — from the file-level nodes, find those with the highest `complexity` values. These are areas new developers should approach carefully.
7. **Generate the onboarding guide** with these sections:
- **Project Overview**: name, languages, frameworks, description (from project metadata)
- **Architecture Layers**: each layer's name, description, and key files (from layers + file nodes)
- **Key Concepts**: important patterns and design decisions (from node summaries and tags)
- **Guided Tour**: step-by-step walkthrough (from the tour section)
- **File Map**: what each key file does (from file-level nodes, organized by layer)
- **Complexity Hotspots**: areas to approach carefully (from complexity values)
8. Format as clean markdown
9. Offer to save the guide to `docs/ONBOARDING.md` in the project
10. Suggest the user commit it to the repo for the team

851
.qoder/skills/understand/SKILL.md
View File

@@ -1,851 +0,0 @@
---
name: understand
description: Analyze a codebase to produce an interactive knowledge graph for understanding architecture, components, and relationships
argument-hint: ["[path] [--full|--auto-update|--no-auto-update|--review|--language <lang>]"]
---
# /understand
Analyze the current codebase and produce a `knowledge-graph.json` file in `.understand-anything/`. This file powers the interactive dashboard for exploring the project's architecture.
## Options
- `$ARGUMENTS` may contain:
- `--full` — Force a full rebuild, ignoring any existing graph
- `--auto-update` — Enable automatic graph updates on commit (writes `autoUpdate: true` to `.understand-anything/config.json`)
- `--no-auto-update` — Disable automatic graph updates (writes `autoUpdate: false` to `.understand-anything/config.json`)
- `--review` — Run full LLM graph-reviewer instead of inline deterministic validation
- `--language <lang>` — Generate all textual content (summaries, descriptions, tags, titles, languageNotes, languageLesson) in the specified language. Accepts ISO 639-1 codes (`zh`, `ja`, `ko`, `en`, `es`, `fr`, `de`, etc.) or friendly names (`chinese`, `japanese`, `korean`, `english`, `spanish`, etc.). Locale variants supported: `zh-TW`, `zh-HK`, etc. Defaults to `en` (English). Stores preference in `.understand-anything/config.json` for consistency across incremental updates.
- A directory path (e.g. `/path/to/repo` or `../other-project`) — Analyze the given directory instead of the current working directory
---
## Progress Reporting
Throughout execution, report progress to the user at each phase transition and during batch processing. This keeps users informed on large codebases where analysis can take a long time.
- **Phase transitions:** At the start of each phase, print a status line:
> `[Phase N/7] <phase name>...`
>
> Example: `[Phase 2/7] Analyzing files (12 batches)...`
- **Batch progress:** During Phase 2, report each batch with its index and total:
> `Analyzing batch X/N (files: foo.ts, bar.ts, ...)` (list up to 3 filenames, then `...` if more)
- **Phase completion:** When a phase finishes, briefly confirm:
> `Phase N complete. <one-line summary of result>`
>
> Example: `Phase 1 complete. Found 247 files across 3 languages.`
---
## Phase 0 — Pre-flight
Determine whether to run a full analysis or incremental update.
1. **Resolve `PROJECT_ROOT`:**
- Parse `$ARGUMENTS` for a non-flag token (any argument that does not start with `--`). If found, treat it as the target directory path.
- If the path is relative, resolve it against the current working directory.
- Verify the resolved path exists and is a directory (run `test -d <path>`). If it does not exist or is not a directory, report an error to the user and **STOP**.
- Set `PROJECT_ROOT` to the resolved absolute path.
- If no directory path argument is found, set `PROJECT_ROOT` to the current working directory.
- **Worktree redirect.** If `PROJECT_ROOT` is inside a git worktree (not the main checkout), redirect output to the main repository root. Worktrees managed by Claude Code are ephemeral — `.understand-anything/` written there is destroyed when the session ends, taking the knowledge graph with it (issue #133). Detect a worktree by comparing `git rev-parse --git-dir` against `git rev-parse --git-common-dir`; in a normal checkout or submodule they resolve to the same path, in a worktree they differ and the parent of `--git-common-dir` is the main repo root.
```bash
COMMON_DIR=$(git -C "$PROJECT_ROOT" rev-parse --git-common-dir 2>/dev/null)
GIT_DIR=$(git -C "$PROJECT_ROOT" rev-parse --git-dir 2>/dev/null)
if [ -n "$COMMON_DIR" ] && [ -n "$GIT_DIR" ]; then
COMMON_ABS=$(cd "$PROJECT_ROOT" && cd "$COMMON_DIR" 2>/dev/null && pwd -P)
GIT_ABS=$(cd "$PROJECT_ROOT" && cd "$GIT_DIR" 2>/dev/null && pwd -P)
if [ -n "$COMMON_ABS" ] && [ "$COMMON_ABS" != "$GIT_ABS" ]; then
MAIN_ROOT=$(dirname "$COMMON_ABS")
if [ -d "$MAIN_ROOT" ] && [ "${UNDERSTAND_NO_WORKTREE_REDIRECT:-0}" != "1" ]; then
echo "[understand] Detected git worktree at $PROJECT_ROOT"
echo "[understand] Redirecting output to main repo root: $MAIN_ROOT"
echo "[understand] (Set UNDERSTAND_NO_WORKTREE_REDIRECT=1 to keep PROJECT_ROOT as the worktree.)"
PROJECT_ROOT="$MAIN_ROOT"
fi
fi
fi
```
Set `UNDERSTAND_NO_WORKTREE_REDIRECT=1` if you intentionally want a per-worktree graph (rare — most users want the redirect).
1.5. **Ensure the plugin is built.** Later phases invoke Node scripts that import `@understand-anything/core`. On a fresh install `packages/core/dist/` does not exist yet — build once.
**Important:** do **not** assume the plugin root is simply two directories above the skill path string. In many installations `~/.agents/skills/understand` is a symlink into the real plugin checkout. Prefer runtime-provided plugin roots first (for Claude), then fall back to universal symlinks, skill symlink resolution, and common clone-based install paths.
Resolve the plugin root like this:
```bash
SKILL_REAL=$(realpath ~/.agents/skills/understand 2>/dev/null || readlink -f ~/.agents/skills/understand 2>/dev/null || echo "")
SELF_RELATIVE=$([ -n "$SKILL_REAL" ] && cd "$SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
COPILOT_SKILL_REAL=$(realpath ~/.copilot/skills/understand 2>/dev/null || readlink -f ~/.copilot/skills/understand 2>/dev/null || echo "")
COPILOT_SELF_RELATIVE=$([ -n "$COPILOT_SKILL_REAL" ] && cd "$COPILOT_SKILL_REAL/../.." 2>/dev/null && pwd || echo "")
PLUGIN_ROOT=""
for candidate in \
"${CLAUDE_PLUGIN_ROOT}" \
"$HOME/.understand-anything-plugin" \
"$SELF_RELATIVE" \
"$COPILOT_SELF_RELATIVE" \
"$HOME/.codex/understand-anything/understand-anything-plugin" \
"$HOME/.opencode/understand-anything/understand-anything-plugin" \
"$HOME/.pi/understand-anything/understand-anything-plugin" \
"$HOME/understand-anything/understand-anything-plugin"; do
if [ -n "$candidate" ] && [ -f "$candidate/package.json" ] && [ -f "$candidate/pnpm-workspace.yaml" ]; then
PLUGIN_ROOT="$candidate"
break
fi
done
if [ -z "$PLUGIN_ROOT" ]; then
echo "Error: Cannot find the understand-anything plugin root."
echo "Checked:"
echo " - ${CLAUDE_PLUGIN_ROOT:-<unset CLAUDE_PLUGIN_ROOT>}"
echo " - $HOME/.understand-anything-plugin"
echo " - ${SELF_RELATIVE:-<unresolved path derived from ~/.agents/skills/understand>}"
echo " - ${COPILOT_SELF_RELATIVE:-<unresolved path derived from ~/.copilot/skills/understand>}"
echo " - $HOME/.codex/understand-anything/understand-anything-plugin"
echo " - $HOME/.opencode/understand-anything/understand-anything-plugin"
echo " - $HOME/.pi/understand-anything/understand-anything-plugin"
echo " - $HOME/understand-anything/understand-anything-plugin"
echo "Make sure the plugin is installed correctly."
exit 1
fi
if [ ! -f "$PLUGIN_ROOT/packages/core/dist/index.js" ]; then
cd "$PLUGIN_ROOT" && (pnpm install --frozen-lockfile 2>/dev/null || pnpm install) && pnpm --filter @understand-anything/core build
fi
```
If `pnpm` is missing, report to the user: "Install Node.js ≥ 22 and pnpm ≥ 10, then re-run `/understand`."
2. Get the current git commit hash:
```bash
git rev-parse HEAD
```
3. Create the intermediate and temp output directories:
```bash
mkdir -p $PROJECT_ROOT/.understand-anything/intermediate
mkdir -p $PROJECT_ROOT/.understand-anything/tmp
```
3.5. **Auto-update configuration:**
- If `--auto-update` is in `$ARGUMENTS`: write `{"autoUpdate": true}` to `$PROJECT_ROOT/.understand-anything/config.json`
- If `--no-auto-update` is in `$ARGUMENTS`: write `{"autoUpdate": false}` to `$PROJECT_ROOT/.understand-anything/config.json`
- These flags only set the config — analysis proceeds normally regardless.
3.6. **Language configuration:**
- Parse `$ARGUMENTS` for `--language <lang>` flag. If found, extract the language code.
- **Language code normalization:** Map friendly names to ISO codes:
- `chinese` → `zh`, `japanese` → `ja`, `korean` → `ko`, `english` → `en`, `spanish` → `es`, `french` → `fr`, `german` → `de`, `portuguese` → `pt`, `russian` → `ru`, `arabic` → `ar`, etc.
- Locale variants: `zh-TW`, `zh-HK`, `zh-CN`, `pt-BR`, etc. are preserved as-is.
- If `--language` is NOT specified:
- Check `$PROJECT_ROOT/.understand-anything/config.json` for an existing `outputLanguage` field. If present, use that.
- If no stored preference, default to `en` (English).
- If `--language` IS specified:
- Update `$PROJECT_ROOT/.understand-anything/config.json` with the new language: merge `{"outputLanguage": "<lang>"}` into existing config.
- Store as `$OUTPUT_LANGUAGE` for use throughout all phases.
- **Language directive template:** Store as `$LANGUAGE_DIRECTIVE`:
```markdown
> **Language directive**: Generate all textual content (summaries, descriptions, tags, titles, languageNotes, languageLesson) in **{language}**. Maintain technical accuracy while using natural, native-level phrasing in the target language. Keep technical terms in English when no standard translation exists (e.g., "middleware", "hook", "barrel").
```
4. **Check for subdomain knowledge graphs to merge:**
List all `*knowledge-graph*.json` files in `$PROJECT_ROOT/.understand-anything/` **excluding** `knowledge-graph.json` itself (e.g. `frontend-knowledge-graph.json`, `backend-knowledge-graph.json`). If any subdomain graphs exist, run the merge script bundled with this skill (located next to this SKILL.md file — use the skill directory path, not the project root):
```bash
python <SKILL_DIR>/merge-subdomain-graphs.py $PROJECT_ROOT
```
The script discovers subdomain graphs, loads the existing `knowledge-graph.json` as a base (if present), and merges everything into `knowledge-graph.json` (deduplicating nodes and edges). Report the merge summary to the user, then continue with the merged graph.
5. Check if `$PROJECT_ROOT/.understand-anything/knowledge-graph.json` exists. If it does, read it.
6. Check if `$PROJECT_ROOT/.understand-anything/meta.json` exists. If it does, read it to get `gitCommitHash`.
7. **Decision logic:**
| Condition | Action |
|---|---|
| `--full` flag in `$ARGUMENTS` | Full analysis (all phases) |
| No existing graph or meta | Full analysis (all phases) |
| `--review` flag + existing graph + unchanged commit hash | Skip to Phase 6 (review-only — reuse existing assembled graph) |
| Existing graph + unchanged commit hash | Ask the user: "The graph is up to date at this commit. Would you like to: **(a)** run a full rebuild (`--full`), **(b)** run the LLM graph reviewer (`--review`), or **(c)** do nothing?" Then follow their choice. If they pick (c), STOP. |
| Existing graph + changed files | Incremental update (re-analyze changed files only) |
**Review-only path:** Copy the existing `knowledge-graph.json` to `$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json`, then jump directly to Phase 6 step 3.
For incremental updates, get the changed file list:
```bash
git diff <lastCommitHash>..HEAD --name-only
```
If this returns no files, report "Graph is up to date" and STOP.
8. **Collect project context for subagent injection:**
- Read `README.md` (or `README.rst`, `readme.md`) from `$PROJECT_ROOT` if it exists. Store as `$README_CONTENT` (first 3000 characters).
- Read the primary package manifest (`package.json`, `pyproject.toml`, `Cargo.toml`, `go.mod`, `pom.xml`) if it exists. Store as `$MANIFEST_CONTENT`.
- Capture the top-level directory tree:
```bash
find $PROJECT_ROOT -maxdepth 2 -type f -not -path '*/node_modules/*' -not -path '*/.git/*' -not -path '*/dist/*' | head -100
```
Store as `$DIR_TREE`.
- Detect the project entry point by checking for common patterns (in order): `src/index.ts`, `src/main.ts`, `src/App.tsx`, `index.js`, `main.py`, `manage.py`, `app.py`, `wsgi.py`, `asgi.py`, `run.py`, `__main__.py`, `main.go`, `cmd/*/main.go`, `src/main.rs`, `src/lib.rs`, `src/main/java/**/Application.java`, `Program.cs`, `config.ru`, `index.php`. Store first match as `$ENTRY_POINT`.
---
## Phase 0.5 — Ignore Configuration
Set up and verify the `.understandignore` file before scanning.
1. Check if `$PROJECT_ROOT/.understand-anything/.understandignore` exists.
2. **If it does NOT exist**, generate a starter file:
- Run the following Node.js one-liner in `$PROJECT_ROOT` (reads `.gitignore` and deduplicates against built-in defaults):
```bash
node -e "
const fs = require('fs');
const path = require('path');
const root = process.cwd();
const defaults = ['node_modules/','node_modules','.git/','vendor/','venv/','.venv/','__pycache__/','dist/','dist','build/','build','out/','coverage/','coverage','.next/','.cache/','.turbo/','target/','obj/','*.lock','package-lock.json','yarn.lock','pnpm-lock.yaml','*.png','*.jpg','*.jpeg','*.gif','*.svg','*.ico','*.woff','*.woff2','*.ttf','*.eot','*.mp3','*.mp4','*.pdf','*.zip','*.tar','*.gz','*.min.js','*.min.css','*.map','*.generated.*','.idea/','.vscode/','LICENSE','.gitignore','.editorconfig','.prettierrc','.eslintrc*','*.log'];
const norm = p => p.replace(/\/+$/, '');
const defaultSet = new Set(defaults.map(norm));
const header = '# .understandignore — patterns for files/dirs to exclude from analysis\n# Syntax: same as .gitignore (globs, # comments, ! negation, trailing / for dirs)\n# Lines below are suggestions — uncomment to activate.\n# Use ! prefix to force-include something excluded by defaults.\n#\n# Built-in defaults (always excluded unless negated):\n# node_modules/, .git/, dist/, build/, obj/, *.lock, *.min.js, etc.\n#\n';
let body = '';
const gitignorePath = path.join(root, '.gitignore');
if (fs.existsSync(gitignorePath)) {
const gi = fs.readFileSync(gitignorePath, 'utf-8').split('\n').map(l => l.trim()).filter(l => l && !l.startsWith('#')).filter(p => !defaultSet.has(norm(p)));
if (gi.length) { body += '# --- From .gitignore (uncomment to exclude) ---\n\n' + gi.map(p => '# ' + p).join('\n') + '\n\n'; }
}
const dirs = ['__tests__','test','tests','fixtures','testdata','docs','examples','scripts','migrations','.storybook'];
const found = dirs.filter(d => fs.existsSync(path.join(root, d)));
if (found.length) { body += '# --- Detected directories (uncomment to exclude) ---\n\n' + found.map(d => '# ' + d + '/').join('\n') + '\n\n'; }
body += '# --- Test file patterns (uncomment to exclude) ---\n\n# *.test.*\n# *.spec.*\n# *.snap\n';
const outDir = path.join(root, '.understand-anything');
if (!fs.existsSync(outDir)) fs.mkdirSync(outDir, { recursive: true });
fs.writeFileSync(path.join(outDir, '.understandignore'), header + body);
"
```
- Report to the user:
> Generated `.understand-anything/.understandignore` with suggested exclusions based on your project structure. Please review it and uncomment any patterns you'd like to exclude from analysis. When ready, confirm to continue.
- **Wait for user confirmation before proceeding.**
3. **If it already exists**, report:
> Found `.understand-anything/.understandignore`. Review it if needed, then confirm to continue.
- **Wait for user confirmation before proceeding.**
4. After confirmation, proceed to Phase 1.
---
## Phase 1 — SCAN (Full analysis only)
Report to the user: `[Phase 1/7] Scanning project files...`
Dispatch a subagent using the `project-scanner` agent definition (at `agents/project-scanner.md`). Append the following additional context:
> **Additional context from main session:**
>
> Project README (first 3000 chars):
> ```
> $README_CONTENT
> ```
>
> Package manifest:
> ```
> $MANIFEST_CONTENT
> ```
>
> Use this context to produce more accurate project name, description, and framework detection. The README and manifest are authoritative — prefer their information over heuristics.
>
> $LANGUAGE_DIRECTIVE
Pass these parameters in the dispatch prompt:
> Scan this project directory to discover all project files (including non-code files like configs, docs, infrastructure), detect languages and frameworks.
> Project root: `$PROJECT_ROOT`
> Write output to: `$PROJECT_ROOT/.understand-anything/intermediate/scan-result.json`
After the subagent completes, read `$PROJECT_ROOT/.understand-anything/intermediate/scan-result.json` to get:
- Project name, description
- Languages, frameworks
- File list with line counts and `fileCategory` per file (`code`, `config`, `docs`, `infra`, `data`, `script`, `markup`)
- Complexity estimate
- Import map (`importMap`): pre-resolved project-internal imports per file (non-code files have empty arrays)
Store `importMap` in memory as `$IMPORT_MAP` for use in Phase 2 batch construction.
Store the file list as `$FILE_LIST` with `fileCategory` metadata for use in Phase 2 batch construction.
**Gate check:** If >100 files, inform the user and suggest scoping with a subdirectory argument. Proceed only if user confirms or add guidance that this may take a while.
If the scan result includes `filteredByIgnore > 0`, report:
> Excluded {filteredByIgnore} files via `.understandignore`.
---
## Phase 1.5 — BATCH
Report: `[Phase 1.5/7] Computing semantic batches...`
Run the bundled batching script:
```bash
node <SKILL_DIR>/compute-batches.mjs $PROJECT_ROOT
```
Reads `.understand-anything/intermediate/scan-result.json`, writes `.understand-anything/intermediate/batches.json`.
Capture stderr. Append any line starting with `Warning:` to `$PHASE_WARNINGS` for the final report.
If the script exits non-zero, the failure is hard — relay the full stderr to the user as a Phase 1.5 failure. Do not attempt to recover; the script's internal fallback (count-based) already handles recoverable issues. A non-zero exit means a fundamental problem (missing input file, malformed JSON, etc.).
---
## Phase 2 — ANALYZE
### Full analysis path
Load `.understand-anything/intermediate/batches.json` (produced by Phase 1.5). Iterate the `batches[]` array.
Report: `[Phase 2/7] Analyzing files — <totalFiles> files in <totalBatches> batches (up to 5 concurrent)...`
For each batch, dispatch a subagent using the `file-analyzer` agent definition (at `agents/file-analyzer.md`). Run up to **5 subagents concurrently**. Append the following additional context:
> **Additional context from main session:**
>
> Project: `<projectName>` — `<projectDescription>`
> Languages: `<languages from Phase 1>`
>
> $LANGUAGE_DIRECTIVE
Dispatch prompt template (fill in batch-specific values from `batches.json[i]`):
> Analyze these files and produce GraphNode and GraphEdge objects.
> Project root: `$PROJECT_ROOT`
> Project: `<projectName>`
> Languages: `<languages>`
> Batch: `<batchIndex>/<totalBatches>`
> Skill directory (for bundled scripts): `<SKILL_DIR>`
> Output: write to `$PROJECT_ROOT/.understand-anything/intermediate/batch-<batchIndex>.json` (single-file mode) OR `batch-<batchIndex>-part-<k>.json` (split mode, per Step B of your output protocol).
>
> Pre-resolved import data for this batch (use directly — do NOT re-resolve imports from source):
> ```json
> <batchImportData JSON from batches.json[i].batchImportData>
> ```
>
> Cross-batch neighbors with their exported symbols (confidence boost for cross-batch edges):
> ```json
> <neighborMap JSON from batches.json[i].neighborMap>
> ```
>
> Files to analyze in this batch (every entry MUST be passed through to `batchFiles` with all four fields — `path`, `language`, `sizeLines`, `fileCategory`):
> 1. `<path>` (<sizeLines> lines, language: `<language>`, fileCategory: `<fileCategory>`)
> 2. `<path>` (<sizeLines> lines, language: `<language>`, fileCategory: `<fileCategory>`)
> ...
**Output naming is per-batchIndex — no fusion.** If you fuse multiple small batches into a single file-analyzer dispatch for token efficiency, the dispatched agent must STILL write one output file per original `batchIndex` using `batch-<batchIndex>.json` or `batch-<batchIndex>-part-<k>.json`. The merge script's regex (`batch-(\d+)(?:-part-(\d+))?\.json`) silently drops any other naming (e.g., `batch-fused-8-13.json`, `batch-8-13.json`), losing every node and edge in that file. After each dispatch returns, verify each `batchIndex` in the dispatched input has a corresponding `batch-<batchIndex>.json` (or `batch-<batchIndex>-part-*.json`) on disk before proceeding to the next dispatch.
After ALL batches complete, report to the user: `Phase 2 complete. All <totalBatches> batches analyzed.`
Run the merge-and-normalize script bundled with this skill (located next to this SKILL.md file — use the skill directory path, not the project root):
```bash
python <SKILL_DIR>/merge-batch-graphs.py $PROJECT_ROOT
```
This script reads all `batch-*.json` files (including `batch-<i>-part-<k>.json` produced by file-analyzers that split their output) from `$PROJECT_ROOT/.understand-anything/intermediate/`, then in one pass:
- Combines all nodes and edges across batches
- Normalizes node IDs (strips double prefixes, project-name prefixes, adds missing prefixes)
- Normalizes complexity values (`low`→`simple`, `medium`→`moderate`, `high`→`complex`, etc.)
- Rewrites edge references to match corrected node IDs
- Deduplicates nodes by ID (keeps last occurrence) and edges by `(source, target, type)`
- Drops dangling edges referencing missing nodes
- Logs all corrections and dropped items to stderr
The merge script also runs a `tested_by` linker that canonicalizes test-coverage edges in two passes. **Pass 1** walks LLM-emitted `tested_by` edges and flips inverted ones in place; semantically broken edges (test↔test, prod↔prod, orphan endpoints) are dropped. **Pass 2** supplements with path-convention pairings. Production nodes that end up sourcing any `tested_by` edge get a `"tested"` tag. All resulting edges run `production → test`.
Output: `$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json`
Include the script's warnings in `$PHASE_WARNINGS` for the reviewer.
### Incremental update path
Write the changed-files list (one path per line) to a temp file:
```bash
git diff <lastCommitHash>..HEAD --name-only > $PROJECT_ROOT/.understand-anything/tmp/changed-files.txt
```
Run compute-batches with `--changed-files`:
```bash
node <SKILL_DIR>/compute-batches.mjs $PROJECT_ROOT \
--changed-files=$PROJECT_ROOT/.understand-anything/tmp/changed-files.txt
```
This produces a `batches.json` that contains only batches with changed files, but neighborMap entries still reference unchanged files (with their full-graph batchIndex) so cross-batch edges remain emittable.
Then dispatch file-analyzer subagents per the same template as the full path.
After batches complete:
1. Remove old nodes whose `filePath` matches any changed file from the existing graph
2. Remove old edges whose `source` or `target` references a removed node
3. Write the pruned existing nodes/edges as `batch-existing.json` in the intermediate directory
4. Run the same merge script — it will combine `batch-existing.json` with the fresh `batch-*.json` files:
```bash
python <SKILL_DIR>/merge-batch-graphs.py $PROJECT_ROOT
```
---
## Phase 3 — ASSEMBLE REVIEW
Report to the user: `[Phase 3/7] Reviewing assembled graph...`
Dispatch a subagent using the `assemble-reviewer` agent definition (at `agents/assemble-reviewer.md`).
Pass these parameters in the dispatch prompt:
> Review the assembled graph at `$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json`.
> Project root: `$PROJECT_ROOT`
> Batch files are at: `$PROJECT_ROOT/.understand-anything/intermediate/batch-*.json`
> Write review output to: `$PROJECT_ROOT/.understand-anything/intermediate/assemble-review.json`
>
> **Merge script report:**
> ```
> <paste the full stderr output from merge-batch-graphs.py>
> ```
>
> **Import map for cross-batch edge verification:**
> ```json
> $IMPORT_MAP
> ```
After the subagent completes, read `$PROJECT_ROOT/.understand-anything/intermediate/assemble-review.json` and add any notes to `$PHASE_WARNINGS`.
---
## Phase 4 — ARCHITECTURE
Report to the user: `[Phase 4/7] Identifying architectural layers...`
**Build the combined prompt template:**
1. Use the `architecture-analyzer` agent definition (at `agents/architecture-analyzer.md`).
2. **Language context injection:** For each language detected in Phase 1 (e.g., `python`, `markdown`, `dockerfile`, `yaml`, `sql`, `terraform`, `graphql`, `protobuf`, `shell`, `html`, `css`), read the file at `./languages/<language-id>.md` (e.g., `./languages/python.md`, `./languages/dockerfile.md`) and append its content after the base template under a `## Language Context` header. If the file does not exist for a detected language, skip it silently and continue. These files are in the `languages/` subdirectory next to this SKILL.md file. **Include non-code language snippets** — they provide edge patterns and summary styles for non-code files.
3. **Framework addendum injection:** For each framework detected in Phase 1 (e.g., `Django`), read the file at `./frameworks/<framework-id-lowercase>.md` (e.g., `./frameworks/django.md`) and append its full content after the language context. If the file does not exist for a detected framework, skip it silently and continue. These files are in the `frameworks/` subdirectory next to this SKILL.md file.
4. **Output locale injection:** If `$OUTPUT_LANGUAGE` is NOT `en` (English), read the locale guidance file at `./locales/<language-code>.md` (e.g., `./locales/zh.md`, `./locales/ja.md`, `./locales/ko.md`) and append its content after the framework addendums under a `## Output Language Guidelines` header. This provides language-specific guidance for tag naming conventions, summary style, and layer name translations. If the locale file does not exist for the specified language, skip silently — the `$LANGUAGE_DIRECTIVE` still applies. These files are in the `locales/` subdirectory next to this SKILL.md file.
Append the language/framework context and the following additional context to the agent's prompt:
> **Additional context from main session:**
>
> Frameworks detected: `<frameworks from Phase 1>`
>
> Directory tree (top 2 levels):
> ```
> $DIR_TREE
> ```
>
> Use the directory tree, language context, and framework addendums (appended above) to inform layer assignments. Directory structure is strong evidence for layer boundaries. Non-code files (config, docs, infrastructure, data) should be assigned to appropriate layers — see the prompt template for guidance.
>
> $LANGUAGE_DIRECTIVE
Pass these parameters in the dispatch prompt:
> Analyze this codebase's structure to identify architectural layers.
> Project root: `$PROJECT_ROOT`
> Write output to: `$PROJECT_ROOT/.understand-anything/intermediate/layers.json`
> Project: `<projectName>` — `<projectDescription>`
>
> File nodes (all node types — includes code files, config, document, service, pipeline, table, schema, resource, endpoint):
> ```json
> [list of {id, type, name, filePath, summary, tags} for ALL file-level nodes — omit complexity, languageNotes]
> ```
>
> Import edges:
> ```json
> [list of edges with type "imports"]
> ```
>
> All edges (for cross-category analysis — includes configures, documents, deploys, triggers, etc.):
> ```json
> [list of ALL edges — include all edge types]
> ```
After the subagent completes, read `$PROJECT_ROOT/.understand-anything/intermediate/layers.json` and normalize it into a final `layers` array. Apply these steps **in order**:
1. **Unwrap envelope:** If the file contains `{ "layers": [...] }` instead of a plain array, extract the inner array. (The prompt requests a plain array, but LLMs may still produce an envelope.)
2. **Rename legacy fields:** If any layer object has a `nodes` field instead of `nodeIds`, rename `nodes` → `nodeIds`. If `nodes` entries are objects with an `id` field rather than plain strings, extract just the `id` values into `nodeIds`.
3. **Synthesize missing IDs:** If any layer is missing an `id`, generate one as `layer:<kebab-case-name>`.
4. **Convert file paths:** If `nodeIds` entries are raw file paths without a known prefix (`file:`, `config:`, `document:`, `service:`, `pipeline:`, `table:`, `schema:`, `resource:`, `endpoint:`), convert them to `file:<relative-path>`.
5. **Drop dangling refs:** Remove any `nodeIds` entries that do not exist in the merged node set.
Each element of the final `layers` array MUST have this shape:
```json
[
{
"id": "layer:<kebab-case-name>",
"name": "<layer name>",
"description": "<what belongs in this layer>",
"nodeIds": ["file:src/App.tsx", "config:tsconfig.json", "document:README.md"]
}
]
```
All four fields (`id`, `name`, `description`, `nodeIds`) are required.
**For incremental updates:** Always re-run architecture analysis on the full merged node set, since layer assignments may shift when files change.
**Context for incremental updates:** When re-running architecture analysis, also inject the previous layer definitions:
> Previous layer definitions (for naming consistency):
> ```json
> [previous layers from existing graph]
> ```
>
> Maintain the same layer names and IDs where possible. Only add/remove layers if the file structure has materially changed.
---
## Phase 5 — TOUR
Report to the user: `[Phase 5/7] Building guided tour...`
Dispatch a subagent using the `tour-builder` agent definition (at `agents/tour-builder.md`). Append the following additional context:
> **Additional context from main session:**
>
> Project README (first 3000 chars):
> ```
> $README_CONTENT
> ```
>
> Project entry point: `$ENTRY_POINT`
>
> Use the README to align the tour narrative with the project's own documentation. Start the tour from the entry point if one was detected. The tour should tell the same story the README tells, but through the lens of actual code structure.
>
> $LANGUAGE_DIRECTIVE
Pass these parameters in the dispatch prompt:
> Create a guided learning tour for this codebase.
> Project root: `$PROJECT_ROOT`
> Write output to: `$PROJECT_ROOT/.understand-anything/intermediate/tour.json`
> Project: `<projectName>` — `<projectDescription>`
> Languages: `<languages>`
>
> Nodes (all file-level nodes — includes code files, config, document, service, pipeline, table, schema, resource, endpoint):
> ```json
> [list of {id, name, filePath, summary, type} for ALL file-level nodes — do NOT include function or class nodes]
> ```
>
> Layers:
> ```json
> [list of {id, name, description} for each layer — omit nodeIds]
> ```
>
> Edges (all types — includes imports, calls, configures, documents, deploys, triggers, etc.):
> ```json
> [list of ALL edges — include all edge types for complete graph topology analysis]
> ```
After the subagent completes, read `$PROJECT_ROOT/.understand-anything/intermediate/tour.json` and normalize it into a final `tour` array. Apply these steps **in order**:
1. **Unwrap envelope:** If the file contains `{ "steps": [...] }` instead of a plain array, extract the inner array. (The prompt requests a plain array, but LLMs may still produce an envelope.)
2. **Rename legacy fields:** If any step has `nodesToInspect` instead of `nodeIds`, rename it → `nodeIds`. If any step has `whyItMatters` instead of `description`, rename it → `description`.
3. **Convert file paths:** If `nodeIds` entries are raw file paths without a known prefix (`file:`, `config:`, `document:`, `service:`, `pipeline:`, `table:`, `schema:`, `resource:`, `endpoint:`), convert them to `file:<relative-path>`.
4. **Drop dangling refs:** Remove any `nodeIds` entries that do not exist in the merged node set.
5. **Sort** by `order` before saving.
Each element of the final `tour` array MUST have this shape:
```json
[
{
"order": 1,
"title": "Project Overview",
"description": "Start with the README to understand the project's purpose and architecture.",
"nodeIds": ["document:README.md"]
},
{
"order": 2,
"title": "Application Entry Point",
"description": "This step explains how the frontend boots and mounts.",
"nodeIds": ["file:src/main.tsx", "file:src/App.tsx"]
}
]
```
Required fields: `order`, `title`, `description`, `nodeIds`. Preserve optional `languageLesson` when present.
---
## Phase 6 — REVIEW
Report to the user: `[Phase 6/7] Validating knowledge graph...`
Assemble the full KnowledgeGraph JSON object:
```json
{
"version": "1.0.0",
"project": {
"name": "<projectName>",
"languages": ["<languages>"],
"frameworks": ["<frameworks>"],
"description": "<projectDescription>",
"analyzedAt": "<ISO 8601 timestamp>",
"gitCommitHash": "<commit hash from Phase 0>"
},
"nodes": [<all nodes from assembled-graph.json after Phase 3 review>],
"edges": [<all edges from assembled-graph.json after Phase 3 review>],
"layers": [<layers from Phase 4>],
"tour": [<steps from Phase 5>]
}
```
1. Before writing the assembled graph, validate that:
- `layers` is an array of objects with these required fields: `id`, `name`, `description`, `nodeIds`
- `tour` is an array of objects with these required fields: `order`, `title`, `description`, `nodeIds`
- `tour[*].languageLesson` is allowed as an optional string field
- Every `layers[*].nodeIds` entry exists in the merged node set
- Every `tour[*].nodeIds` entry exists in the merged node set
If validation fails, automatically normalize and rewrite the graph into this shape before saving. If the graph still fails final validation after the normalization pass, save it with warnings but mark dashboard auto-launch as skipped.
2. Write the assembled graph to `$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json`.
3. **Check `$ARGUMENTS` for `--review` flag.** Then run the appropriate validation path:
---
#### Default path (no `--review`): inline deterministic validation
Write the following Node.js script to `$PROJECT_ROOT/.understand-anything/tmp/ua-inline-validate.cjs`:
```javascript
#!/usr/bin/env node
const fs = require('fs');
const graphPath = process.argv[2];
const outputPath = process.argv[3];
try {
const graph = JSON.parse(fs.readFileSync(graphPath, 'utf8'));
const issues = [], warnings = [];
if (!Array.isArray(graph.nodes)) { issues.push('graph.nodes is missing or not an array'); graph.nodes = []; }
if (!Array.isArray(graph.edges)) { issues.push('graph.edges is missing or not an array'); graph.edges = []; }
const nodeIds = new Set();
const seen = new Map();
graph.nodes.forEach((n, i) => {
if (!n.id) { issues.push(`Node[${i}] missing id`); return; }
if (!n.type) issues.push(`Node[${i}] '${n.id}' missing type`);
if (!n.name) issues.push(`Node[${i}] '${n.id}' missing name`);
if (!n.summary) issues.push(`Node[${i}] '${n.id}' missing summary`);
if (!n.tags || !n.tags.length) issues.push(`Node[${i}] '${n.id}' missing tags`);
if (seen.has(n.id)) issues.push(`Duplicate node ID '${n.id}' at indices ${seen.get(n.id)} and ${i}`);
else seen.set(n.id, i);
nodeIds.add(n.id);
});
graph.edges.forEach((e, i) => {
if (!nodeIds.has(e.source)) issues.push(`Edge[${i}] source '${e.source}' not found`);
if (!nodeIds.has(e.target)) issues.push(`Edge[${i}] target '${e.target}' not found`);
});
const fileLevelTypes = new Set(['file', 'config', 'document', 'service', 'pipeline', 'table', 'schema', 'resource', 'endpoint']);
const fileNodes = graph.nodes.filter(n => fileLevelTypes.has(n.type)).map(n => n.id);
const assigned = new Map();
if (!Array.isArray(graph.layers)) { if (graph.layers) warnings.push('graph.layers is not an array'); graph.layers = []; }
if (!Array.isArray(graph.tour)) { if (graph.tour) warnings.push('graph.tour is not an array'); graph.tour = []; }
graph.layers.forEach(layer => {
(layer.nodeIds || []).forEach(id => {
if (!nodeIds.has(id)) issues.push(`Layer '${layer.id}' refs missing node '${id}'`);
if (assigned.has(id)) issues.push(`Node '${id}' appears in multiple layers`);
assigned.set(id, layer.id);
});
});
fileNodes.forEach(id => {
if (!assigned.has(id)) issues.push(`File node '${id}' not in any layer`);
});
graph.tour.forEach((step, i) => {
(step.nodeIds || []).forEach(id => {
if (!nodeIds.has(id)) issues.push(`Tour step[${i}] refs missing node '${id}'`);
});
});
const withEdges = new Set([
...graph.edges.map(e => e.source),
...graph.edges.map(e => e.target)
]);
graph.nodes.forEach(n => {
if (!withEdges.has(n.id)) warnings.push(`Node '${n.id}' has no edges (orphan)`);
});
const stats = {
totalNodes: graph.nodes.length,
totalEdges: graph.edges.length,
totalLayers: graph.layers.length,
tourSteps: graph.tour.length,
nodeTypes: graph.nodes.reduce((a, n) => { a[n.type] = (a[n.type]||0)+1; return a; }, {}),
edgeTypes: graph.edges.reduce((a, e) => { a[e.type] = (a[e.type]||0)+1; return a; }, {})
};
fs.writeFileSync(outputPath, JSON.stringify({ issues, warnings, stats }, null, 2));
process.exit(0);
} catch (err) { process.stderr.write(err.message + '\n'); process.exit(1); }
```
Execute it:
```bash
node $PROJECT_ROOT/.understand-anything/tmp/ua-inline-validate.cjs \
"$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json" \
"$PROJECT_ROOT/.understand-anything/intermediate/review.json"
```
If the script exits non-zero, read stderr, fix the script, and retry once.
---
#### `--review` path: full LLM reviewer
If `--review` IS in `$ARGUMENTS`, dispatch the LLM graph-reviewer subagent as follows:
Dispatch a subagent using the `graph-reviewer` agent definition (at `agents/graph-reviewer.md`). Append the following additional context:
> **Additional context from main session:**
>
> Phase 1 scan results (file inventory):
> ```json
> [list of {path, sizeLines} from scan-result.json]
> ```
>
> Phase warnings/errors accumulated during analysis:
> - [list any batch failures, skipped files, or warnings from Phases 2-5]
>
> Cross-validate: every file in the scan inventory should have a corresponding node in the graph (node types may vary: `file:`, `config:`, `document:`, `service:`, `pipeline:`, `table:`, `schema:`, `resource:`, `endpoint:`). Flag any missing files. Also flag any graph nodes whose `filePath` doesn't appear in the scan inventory.
Pass these parameters in the dispatch prompt:
> Validate the knowledge graph at `$PROJECT_ROOT/.understand-anything/intermediate/assembled-graph.json`.
> Project root: `$PROJECT_ROOT`
> Read the file and validate it for completeness and correctness.
> Write output to: `$PROJECT_ROOT/.understand-anything/intermediate/review.json`
---
4. Read `$PROJECT_ROOT/.understand-anything/intermediate/review.json`.
5. **If `issues` array is non-empty:**
- Review the `issues` list
- Apply automated fixes where possible:
- Remove edges with dangling references
- Fill missing required fields with sensible defaults (e.g., empty `tags` -> `["untagged"]`, empty `summary` -> `"No summary available"`)
- Remove nodes with invalid types
- Re-run the final graph validation after automated fixes
- If critical issues remain after one fix attempt, save the graph anyway but include the warnings in the final report and mark dashboard auto-launch as skipped
6. **If `issues` array is empty:** Proceed to Phase 7.
---
## Phase 7 — SAVE
Report to the user: `[Phase 7/7] Saving knowledge graph...`
1. Write the final knowledge graph to `$PROJECT_ROOT/.understand-anything/knowledge-graph.json`.
2. **Generate structural fingerprints baseline.** This creates the basis for future automatic incremental updates and **must succeed before `meta.json` is written** — otherwise auto-update sees a fresh commit hash with no fingerprints to compare against, classifies every file as STRUCTURAL, and escalates to `FULL_UPDATE` on every subsequent commit (issue #152).
Write the input file:
```bash
cat > $PROJECT_ROOT/.understand-anything/intermediate/fingerprint-input.json <<EOF
{
"projectRoot": "$PROJECT_ROOT",
"sourceFilePaths": [<all source file paths from Phase 1, as JSON array>],
"gitCommitHash": "<current commit hash>"
}
EOF
```
Then invoke the bundled script (located next to this SKILL.md):
```bash
node <SKILL_DIR>/build-fingerprints.mjs \
$PROJECT_ROOT/.understand-anything/intermediate/fingerprint-input.json
```
The script uses `TreeSitterPlugin + PluginRegistry` exactly like `extract-structure.mjs`, so the baseline matches the comparison logic used during auto-updates.
**If the script exits non-zero or stdout does not include `Fingerprints baseline:`, abort Phase 7 and report the error. Do NOT proceed to step 3 (writing `meta.json`).**
3. Write metadata to `$PROJECT_ROOT/.understand-anything/meta.json` (only after step 2 succeeded):
```json
{
"lastAnalyzedAt": "<ISO 8601 timestamp>",
"gitCommitHash": "<commit hash>",
"version": "1.0.0",
"analyzedFiles": <number of files analyzed>
}
```
4. Clean up intermediate files, **preserving `scan-result.json`** so future incremental runs can skip Phase 1 SCAN (see issue #293):
```bash
# Preserve scan-result.json — Phase 1's deterministic file inventory.
# Future incremental runs (Phase 2 compute-batches.mjs --changed-files=…)
# need this inventory; without it, Phase 1 must re-dispatch and pay ~157k
# tokens / ~158s per incremental run.
INTER="$PROJECT_ROOT/.understand-anything/intermediate"
if [ -d "$INTER" ]; then
find "$INTER" -mindepth 1 -maxdepth 1 -not -name 'scan-result.json' -exec rm -rf {} +
fi
rm -rf $PROJECT_ROOT/.understand-anything/tmp
```
5. Report a summary to the user containing:
- Project name and description
- Files analyzed / total files (with breakdown by fileCategory: code, config, docs, infra, data, script, markup)
- Nodes created (broken down by type: file, function, class, config, document, service, table, endpoint, pipeline, schema, resource)
- Edges created (broken down by type)
- Layers identified (with names)
- Tour steps generated (count)
- Any warnings from the reviewer
- Path to the output file: `$PROJECT_ROOT/.understand-anything/knowledge-graph.json`
6. Only automatically launch the dashboard by invoking the `/understand-dashboard` skill if final graph validation passed after normalization/review fixes.
If final validation did not pass, report that the graph was saved with warnings and dashboard launch was skipped.
---
## Error Handling
- If any subagent dispatch fails, retry **once** with the same prompt plus additional context about the failure.
- Track all warnings and errors from each phase in a `$PHASE_WARNINGS` list. When using `--review`, pass this list to the graph-reviewer in Phase 6. On the default path, include accumulated warnings in the Phase 7 final report.
- If it fails a second time, skip that phase and continue with partial results.
- ALWAYS save partial results — a partial graph is better than no graph.
- Report any skipped phases or errors in the final summary so the user knows what happened.
- NEVER silently drop errors. Every failure must be visible in the final report.
---
## Reference: KnowledgeGraph Schema
### Node Types (13 total)
| Type | Description | ID Convention |
|---|---|---|
| `file` | Source code file | `file:<relative-path>` |
| `function` | Function or method | `function:<relative-path>:<name>` |
| `class` | Class, interface, or type | `class:<relative-path>:<name>` |
| `module` | Logical module or package | `module:<name>` |
| `concept` | Abstract concept or pattern | `concept:<name>` |
| `config` | Configuration file (YAML, JSON, TOML, env) | `config:<relative-path>` |
| `document` | Documentation file (Markdown, RST, TXT) | `document:<relative-path>` |
| `service` | Deployable service definition (Dockerfile, K8s) | `service:<relative-path>` |
| `table` | Database table or migration | `table:<relative-path>:<table-name>` |
| `endpoint` | API endpoint or route definition | `endpoint:<relative-path>:<endpoint-name>` |
| `pipeline` | CI/CD pipeline configuration | `pipeline:<relative-path>` |
| `schema` | Schema definition (GraphQL, Protobuf, Prisma) | `schema:<relative-path>` |
| `resource` | Infrastructure resource (Terraform, CloudFormation) | `resource:<relative-path>` |
### Edge Types (26 total)
| Category | Types |
|---|---|
| Structural | `imports`, `exports`, `contains`, `inherits`, `implements` |
| Behavioral | `calls`, `subscribes`, `publishes`, `middleware` |
| Data flow | `reads_from`, `writes_to`, `transforms`, `validates` |
| Dependencies | `depends_on`, `tested_by`, `configures` |
| Semantic | `related`, `similar_to` |
| Infrastructure | `deploys`, `serves`, `provisions`, `triggers` |
| Schema/Data | `migrates`, `documents`, `routes`, `defines_schema` |
### Edge Weight Conventions
| Edge Type | Weight |
|---|---|
| `contains` | 1.0 |
| `inherits`, `implements` | 0.9 |
| `calls`, `exports`, `defines_schema` | 0.8 |
| `imports`, `deploys`, `migrates` | 0.7 |
| `depends_on`, `configures`, `triggers` | 0.6 |
| `tested_by`, `documents`, `provisions`, `serves`, `routes` | 0.5 |
| All others | 0.5 (default) |

90
.qoder/skills/understand/build-fingerprints.mjs
View File

@@ -1,90 +0,0 @@
#!/usr/bin/env node
/**
* build-fingerprints.mjs
*
* Builds the structural-fingerprint baseline used by auto-update's
* incremental change detection. Runs once per /understand full rebuild
* (Phase 7 step 2.5), generating .understand-anything/fingerprints.json.
*
* Replaces the LLM-written fingerprint script that previously sat in
* SKILL.md as a code example — that example had the wrong signature
* for buildFingerprintStore() and never successfully produced a baseline,
* which silently broke auto-update for every install (see issue #152).
*
* Usage:
* node build-fingerprints.mjs <input.json>
*
* Input JSON:
* { projectRoot: string, sourceFilePaths: string[], gitCommitHash: string }
*
* Writes: <projectRoot>/.understand-anything/fingerprints.json
* Exit code: 0 on success (including 0 files analyzed); non-zero on error.
*/
import { createRequire } from 'node:module';
import { dirname, resolve } from 'node:path';
import { fileURLToPath, pathToFileURL } from 'node:url';
import { readFileSync } from 'node:fs';
const __dirname = dirname(fileURLToPath(import.meta.url));
// skills/understand/ -> plugin root is two dirs up
const pluginRoot = resolve(__dirname, '../..');
const require = createRequire(resolve(pluginRoot, 'package.json'));
// ---------------------------------------------------------------------------
// Resolve @understand-anything/core (matches extract-structure.mjs).
// pathToFileURL() is required for Windows: dynamic import() of a raw
// "C:\..." path throws ERR_UNSUPPORTED_ESM_URL_SCHEME.
// ---------------------------------------------------------------------------
let core;
try {
core = await import(pathToFileURL(require.resolve('@understand-anything/core')).href);
} catch {
core = await import(pathToFileURL(resolve(pluginRoot, 'packages/core/dist/index.js')).href);
}
const {
TreeSitterPlugin,
PluginRegistry,
builtinLanguageConfigs,
registerAllParsers,
buildFingerprintStore,
saveFingerprints,
} = core;
async function main() {
const [, , inputPath] = process.argv;
if (!inputPath) {
process.stderr.write('Usage: node build-fingerprints.mjs <input.json>\n');
process.exit(1);
}
const { projectRoot, sourceFilePaths, gitCommitHash } = JSON.parse(
readFileSync(inputPath, 'utf-8'),
);
if (!projectRoot || !Array.isArray(sourceFilePaths) || typeof gitCommitHash !== 'string') {
throw new Error(
'Invalid input: requires { projectRoot: string, sourceFilePaths: string[], gitCommitHash: string }',
);
}
// Create tree-sitter plugin with all configs that have WASM grammars,
// mirroring extract-structure.mjs so the baseline matches the comparison
// logic used during auto-updates.
const tsConfigs = builtinLanguageConfigs.filter((c) => c.treeSitter);
const tsPlugin = new TreeSitterPlugin(tsConfigs);
await tsPlugin.init();
const registry = new PluginRegistry();
registry.register(tsPlugin);
registerAllParsers(registry);
const store = buildFingerprintStore(projectRoot, sourceFilePaths, registry, gitCommitHash);
saveFingerprints(projectRoot, store);
const fileCount = Object.keys(store.files).length;
process.stdout.write(`Fingerprints baseline: ${fileCount} files\n`);
}
await main();

555
.qoder/skills/understand/compute-batches.mjs
View File

@@ -1,555 +0,0 @@
#!/usr/bin/env node
/**
* compute-batches.mjs — Phase 1.5 of /understand
*
* Reads scan-result.json, runs Louvain community detection on the import
* graph, and writes batches.json containing batches + neighborMap.
*
* Usage:
* node compute-batches.mjs <project-root> [--changed-files=<path>]
*
* Input: <project-root>/.understand-anything/intermediate/scan-result.json
* Output: <project-root>/.understand-anything/intermediate/batches.json
*/
import { readFileSync, writeFileSync, existsSync, realpathSync } from 'node:fs';
import { dirname, join, resolve } from 'node:path';
import { fileURLToPath, pathToFileURL } from 'node:url';
import { createRequire } from 'node:module';
const __filename = fileURLToPath(import.meta.url);
const PLUGIN_ROOT = resolve(dirname(__filename), '../..');
const require = createRequire(resolve(PLUGIN_ROOT, 'package.json'));
let core;
try {
core = await import(pathToFileURL(require.resolve('@understand-anything/core')).href);
} catch {
core = await import(pathToFileURL(resolve(PLUGIN_ROOT, 'packages/core/dist/index.js')).href);
}
const { TreeSitterPlugin, PluginRegistry, builtinLanguageConfigs, registerAllParsers } = core;
import Graph from 'graphology';
import louvain from 'graphology-communities-louvain';
/**
* For each code file, returns its top-level exported symbol names (functions,
* classes, exported consts). Per-file errors are swallowed into [] with a
* visible warning so a single bad file does not abort batching.
*
* Returns Map<path, string[]>.
*/
async function extractExports(projectRoot, codeFiles) {
let registry;
try {
const tsConfigs = builtinLanguageConfigs.filter(c => c.treeSitter);
const tsPlugin = new TreeSitterPlugin(tsConfigs);
await tsPlugin.init();
registry = new PluginRegistry();
registry.register(tsPlugin);
registerAllParsers(registry);
} catch (err) {
process.stderr.write(
`Warning: compute-batches: tree-sitter init failed (${err.message}) ` +
`— all symbols=[] in neighborMap — cross-batch edges limited to file-level\n`,
);
return new Map(codeFiles.map(f => [f.path, []]));
}
const exportsByPath = new Map();
for (const file of codeFiles) {
const abs = join(projectRoot, file.path);
let content;
try {
content = readFileSync(abs, 'utf-8');
} catch (err) {
process.stderr.write(
`Warning: compute-batches: exports extraction failed for ${file.path} ` +
`(read error: ${err.message}) — symbols=[] in neighborMap — ` +
`cross-batch edges to this file limited to file-level\n`,
);
exportsByPath.set(file.path, []);
continue;
}
try {
const analysis = registry.analyzeFile(file.path, content);
const names = (analysis?.exports || []).map(e => e.name).filter(Boolean);
exportsByPath.set(file.path, names);
} catch (err) {
process.stderr.write(
`Warning: compute-batches: exports extraction failed for ${file.path} ` +
`(analyze error: ${err.message}) — symbols=[] in neighborMap — ` +
`cross-batch edges to this file limited to file-level\n`,
);
exportsByPath.set(file.path, []);
}
}
return exportsByPath;
}
/**
* Build batches for non-code files per Groups A-E in the design spec.
* Returns Array<{ files: FileMeta[], mergeable: boolean }> — caller assigns
* batchIndex. `mergeable=false` for semantic Groups A-D (Dockerfile clusters,
* .github/workflows, .gitlab-ci/.circleci, SQL migrations) preserves their
* boundary intent across the merge-small pass; Group E (catch-all parent-dir
* grouping) is `mergeable=true` so its tiny singletons can be pooled.
*/
function buildNonCodeBatches(nonCodeFiles) {
const byPath = new Map(nonCodeFiles.map(f => [f.path, f]));
const consumed = new Set();
const groups = [];
const dirOf = p => p.includes('/') ? p.slice(0, p.lastIndexOf('/')) : '';
const baseOf = p => p.includes('/') ? p.slice(p.lastIndexOf('/') + 1) : p;
// Group A: per-directory Dockerfile clusters.
const dirsWithDockerfile = new Set(
[...byPath.keys()]
.filter(p => baseOf(p) === 'Dockerfile')
.map(dirOf),
);
for (const dir of [...dirsWithDockerfile].sort()) {
const inDir = [...byPath.keys()].filter(p => dirOf(p) === dir);
const cluster = inDir.filter(p => {
const b = baseOf(p);
return b === 'Dockerfile'
|| b === '.dockerignore'
|| b.startsWith('docker-compose.');
});
if (cluster.length) {
groups.push({ files: cluster.map(p => byPath.get(p)), mergeable: false });
cluster.forEach(p => consumed.add(p));
}
}
// Group B: .github/workflows/*
const ghWorkflows = [...byPath.keys()].filter(
p => p.startsWith('.github/workflows/') && (p.endsWith('.yml') || p.endsWith('.yaml')),
).filter(p => !consumed.has(p));
if (ghWorkflows.length) {
groups.push({ files: ghWorkflows.map(p => byPath.get(p)), mergeable: false });
ghWorkflows.forEach(p => consumed.add(p));
}
// Group C: .gitlab-ci.yml + .circleci/*
const ciFiles = [...byPath.keys()].filter(
p => (p === '.gitlab-ci.yml' || p.startsWith('.circleci/'))
&& !consumed.has(p),
);
if (ciFiles.length) {
groups.push({ files: ciFiles.map(p => byPath.get(p)), mergeable: false });
ciFiles.forEach(p => consumed.add(p));
}
// Group D: SQL migrations per migrations/ or migration/ directory.
// Defensive consumed.has check: no upstream group consumes SQL today, but
// future Group additions could; keep the check for forward-compat.
const migrationDirs = new Set(
[...byPath.keys()]
.filter(p => p.endsWith('.sql'))
.map(dirOf)
.filter(d => /(^|\/)migrations?$/.test(d)),
);
for (const dir of migrationDirs) {
const sqls = [...byPath.keys()]
.filter(p => dirOf(p) === dir && p.endsWith('.sql') && !consumed.has(p))
.sort();
if (sqls.length) {
groups.push({ files: sqls.map(p => byPath.get(p)), mergeable: false });
sqls.forEach(p => consumed.add(p));
}
}
// Group E: all remaining grouped by immediate parent dir, max 20 per batch
const remainingByDir = new Map();
for (const p of [...byPath.keys()].sort()) {
if (consumed.has(p)) continue;
const dir = dirOf(p);
if (!remainingByDir.has(dir)) remainingByDir.set(dir, []);
remainingByDir.get(dir).push(p);
}
// Per design spec: max files per parent-dir batch for Group E.
const MAX_E = 20;
for (const [, paths] of remainingByDir) {
for (let i = 0; i < paths.length; i += MAX_E) {
const slice = paths.slice(i, i + MAX_E);
groups.push({ files: slice.map(p => byPath.get(p)), mergeable: true });
}
}
return groups;
}
/**
* Build a lookup map from file path → batchIndex across all batches (code +
* non-code). Used to resolve cross-batch neighbor references in neighborMap.
*/
function buildBatchOfMap(allBatches) {
const m = new Map();
for (const b of allBatches) {
for (const f of b.files) m.set(f.path, b.batchIndex);
}
return m;
}
/**
* Returns Map<path, communityId> via Louvain. May throw — caller must catch
* and fall back if it does. Honors UA_COMPUTE_BATCHES_FORCE_LOUVAIN_THROW=1
* to allow tests to exercise the fallback path.
*/
function runLouvain(codeFiles, importMap) {
if (process.env.UA_COMPUTE_BATCHES_FORCE_LOUVAIN_THROW === '1') {
throw new Error('forced throw via UA_COMPUTE_BATCHES_FORCE_LOUVAIN_THROW');
}
const g = new Graph({ type: 'undirected', allowSelfLoops: false });
for (const f of codeFiles) g.addNode(f.path);
for (const [src, targets] of Object.entries(importMap)) {
if (!g.hasNode(src)) continue;
for (const tgt of targets) {
if (!g.hasNode(tgt) || src === tgt || g.hasEdge(src, tgt)) continue;
g.addEdge(src, tgt);
}
}
const cs = louvain(g); // { nodeId: communityId }
return new Map(Object.entries(cs));
}
/**
* Returns Map<path, communityId> via alphabetical chunking of `batchSize`
* files per batch. Deterministic, used as fallback when Louvain fails.
*/
function countBasedAssignment(codeFiles, batchSize = 12) {
const out = new Map();
const sorted = [...codeFiles].map(f => f.path).sort();
for (let i = 0; i < sorted.length; i++) {
out.set(sorted[i], `count_${Math.floor(i / batchSize)}`);
}
return out;
}
/**
* Pool small mergeable batches into "misc" batches to reduce dispatch overhead.
* Preserves semantic groupings (non-code Groups A-D, marked `mergeable=false`)
* regardless of size; only merges code Louvain singletons / orphans and
* Group E parent-dir batches that fall below MIN_BATCH_SIZE.
*
* On a 314-file microservices-demo run, vanilla Louvain produced 87 singleton
* communities → 87 dispatch tasks of size 1. This pass collapses them into
* ceil(N / MAX_MERGE_TARGET) misc batches, drastically cutting orchestration
* overhead while leaving the high-modularity communities untouched.
*
* Returns the rewritten batch list with reassigned batchIndex (1-based,
* keepers first preserving their relative order, misc batches appended).
*/
function mergeSmallBatches(bareBatches) {
// MIN_BATCH_SIZE=3: below this, file-analyzer dispatch overhead (subagent
// spin-up, prompt setup) dwarfs the per-file analysis cost — not worth a
// standalone batch.
const MIN_BATCH_SIZE = 3;
// MAX_MERGE_TARGET=25: stays below MAX_COMMUNITY_SIZE=35 so the misc-batch
// agent retains headroom for neighborMap context without overflowing.
const MAX_MERGE_TARGET = 25;
const keepers = [];
const smallMergeable = [];
for (const b of bareBatches) {
if (b.mergeable && b.files.length < MIN_BATCH_SIZE) {
smallMergeable.push(b);
} else {
keepers.push(b);
}
}
if (smallMergeable.length === 0) {
// Nothing to merge — strip mergeable flag and renumber for cleanliness.
return keepers.map((b, i) => ({
batchIndex: i + 1,
files: b.files,
}));
}
// Pool and sort deterministically by path so repeated runs match byte-for-byte.
const pooledFiles = smallMergeable
.flatMap(b => b.files)
.sort((a, b) => a.path.localeCompare(b.path));
const miscBatches = [];
for (let i = 0; i < pooledFiles.length; i += MAX_MERGE_TARGET) {
miscBatches.push({ files: pooledFiles.slice(i, i + MAX_MERGE_TARGET) });
}
// Use `Info:` rather than `Warning:` — singleton consolidation is a
// routine optimization, not a fallback/degrade path. Per
// [[feedback_visible_warnings]] only fallbacks should bubble as Warning:
// to the Phase 7 final report. Real warnings would get drowned out if
// every normal Louvain run with singletons (i.e. almost every run) added
// a Warning: line.
process.stderr.write(
`Info: compute-batches: merged ${smallMergeable.length} small batches ` +
`(${pooledFiles.length} files) into ${miscBatches.length} misc batches ` +
`— singletons and orphans consolidated\n`,
);
const final = [...keepers, ...miscBatches];
return final.map((b, i) => ({
batchIndex: i + 1,
files: b.files,
}));
}
// ── Main: load → Louvain (or count-fallback) → enrich → write batches.json ─
async function main() {
const projectRoot = process.argv[2];
if (!projectRoot) {
process.stderr.write('Usage: node compute-batches.mjs <project-root> [--changed-files=<path>]\n');
process.exit(1);
}
let changedFiles = null;
for (const arg of process.argv.slice(3)) {
const m = arg.match(/^--changed-files=(.+)$/);
if (m) {
const p = m[1];
let content;
try {
content = readFileSync(p, 'utf-8');
} catch (err) {
process.stderr.write(
`Error: compute-batches: --changed-files path not readable: ${p} (${err.message})\n`,
);
process.exit(1);
}
const lines = content
.split('\n')
.map(s => s.trim())
.filter(Boolean);
changedFiles = new Set(lines);
}
}
const scanPath = join(projectRoot, '.understand-anything', 'intermediate', 'scan-result.json');
if (!existsSync(scanPath)) {
process.stderr.write(`Error: scan-result.json not found at ${scanPath}\n`);
process.exit(1);
}
const scan = JSON.parse(readFileSync(scanPath, 'utf-8'));
const files = scan.files || [];
const codeFiles = files.filter(f => f.fileCategory === 'code');
const nonCodeFiles = files.filter(f => f.fileCategory !== 'code');
const importMap = scan.importMap || {};
process.stderr.write(`Loaded ${files.length} files (${codeFiles.length} code).\n`);
const exportsByPath = await extractExports(projectRoot, codeFiles);
let algorithm = 'louvain';
let perFileCommunity;
try {
perFileCommunity = runLouvain(codeFiles, importMap);
} catch (err) {
process.stderr.write(
`Warning: compute-batches: Louvain failed (${err.message}) ` +
`— falling back to count-based grouping (12 files/batch) ` +
`— module semantic boundaries lost\n`,
);
perFileCommunity = countBasedAssignment(codeFiles, 12);
algorithm = 'count-fallback';
}
// Group files by community id
const filesByCommunity = new Map();
for (const [path, cid] of perFileCommunity) {
if (!filesByCommunity.has(cid)) filesByCommunity.set(cid, []);
filesByCommunity.get(cid).push(path);
}
// Size enforcement only on louvain output. count-fallback already chunked.
const MAX_COMMUNITY_SIZE = 35;
const splitCommunities = new Map();
let nextSyntheticId = 0;
if (algorithm === 'louvain') {
for (const [cid, paths] of filesByCommunity) {
if (paths.length <= MAX_COMMUNITY_SIZE) {
splitCommunities.set(cid, paths);
continue;
}
process.stderr.write(
`Warning: compute-batches: community size ${paths.length} > max ${MAX_COMMUNITY_SIZE} ` +
`— splitting via alphabetical chunking — modularity may decrease\n`,
);
const sorted = [...paths].sort();
const parts = Math.ceil(paths.length / MAX_COMMUNITY_SIZE);
const perPart = Math.ceil(paths.length / parts);
for (let i = 0; i < parts; i++) {
const slice = sorted.slice(i * perPart, (i + 1) * perPart);
const synthId = `__split_${cid}_${nextSyntheticId++}`;
splitCommunities.set(synthId, slice);
}
}
} else {
for (const [cid, paths] of filesByCommunity) splitCommunities.set(cid, paths);
}
// Sort communities by size desc, then by min-path asc for determinism
const sortedCommunities = [...splitCommunities.entries()]
.sort((a, b) => {
if (b[1].length !== a[1].length) return b[1].length - a[1].length;
const minA = [...a[1]].sort()[0];
const minB = [...b[1]].sort()[0];
return minA.localeCompare(minB);
});
// Build per-batch file list with full file metadata from scan
const fileMetaByPath = new Map(files.map(f => [f.path, f]));
// Safe: every path in a community is a graph node, and graph nodes are a
// subset of files (see addNode loop above). fileMetaByPath.get() can
// never return undefined here.
// First-pass: assemble bare batches (no batchImportData/neighborMap yet).
// All Louvain communities are mergeable=true so the merge-small pass can
// collapse singletons / 2-file orphans. Non-code groups carry per-group
// mergeable flags from buildNonCodeBatches (false for semantic Groups A-D,
// true for Group E catch-all).
const codeBatchObjsBare = sortedCommunities.map(([, paths], idx) => ({
batchIndex: idx + 1,
files: paths.sort().map(p => fileMetaByPath.get(p)),
mergeable: true,
}));
const nonCodeGroups = buildNonCodeBatches(nonCodeFiles);
const nonCodeBatchObjsBare = nonCodeGroups.map((g, i) => ({
batchIndex: codeBatchObjsBare.length + i + 1,
files: g.files,
mergeable: g.mergeable,
}));
const bareBatches = [...codeBatchObjsBare, ...nonCodeBatchObjsBare];
const mergedBareBatches = mergeSmallBatches(bareBatches);
const batchOf = buildBatchOfMap(mergedBareBatches);
// Build reverse import map: target → [sources that import target]
const reverseImportMap = new Map();
for (const [src, targets] of Object.entries(importMap)) {
for (const tgt of targets) {
if (!reverseImportMap.has(tgt)) reverseImportMap.set(tgt, []);
reverseImportMap.get(tgt).push(src);
}
}
// Compute neighbor degree (number of import relations) per path, used for
// truncation when neighborMap[file] has > MAX_NEIGHBORS entries.
const NEIGHBOR_DEGREE = new Map();
for (const f of codeFiles) {
const outDeg = (importMap[f.path] || []).length;
const inDeg = (reverseImportMap.get(f.path) || []).length;
NEIGHBOR_DEGREE.set(f.path, outDeg + inDeg);
}
const MAX_NEIGHBORS = 50;
// Second-pass: enrich each batch with batchImportData + neighborMap
const batches = mergedBareBatches.map(b => {
const batchPaths = new Set(b.files.map(f => f.path));
const batchImportData = {};
const neighborMap = {};
for (const f of b.files) {
batchImportData[f.path] = (importMap[f.path] || []).slice();
// 1-hop neighbors: imports out + imported-by in, excluding same batch.
// Note on truncation: we measure "popularity" by total raw 1-hop neighbor
// count (rawCount), not kept.length. A widely-imported hub like a logger
// module may have N>50 inbound imports but, after Louvain + size
// enforcement, only some land in other batches — kept.length can be < 50
// while the file is still a high-degree hub whose missing relationships
// matter for downstream cross-batch edge confidence. Warning on rawCount
// surfaces this; truncation on kept ensures the JSON stays bounded.
const outNeighbors = importMap[f.path] || [];
const inNeighbors = reverseImportMap.get(f.path) || [];
const all = new Set([...outNeighbors, ...inNeighbors]);
const rawCount = all.size;
const filtered = [...all].filter(p => batchOf.has(p) && !batchPaths.has(p));
let kept = filtered.map(p => ({
path: p,
batchIndex: batchOf.get(p),
symbols: exportsByPath.get(p) || [],
}));
if (rawCount > MAX_NEIGHBORS) {
kept.sort((a, b2) => (NEIGHBOR_DEGREE.get(b2.path) || 0)
- (NEIGHBOR_DEGREE.get(a.path) || 0)
|| a.path.localeCompare(b2.path)); // deterministic tiebreak
const beforeSlice = kept.length;
kept = kept.slice(0, MAX_NEIGHBORS);
process.stderr.write(
`Warning: compute-batches: neighborMap for ${f.path} has high 1-hop degree ${rawCount} ` +
`— exceeds soft cap of ${MAX_NEIGHBORS} — keeping top ${kept.length} cross-batch entries ` +
`(${beforeSlice - kept.length} dropped by degree sort)\n`,
);
}
if (kept.length) neighborMap[f.path] = kept;
}
return { batchIndex: b.batchIndex, files: b.files, batchImportData, neighborMap };
});
let finalBatches = batches;
if (changedFiles) {
finalBatches = batches.filter(b => b.files.some(f => changedFiles.has(f.path)));
// batchIndex on filtered batches retains the full-graph assignment
// (the design says neighborMap should still reference unchanged files'
// full-graph batchIndex). No renumbering.
}
// Note: under --changed-files mode, totalFiles is the FULL project file
// count (unchanged from the input scan) while totalBatches reflects only
// the filtered set written to disk. batchIndex values on the kept batches
// preserve the full-graph assignment so neighborMap references resolve.
const output = {
schemaVersion: 1,
algorithm,
totalFiles: scan.files.length,
totalBatches: finalBatches.length,
exportsByPath: Object.fromEntries(exportsByPath),
batches: finalBatches,
};
const outPath = join(projectRoot, '.understand-anything', 'intermediate', 'batches.json');
writeFileSync(outPath, JSON.stringify(output, null, 2), 'utf-8');
const batchSizes = finalBatches.map(b => b.files.length);
const maxSize = batchSizes.length ? Math.max(...batchSizes) : 0;
const minSize = batchSizes.length ? Math.min(...batchSizes) : 0;
process.stderr.write(
`Wrote ${finalBatches.length} batches (sizes: max=${maxSize}, min=${minSize}) to ${outPath}\n`,
);
}
// ---------------------------------------------------------------------------
// Run only when executed directly as a CLI; importing the module (e.g. from
// tests) must not trigger main().
//
// Canonicalize both sides through realpathSync. Node ESM resolves
// import.meta.url through symlinks but pathToFileURL(process.argv[1]) preserves
// them, so a raw equality check silently no-ops when the script is invoked via
// a symlinked plugin install path (the default in Claude Code / Copilot CLI
// caches). See GitHub issue #162.
// ---------------------------------------------------------------------------
function isCliEntry() {
if (!process.argv[1]) return false;
try {
const modulePath = realpathSync(fileURLToPath(import.meta.url));
const argvPath = realpathSync(process.argv[1]);
return modulePath === argvPath;
} catch {
return false;
}
}
if (isCliEntry()) {
try {
await main();
} catch (err) {
process.stderr.write(`compute-batches.mjs failed: ${err.message}\n${err.stack}\n`);
process.exit(1);
}
}

1567
.qoder/skills/understand/extract-import-map.mjs
View File

File diff suppressed because it is too large Load Diff

334
.qoder/skills/understand/extract-structure.mjs
View File

@@ -1,334 +0,0 @@
#!/usr/bin/env node
/**
* extract-structure.mjs
*
* Deterministic structural extraction script for the file-analyzer agent.
* Uses PluginRegistry (TreeSitterPlugin + non-code parsers) from @understand-anything/core
* to replace the LLM-generated throwaway regex scripts in Phase 1.
*
* Usage:
* node extract-structure.mjs <input.json> <output.json>
*
* Input JSON:
* { projectRoot, batchFiles: [{path, language, sizeLines, fileCategory}], batchImportData }
*
* Output JSON:
* { scriptCompleted, filesAnalyzed, filesSkipped, results: [...] }
*/
import { createRequire } from 'node:module';
import { dirname, resolve, join } from 'node:path';
import { fileURLToPath, pathToFileURL } from 'node:url';
import { existsSync, readFileSync, realpathSync, writeFileSync } from 'node:fs';
const __dirname = dirname(fileURLToPath(import.meta.url));
// skills/understand/ -> plugin root is two dirs up
const pluginRoot = resolve(__dirname, '../..');
const require = createRequire(resolve(pluginRoot, 'package.json'));
// ---------------------------------------------------------------------------
// Resolve @understand-anything/core
//
// Node ESM dynamic import() requires a file:// URL on Windows; passing a raw
// absolute path like "C:\..." throws ERR_UNSUPPORTED_ESM_URL_SCHEME because the
// loader parses "C:" as a URL scheme. Wrap both resolutions in pathToFileURL().
// ---------------------------------------------------------------------------
let core;
try {
core = await import(pathToFileURL(require.resolve('@understand-anything/core')).href);
} catch {
// Fallback: direct path for installed plugin cache layouts
core = await import(pathToFileURL(resolve(pluginRoot, 'packages/core/dist/index.js')).href);
}
const { TreeSitterPlugin, PluginRegistry, builtinLanguageConfigs, registerAllParsers } = core;
// ---------------------------------------------------------------------------
// Main
// ---------------------------------------------------------------------------
async function main() {
const [,, inputPath, outputPath] = process.argv;
if (!inputPath || !outputPath) {
process.stderr.write('Usage: node extract-structure.mjs <input.json> <output.json>\n');
process.exit(1);
}
// Read input
const inputRaw = readFileSync(inputPath, 'utf-8');
const input = JSON.parse(inputRaw);
const { projectRoot, batchFiles, batchImportData } = input;
if (!projectRoot || !Array.isArray(batchFiles)) {
throw new Error('Invalid input: must contain projectRoot and batchFiles array');
}
// Create tree-sitter plugin with all configs that have WASM grammars
const tsConfigs = builtinLanguageConfigs.filter(c => c.treeSitter);
const tsPlugin = new TreeSitterPlugin(tsConfigs);
await tsPlugin.init();
// Create registry and register tree-sitter + all non-code parsers
const registry = new PluginRegistry();
registry.register(tsPlugin);
registerAllParsers(registry);
const results = [];
const filesSkipped = [];
for (const file of batchFiles) {
const absolutePath = join(projectRoot, file.path);
// Read file content
let content;
try {
content = readFileSync(absolutePath, 'utf-8');
} catch {
filesSkipped.push(file.path);
continue;
}
// Line counts. POSIX text files end in a trailing newline, which makes
// `split('\n')` produce one extra empty element. Match `wc -l` semantics
// (used by the project scanner for `sizeLines`) so the two counts agree.
const lines = content.split('\n');
const totalLines = content.endsWith('\n') ? Math.max(0, lines.length - 1) : lines.length;
const nonEmptyLines = lines.filter(l => l.trim().length > 0).length;
// Structural analysis via registry
let analysis = null;
try {
analysis = registry.analyzeFile(file.path, content);
} catch {
// If analysis throws, treat as degraded — still include basic metrics
}
// Call graph extraction (code files only)
let callGraph = null;
if (file.fileCategory === 'code' || file.fileCategory === 'script') {
try {
const cg = registry.extractCallGraph(file.path, content);
if (cg && cg.length > 0) {
callGraph = cg.map(entry => ({
caller: entry.caller,
callee: entry.callee,
lineNumber: entry.lineNumber,
}));
}
} catch {
// Call graph extraction failed — non-fatal
}
}
// Build result object
const result = buildResult(file, totalLines, nonEmptyLines, analysis, callGraph, batchImportData);
results.push(result);
}
// Write output
const output = {
scriptCompleted: true,
filesAnalyzed: results.length,
filesSkipped,
results,
};
writeFileSync(outputPath, JSON.stringify(output, null, 2), 'utf-8');
if (!existsSync(outputPath)) {
throw new Error(`output file missing after write: ${outputPath}`);
}
}
// ---------------------------------------------------------------------------
// Result builder: maps StructuralAnalysis to the expected output schema.
// Exported for unit tests; pure function, no I/O.
// ---------------------------------------------------------------------------
export function buildResult(file, totalLines, nonEmptyLines, analysis, callGraph, batchImportData) {
const base = {
path: file.path,
language: file.language,
fileCategory: file.fileCategory,
totalLines,
nonEmptyLines,
};
if (!analysis) {
// No parser matched — return basic metrics only
base.metrics = {};
return base;
}
// Functions (code files)
if (analysis.functions && analysis.functions.length > 0) {
base.functions = analysis.functions.map(fn => ({
name: fn.name,
startLine: fn.lineRange[0],
endLine: fn.lineRange[1],
params: fn.params || [],
}));
}
// Classes (code files)
if (analysis.classes && analysis.classes.length > 0) {
base.classes = analysis.classes.map(cls => ({
name: cls.name,
startLine: cls.lineRange[0],
endLine: cls.lineRange[1],
methods: cls.methods || [],
properties: cls.properties || [],
}));
}
// Exports (code files)
if (analysis.exports && analysis.exports.length > 0) {
base.exports = analysis.exports.map(exp => ({
name: exp.name,
line: exp.lineNumber,
isDefault: exp.isDefault === true,
}));
}
// Non-code structural data: pass through directly
if (analysis.sections && analysis.sections.length > 0) {
base.sections = analysis.sections.map(s => ({
heading: s.name,
level: s.level,
line: s.lineRange[0],
}));
}
if (analysis.definitions && analysis.definitions.length > 0) {
base.definitions = analysis.definitions.map(d => ({
name: d.name,
kind: d.kind,
fields: d.fields || [],
startLine: d.lineRange[0],
endLine: d.lineRange[1],
}));
}
if (analysis.services && analysis.services.length > 0) {
base.services = analysis.services.map(s => ({
name: s.name,
image: s.image,
ports: s.ports || [],
...(s.lineRange ? { startLine: s.lineRange[0], endLine: s.lineRange[1] } : {}),
}));
}
if (analysis.endpoints && analysis.endpoints.length > 0) {
base.endpoints = analysis.endpoints.map(e => ({
method: e.method,
path: e.path,
startLine: e.lineRange[0],
endLine: e.lineRange[1],
}));
}
if (analysis.steps && analysis.steps.length > 0) {
base.steps = analysis.steps.map(s => ({
name: s.name,
startLine: s.lineRange[0],
endLine: s.lineRange[1],
}));
}
if (analysis.resources && analysis.resources.length > 0) {
base.resources = analysis.resources.map(r => ({
name: r.name,
kind: r.kind,
startLine: r.lineRange[0],
endLine: r.lineRange[1],
}));
}
// Call graph
if (callGraph && callGraph.length > 0) {
base.callGraph = callGraph;
}
// Metrics
const metrics = {};
// Import count from batchImportData (pre-resolved by project scanner).
// Empty arrays are truthy, so explicitly check length so we fall back to the
// parser's own import list when the scanner could not resolve any imports
// (e.g. Python absolute imports the scanner doesn't follow).
//
// The fallback counts only relative-style imports (those starting with `.`)
// so the metric stays *internal-import* in semantics rather than mixing in
// every external package import seen by the parser. Resolved external imports
// can never produce edges anyway, so counting them would be misleading.
const importPaths = batchImportData?.[file.path];
if (importPaths && importPaths.length > 0) {
metrics.importCount = importPaths.length;
} else if (analysis.imports) {
const internal = analysis.imports.filter(imp => {
const src = imp?.source ?? '';
return src.startsWith('.');
});
metrics.importCount = internal.length;
}
if (analysis.exports) {
metrics.exportCount = analysis.exports.length;
}
if (analysis.functions) {
metrics.functionCount = analysis.functions.length;
}
if (analysis.classes) {
metrics.classCount = analysis.classes.length;
}
if (analysis.sections) {
metrics.sectionCount = analysis.sections.length;
}
if (analysis.definitions) {
metrics.definitionCount = analysis.definitions.length;
}
if (analysis.services) {
metrics.serviceCount = analysis.services.length;
}
if (analysis.endpoints) {
metrics.endpointCount = analysis.endpoints.length;
}
if (analysis.steps) {
metrics.stepCount = analysis.steps.length;
}
if (analysis.resources) {
metrics.resourceCount = analysis.resources.length;
}
base.metrics = metrics;
return base;
}
// ---------------------------------------------------------------------------
// Run only when executed directly as a CLI; importing the module (e.g. from
// tests) must not trigger main().
//
// Canonicalize both sides through realpathSync. Node ESM resolves
// import.meta.url through symlinks but pathToFileURL(process.argv[1]) preserves
// them, so a raw equality check silently no-ops when the script is invoked via
// a symlinked plugin install path (the default in Claude Code / Copilot CLI
// caches). See GitHub issue #162.
// ---------------------------------------------------------------------------
function isCliEntry() {
if (!process.argv[1]) return false;
try {
const modulePath = realpathSync(fileURLToPath(import.meta.url));
const argvPath = realpathSync(process.argv[1]);
return modulePath === argvPath;
} catch {
return false;
}
}
if (isCliEntry()) {
try {
await main();
} catch (err) {
process.stderr.write(`extract-structure.mjs failed: ${err.message}\n${err.stack}\n`);
process.exit(1);
}
}

67
.qoder/skills/understand/frameworks/django.md
View File

@@ -1,67 +0,0 @@
# Django Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Django is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Django Project Structure
When analyzing a Django project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `manage.py` | CLI entry point for dev server, migrations, management commands | `entry-point`, `config` |
| `*/settings.py`, `*/settings/*.py` | Project-wide configuration (DB, installed apps, middleware) | `config` |
| `*/urls.py` | URL routing — maps URL patterns to views | `api-handler`, `routing` |
| `*/views.py`, `*/views/*.py` | Request handlers (function-based or class-based views) | `api-handler`, `controller` |
| `*/models.py`, `*/models/*.py` | ORM models — map to database tables | `data-model` |
| `*/serializers.py` | DRF serializers — convert models to/from JSON | `serialization`, `api-handler` |
| `*/forms.py` | Django forms — validation and rendering logic | `validation`, `ui` |
| `*/admin.py` | Admin site registrations — exposes models in Django admin | `config` |
| `*/signals.py` | Signal handlers — cross-cutting side effects on model events | `event-handler` |
| `*/tasks.py` | Celery async task definitions | `service`, `event-handler` |
| `*/middleware.py`, `*/middleware/*.py` | Request/response middleware classes | `middleware` |
| `*/permissions.py` | DRF permission classes | `middleware`, `validation` |
| `*/filters.py` | DRF filter backends | `utility` |
| `*/migrations/*.py` | Auto-generated schema migrations — do not summarize individually | `config` |
| `*/templates/**/*.html` | Django HTML templates | `ui` |
| `*/templatetags/*.py` | Custom template filters and tags | `utility` |
| `*/management/commands/*.py` | Custom management commands (`./manage.py mycommand`) | `config`, `entry-point` |
| `wsgi.py`, `asgi.py` | WSGI/ASGI server adapter — production entry point | `config`, `entry-point` |
| `*/apps.py` | App configuration and startup hooks (`AppConfig`) | `config` |
| `*/tests.py`, `*/tests/*.py` | Unit and integration tests | `test` |
### Edge Patterns to Look For
**URL routing graph** — Create `calls` edges from `urls.py` nodes to their corresponding view nodes when `path()` or `re_path()` maps a URL pattern to a view function or class. These edges represent the HTTP routing chain.
**Signal wiring** — When `signals.py` uses `post_save.connect(handler, sender=Model)` or `@receiver(post_save, sender=Model)`, create `subscribes` edges from the signal handler function to the model class. Create `publishes` edges from the model to the signal handler to show the trigger direction.
**ORM relationships** — When `models.py` defines `ForeignKey`, `OneToOneField`, or `ManyToManyField`, create `depends_on` edges between the model classes with a description indicating the relationship type and cardinality.
**Serializer-to-model binding** — When a DRF serializer has `model = MyModel` in its `Meta` class, create a `depends_on` edge from the serializer to the model.
**View-to-serializer binding** — When a DRF ViewSet or APIView references a serializer class, create a `depends_on` edge from the view to the serializer.
### Architectural Layers for Django
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | `views.py`, `serializers.py`, `urls.py`, DRF ViewSets and APIViews |
| `layer:data` | Data Layer | `models.py`, `migrations/`, database utility files |
| `layer:service` | Service Layer | `signals.py`, `tasks.py`, custom managers, service modules |
| `layer:ui` | UI Layer | `templates/`, `forms.py`, `templatetags/` |
| `layer:middleware` | Middleware Layer | `middleware.py`, `permissions.py`, authentication backends |
| `layer:config` | Config Layer | `settings.py`, `urls.py` (root), `wsgi.py`, `asgi.py`, `apps.py`, `manage.py` |
| `layer:test` | Test Layer | `tests.py`, `tests/` directory, `conftest.py` |
### Notable Patterns to Capture in languageLesson
- **Fat models vs. thin views**: Django encourages business logic in model methods, keeping views thin HTTP adapters
- **Django ORM lazy evaluation**: QuerySets are not evaluated until iterated — chain filters without DB hits
- **Class-based views (CBVs)**: Mixins like `LoginRequiredMixin`, `PermissionRequiredMixin` compose behavior through multiple inheritance
- **Signal anti-patterns**: Signals create invisible coupling; a signal in `signals.py` may be triggered by a `save()` call anywhere in the codebase
- **App isolation**: Each Django app (`INSTALLED_APPS`) should be self-contained with its own models, views, urls, and migrations

57
.qoder/skills/understand/frameworks/express.md
View File

@@ -1,57 +0,0 @@
# Express Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Express is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Express Project Structure
When analyzing an Express project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `app.js`, `app.ts` | Application entry point — creates Express app, mounts middleware and routes | `entry-point`, `config` |
| `server.js`, `server.ts`, `index.js`, `index.ts` | Server bootstrap — starts HTTP listener, may import app | `entry-point`, `config` |
| `routes/*.js`, `routes/*.ts` | Route definitions — map HTTP methods and paths to handlers | `api-handler`, `routing` |
| `controllers/*.js`, `controllers/*.ts` | Request handlers — process requests, orchestrate services, return responses | `api-handler`, `service` |
| `models/*.js`, `models/*.ts` | Data models — Mongoose schemas, Sequelize models, or plain data definitions | `data-model` |
| `middleware/*.js`, `middleware/*.ts` | Middleware functions — authentication, logging, validation, error handling | `middleware` |
| `services/*.js`, `services/*.ts` | Business logic — domain operations decoupled from HTTP layer | `service` |
| `db/*.js`, `db/*.ts`, `database/*.js` | Database connection and configuration | `data-model`, `config` |
| `config/*.js`, `config/*.ts` | Application configuration — environment variables, feature flags | `config` |
| `validators/*.js`, `validators/*.ts` | Request validation schemas (Joi, Zod, express-validator) | `validation`, `utility` |
| `utils/*.js`, `utils/*.ts` | Shared utility functions | `utility` |
| `tests/*.js`, `test/*.js`, `__tests__/*.js` | Unit and integration tests | `test` |
### Edge Patterns to Look For
**Route mounting** — When `app.use('/api/users', usersRouter)` mounts a router, create `depends_on` edges from the main app to the router module. These edges represent the HTTP routing tree.
**Middleware chain** — When `app.use(cors())`, `app.use(authMiddleware)`, or `router.use(validate)` registers middleware, create middleware edges from the app or router to the middleware function. Order matters — middleware executes in registration order.
**Controller-to-service calls** — When a controller imports and calls a service function, create `depends_on` edges from the controller to the service. This represents the separation between HTTP handling and business logic.
**Model relationships** — When models reference each other (Mongoose `ref`, Sequelize associations), create `depends_on` edges between model files with descriptions indicating the relationship type.
### Architectural Layers for Express
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | `routes/`, `controllers/`, request validators |
| `layer:data` | Data Layer | `models/`, `db/`, migration files, seeders |
| `layer:service` | Service Layer | `services/`, business logic modules |
| `layer:middleware` | Middleware Layer | `middleware/`, error handlers, authentication, logging |
| `layer:config` | Config Layer | `app.js`, `config/`, environment setup, `server.js` |
| `layer:utility` | Utility Layer | `utils/`, `helpers/`, shared pure functions |
| `layer:test` | Test Layer | `tests/`, `__tests__/`, `*.test.js`, `*.spec.js` |
### Notable Patterns to Capture in languageLesson
- **Middleware chain (req, res, next)**: Express processes requests through a pipeline of middleware functions — each receives the request, response, and a `next()` callback to pass control forward
- **Error-handling middleware (4 params)**: Middleware with signature `(err, req, res, next)` catches errors — must be registered after all routes to act as a global error handler
- **Router modularity**: `express.Router()` creates modular, mountable route handlers that can be composed into the main app at different path prefixes
- **MVC pattern**: Express apps commonly separate concerns into Models (data), Views (response formatting), and Controllers (request handling)
- **Body parsing and validation**: Request body parsing (`express.json()`, `express.urlencoded()`) and validation (Joi, Zod, express-validator) are middleware concerns applied before route handlers

58
.qoder/skills/understand/frameworks/fastapi.md
View File

@@ -1,58 +0,0 @@
# FastAPI Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when FastAPI is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## FastAPI Project Structure
When analyzing a FastAPI project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `main.py`, `app.py` | Application factory — creates and configures the `FastAPI()` instance | `entry-point`, `config` |
| `*/routers/*.py`, `*/api/*.py` | `APIRouter` modules — group related endpoints by domain | `api-handler`, `routing` |
| `*/schemas.py`, `*/schemas/*.py` | Pydantic request/response models | `type-definition`, `serialization` |
| `*/models.py`, `*/models/*.py` | SQLAlchemy ORM models or other DB models | `data-model` |
| `*/dependencies.py`, `*/deps.py` | `Depends()` provider functions — shared logic injected into routes | `service`, `middleware` |
| `*/crud.py`, `*/repository.py` | Database access layer — CRUD operations | `data-model`, `service` |
| `*/database.py`, `*/db.py` | DB engine, session factory, connection management | `config`, `data-model` |
| `*/config.py`, `*/settings.py` | `pydantic-settings` / `BaseSettings` config classes | `config` |
| `*/middleware.py` | Starlette middleware classes | `middleware` |
| `*/exceptions.py` | Custom exception classes and exception handlers | `utility` |
| `*/security.py`, `*/auth.py` | Auth utilities — JWT decoding, password hashing, OAuth helpers | `service`, `middleware` |
| `*/tasks.py` | Background tasks or Celery task definitions | `service`, `event-handler` |
| `*/tests/*.py`, `test_*.py` | pytest test files | `test` |
| `conftest.py` | pytest fixtures and test configuration | `test`, `config` |
### Edge Patterns to Look For
**Router inclusion chain** — When `app.include_router(some_router, prefix="/api")` appears in `main.py` or a router aggregator, create `imports` + `depends_on` edges from the main app file to each router module. This builds the URL hierarchy graph.
**Dependency injection tree** — When a route function or another `Depends()` provider imports and calls `Depends(some_function)`, create `depends_on` edges from the caller to the dependency provider. Trace these chains — they often span multiple files (e.g., route → auth dependency → DB session dependency).
**Pydantic model inheritance** — When a schema class inherits from another (e.g., `class UserCreate(UserBase)`), create `inherits` edges between the schema class nodes.
**ORM model relationships** — When SQLAlchemy models use `relationship()`, `ForeignKey`, create `depends_on` edges between the model classes.
**CRUD-to-model binding** — When a `crud.py` function takes a model type as an argument or directly references a model class, create `depends_on` edges from the CRUD file to the model file.
### Architectural Layers for FastAPI
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | Router files, endpoint functions with `@router.get/post/...` decorators |
| `layer:types` | Types Layer | Pydantic schema files, request/response models |
| `layer:service` | Service Layer | `dependencies.py`, `crud.py`, business logic modules |
| `layer:data` | Data Layer | ORM models, `database.py`, migrations |
| `layer:config` | Config Layer | `main.py` / `app.py` factory, `settings.py`, `config.py` |
| `layer:middleware` | Middleware Layer | `middleware.py`, `security.py`, `auth.py`, exception handlers |
| `layer:test` | Test Layer | `tests/`, `conftest.py` |
### Notable Patterns to Capture in languageLesson
- **Dependency injection as composition**: FastAPI's `Depends()` is a first-class DI system — a route can declare any number of dependencies, each of which can have their own dependencies, forming a tree resolved at request time
- **Pydantic for validation**: Request bodies, query params, and path params are automatically validated by Pydantic — invalid input raises `422 Unprocessable Entity` before your code runs
- **Async endpoints**: `async def` routes run in the event loop; `def` routes run in a threadpool — mixing them incorrectly can cause performance issues
- **Path operation order**: FastAPI matches routes in declaration order; a catch-all route before a specific one will shadow it

53
.qoder/skills/understand/frameworks/flask.md
View File

@@ -1,53 +0,0 @@
# Flask Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Flask is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Flask Project Structure
When analyzing a Flask project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `app.py`, `__init__.py` (in app package) | Application factory (`create_app()`) or direct `Flask(__name__)` instance | `entry-point`, `config` |
| `run.py`, `wsgi.py` | Production/dev server entry point | `entry-point`, `config` |
| `*/views.py`, `*/routes.py` | Route handler functions with `@app.route` or `@blueprint.route` | `api-handler`, `routing` |
| `*/blueprints/*.py`, `*/api/*.py` | Blueprint modules — group routes by feature | `api-handler`, `routing` |
| `*/models.py` | SQLAlchemy models or other ORM models | `data-model` |
| `*/forms.py` | WTForms form classes | `validation`, `ui` |
| `*/schemas.py` | Marshmallow serialization schemas | `serialization`, `type-definition` |
| `*/config.py` | Config classes (`DevelopmentConfig`, `ProductionConfig`) | `config` |
| `*/extensions.py` | Flask extension initialization (`db = SQLAlchemy()`, `login_manager = LoginManager()`) | `config`, `singleton` |
| `*/decorators.py` | Custom route decorators (auth guards, rate limiting) | `middleware`, `utility` |
| `*/utils.py`, `*/helpers.py` | Shared utility functions | `utility` |
| `*/templates/**/*.html` | Jinja2 templates | `ui` |
| `*/static/` | CSS, JS, and asset files | `assets` |
| `*/tests/*.py`, `test_*.py` | pytest or unittest test files | `test` |
### Edge Patterns to Look For
**Blueprint registration** — When `app.register_blueprint(bp, url_prefix='/api')` appears in the application factory, create `depends_on` edges from the app factory to each blueprint module.
**Extension coupling** — When a view imports from `extensions.py` (e.g., `from .extensions import db, login_manager`), create `imports` edges to show which views depend on which extensions.
**Before/after request hooks** — When `@app.before_request` or `@blueprint.before_request` decorates a function, create `middleware` edges from those functions to the app/blueprint they attach to.
### Architectural Layers for Flask
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | Blueprint route files, view functions |
| `layer:data` | Data Layer | `models.py`, database migration files |
| `layer:service` | Service Layer | Business logic modules, `schemas.py`, service classes |
| `layer:ui` | UI Layer | `templates/`, `forms.py`, `static/` |
| `layer:config` | Config Layer | `app.py` factory, `config.py`, `extensions.py` |
| `layer:middleware` | Middleware Layer | `decorators.py`, before/after request hooks |
| `layer:test` | Test Layer | Test files, `conftest.py` |
### Notable Patterns to Capture in languageLesson
- **Application factory pattern**: `create_app()` functions allow multiple app instances (e.g., for testing) and delay extension initialization — avoids circular imports
- **Blueprint modularity**: Blueprints group related routes, templates, and static files; they are registered on the app with a URL prefix, making them independently testable
- **Flask extension protocol**: Extensions follow `init_app(app)` for lazy initialization — the extension object is created globally but bound to an app instance later

59
.qoder/skills/understand/frameworks/gin.md
View File

@@ -1,59 +0,0 @@
# Gin (Go) Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Gin is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Gin Project Structure
When analyzing a Gin project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `main.go` | Application entry point — initializes the Gin engine, registers routes, starts the server | `entry-point`, `config` |
| `cmd/*.go`, `cmd/**/*.go` | CLI entry points — multiple binaries in a multi-command project | `entry-point`, `config` |
| `handlers/*.go`, `handler/*.go` | HTTP handlers — process requests with `gin.Context` | `api-handler` |
| `controllers/*.go`, `controller/*.go` | Controllers — alternative naming for HTTP handlers | `api-handler` |
| `routes/*.go`, `router/*.go` | Route definitions — register endpoints and route groups | `routing`, `config` |
| `models/*.go`, `model/*.go` | Data models — struct definitions mapped to database tables | `data-model` |
| `middleware/*.go` | Middleware functions — authentication, logging, CORS, rate limiting | `middleware` |
| `services/*.go`, `service/*.go` | Business logic — domain operations decoupled from HTTP layer | `service` |
| `repository/*.go`, `repo/*.go` | Data access layer — database queries and persistence logic | `data-model`, `service` |
| `config/*.go`, `config.go` | Application configuration — environment loading, struct-based config | `config` |
| `dto/*.go` | Data transfer objects — request and response structs | `type-definition` |
| `utils/*.go`, `pkg/*.go` | Shared utility packages | `utility` |
| `*_test.go` | Unit and integration tests | `test` |
### Edge Patterns to Look For
**Route group registration** — When `r.Group("/api")` creates a route group and registers handlers, create `configures` edges from the route definition file to each handler. Route groups organize endpoints by prefix and shared middleware.
**Handler-to-service calls** — When a handler function calls a service method, create `depends_on` edges from the handler to the service. This represents the separation between HTTP handling and business logic.
**Service-to-repository calls** — When a service calls a repository method for data access, create `depends_on` edges from the service to the repository. This represents the data access abstraction.
**Middleware chaining** — When `r.Use(middleware)` or a route group applies middleware, create middleware edges from the router or group to the middleware function. Middleware executes in registration order.
### Architectural Layers for Gin
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | `handlers/`, `controllers/`, HTTP handler functions |
| `layer:data` | Data Layer | `models/`, `repository/`, database access, migrations |
| `layer:service` | Service Layer | `services/`, business logic |
| `layer:middleware` | Middleware Layer | `middleware/`, authentication, logging, rate limiting |
| `layer:config` | Config Layer | `main.go`, `routes/`, `config/`, environment setup |
| `layer:utility` | Utility Layer | `utils/`, `pkg/`, shared helper packages |
| `layer:test` | Test Layer | `*_test.go`, test fixtures, test helpers |
### Notable Patterns to Capture in languageLesson
- **Handler functions with gin.Context**: Every Gin handler receives a `*gin.Context` parameter — it provides request parsing (`c.Bind`, `c.Param`, `c.Query`), response writing (`c.JSON`, `c.HTML`), and control flow (`c.Abort`, `c.Next`)
- **Middleware chain with c.Next()**: Middleware calls `c.Next()` to pass control to the next handler in the chain — code before `c.Next()` runs pre-handler, code after runs post-handler
- **Route grouping for modular APIs**: `r.Group("/v1")` creates modular sub-routers that can have their own middleware stack — enables versioning and access control at the group level
- **Dependency injection via constructors (no framework DI)**: Go has no DI framework — dependencies are passed as constructor parameters (e.g., `NewUserHandler(userService)`) and stored as struct fields
- **Interface-driven design for testability**: Services and repositories are defined as interfaces — handlers depend on the interface, enabling mock implementations in tests
- **Error handling with gin.Error**: Gin collects errors via `c.Error(err)` — middleware can inspect `c.Errors` after handler execution to implement centralized error logging and response formatting

59
.qoder/skills/understand/frameworks/nextjs.md
View File

@@ -1,59 +0,0 @@
# Next.js Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Next.js is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Next.js Project Structure
When analyzing a Next.js project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `app/layout.tsx` | Root layout — wraps all pages, defines HTML shell and global providers | `entry-point`, `config`, `ui` |
| `app/page.tsx` | Root page component — renders at `/` | `ui`, `routing` |
| `app/**/page.tsx` | Route page components — file path determines URL | `ui`, `routing` |
| `app/**/layout.tsx` | Nested layouts — wrap child routes with shared UI | `ui`, `config` |
| `app/**/loading.tsx` | Loading UI — shown as Suspense fallback during route transitions | `ui` |
| `app/**/error.tsx` | Error boundary — catches errors in the route segment | `ui` |
| `app/**/not-found.tsx` | 404 UI — shown when `notFound()` is called | `ui` |
| `app/api/**/route.ts` | API route handlers — serverless endpoint functions (GET, POST, etc.) | `api-handler` |
| `middleware.ts` | Edge middleware — intercepts requests before they reach routes | `middleware` |
| `lib/*.ts`, `lib/**/*.ts` | Shared server-side utilities, data access, and business logic | `service` |
| `components/*.tsx`, `components/**/*.tsx` | Reusable UI components | `ui` |
| `next.config.js`, `next.config.mjs`, `next.config.ts` | Next.js configuration — redirects, rewrites, env, webpack overrides | `config` |
| `actions/*.ts`, `app/**/actions.ts` | Server Actions — server-side mutation functions callable from client | `service`, `api-handler` |
### Edge Patterns to Look For
**Layout nesting** — When `app/foo/layout.tsx` wraps `app/foo/page.tsx` and `app/foo/bar/page.tsx`, create `contains` edges from the layout to the pages it wraps. Layouts compose via the file-system hierarchy.
**API route handlers** — When a `route.ts` file exports named functions (GET, POST, PUT, DELETE), create edges from consuming components or server actions to the route handler based on fetch calls.
**Server/Client component boundary** — Files with `"use client"` directive at the top are Client Components. All other components in the `app/` directory are Server Components by default. Create `depends_on` edges that cross this boundary and note the boundary in the edge description.
**Parallel routes** — When `app/@slot/page.tsx` patterns appear, create `contains` edges from the parent layout to each parallel slot. These render simultaneously in the same layout.
**Route groups** — Directories wrapped in parentheses `(group)` organize routes without affecting the URL path. Note these in node descriptions.
### Architectural Layers for Next.js
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:ui` | UI Layer | `app/**/page.tsx`, `app/**/layout.tsx`, `components/`, loading/error boundaries |
| `layer:api` | API Layer | `app/api/**/route.ts`, API route handlers |
| `layer:service` | Service Layer | `lib/`, server actions, data-fetching utilities |
| `layer:middleware` | Middleware Layer | `middleware.ts`, edge functions |
| `layer:config` | Config Layer | `next.config.*`, root layout, `tailwind.config.*`, environment setup |
| `layer:test` | Test Layer | `__tests__/`, `*.test.tsx`, `*.spec.tsx`, `e2e/` |
### Notable Patterns to Capture in languageLesson
- **Server Components by default**: Components in the `app/` directory are Server Components — no JavaScript is sent to the client unless `"use client"` is declared
- **Server Actions for mutations**: Functions marked with `"use server"` can be called directly from client components, replacing traditional API routes for form submissions and mutations
- **App Router file conventions**: Special files (`page`, `layout`, `loading`, `error`, `not-found`, `route`) define behavior by naming convention within the file-system router
- **ISR and static generation**: `generateStaticParams` pre-renders pages at build time; revalidation strategies control cache freshness
- **Parallel and intercepting routes**: `@slot` directories enable parallel rendering; `(.)` prefix directories enable route interception for modal patterns

65
.qoder/skills/understand/frameworks/rails.md
View File

@@ -1,65 +0,0 @@
# Ruby on Rails Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Rails is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Rails Project Structure
When analyzing a Ruby on Rails project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `config.ru` | Rack entry point — boots the Rails application for the web server | `entry-point` |
| `config/application.rb` | Application configuration — sets up Rails, loads gems, configures middleware | `entry-point`, `config` |
| `app/controllers/*_controller.rb` | Controllers — handle HTTP requests, orchestrate models, render responses | `api-handler` |
| `app/controllers/concerns/*.rb` | Controller concerns — shared controller behavior via mixins | `middleware`, `utility` |
| `app/models/*.rb` | ActiveRecord models — map to database tables, contain validations and associations | `data-model` |
| `app/models/concerns/*.rb` | Model concerns — shared model behavior via mixins | `utility` |
| `app/views/**/*.erb`, `app/views/**/*.haml` | View templates — HTML rendering with embedded Ruby | `ui` |
| `app/helpers/*_helper.rb` | View helpers — utility methods available in templates | `utility` |
| `app/mailers/*_mailer.rb` | Action Mailer classes — send email notifications | `service` |
| `app/jobs/*_job.rb` | Active Job classes — background job processing | `service` |
| `app/channels/*_channel.rb` | Action Cable channels — WebSocket communication | `service` |
| `app/serializers/*_serializer.rb` | API serializers — JSON response formatting (ActiveModelSerializers, Blueprinter) | `api-handler`, `utility` |
| `app/services/*.rb` | Service objects — encapsulate complex business logic | `service` |
| `db/migrate/*.rb` | Database migrations — schema changes versioned by timestamp | `config`, `data-model` |
| `db/schema.rb`, `db/structure.sql` | Generated schema snapshot — current database structure | `data-model`, `config` |
| `config/routes.rb` | Route definitions — maps URLs to controller actions | `routing`, `config` |
| `config/initializers/*.rb` | Initializers — run once at boot to configure gems and services | `config` |
| `lib/**/*.rb` | Library code — custom classes, Rake tasks, extensions | `utility`, `service` |
| `spec/**/*_spec.rb`, `test/**/*_test.rb` | RSpec or Minitest test files | `test` |
### Edge Patterns to Look For
**Route-to-controller mapping** — When `config/routes.rb` defines `resources :users` or `get '/foo', to: 'bar#baz'`, create `configures` edges from the routes file to the corresponding controller. RESTful resources generate a full set of action mappings.
**ActiveRecord associations** — When models define `has_many`, `belongs_to`, `has_one`, or `has_and_belongs_to_many`, create `depends_on` edges between model files with descriptions indicating the association type and direction.
**Controller-to-model** — When a controller calls model methods (`User.find`, `@post.save`), create `depends_on` edges from the controller to the model. Controllers are the primary consumers of model data.
**Callbacks** — When models or controllers use `before_action`, `after_save`, `before_validation`, or similar callbacks, note these as middleware-like edges. Callbacks create implicit execution paths that are not visible from the call site.
### Architectural Layers for Rails
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | `app/controllers/`, `app/serializers/`, API-specific controllers |
| `layer:data` | Data Layer | `app/models/`, `db/migrate/`, `db/schema.rb` |
| `layer:ui` | UI Layer | `app/views/`, `app/helpers/`, `app/assets/`, `app/javascript/` |
| `layer:service` | Service Layer | `app/mailers/`, `app/jobs/`, `app/channels/`, `app/services/`, `lib/` |
| `layer:config` | Config Layer | `config/routes.rb`, `config/initializers/`, `config/application.rb`, `config.ru` |
| `layer:middleware` | Middleware Layer | `app/middleware/`, controller concerns, Rack middleware |
| `layer:test` | Test Layer | `spec/`, `test/`, `*.spec.rb`, `*_test.rb` |
### Notable Patterns to Capture in languageLesson
- **Convention over configuration**: Rails derives routing, table names, and file locations from naming conventions — `UsersController` maps to `users_controller.rb`, handles `/users`, and queries the `users` table
- **ActiveRecord pattern**: Models are database wrappers — each model class maps to a table, instances map to rows, and attributes map to columns with automatic type coercion
- **Concerns for shared behavior**: `ActiveSupport::Concern` modules are mixins included in models or controllers to share validations, scopes, callbacks, and methods across classes
- **Strong parameters for mass-assignment protection**: `params.require(:user).permit(:name, :email)` whitelists attributes — controllers must explicitly declare which fields can be set from user input
- **RESTful resource routing**: `resources :posts` generates seven standard CRUD routes — Rails strongly encourages RESTful design where each controller maps to a resource
- **Callbacks and observers**: `before_save`, `after_create`, and similar callbacks inject logic into the object lifecycle — they create invisible execution paths that can be difficult to trace

55
.qoder/skills/understand/frameworks/react.md
View File

@@ -1,55 +0,0 @@
# React Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when React is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## React Project Structure
When analyzing a React project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `src/App.tsx` | Root application component — mounts providers, router, and top-level layout | `entry-point`, `ui` |
| `components/*.tsx`, `components/**/*.tsx` | Reusable UI components | `ui` |
| `hooks/*.ts`, `hooks/*.tsx` | Custom React hooks — encapsulate reusable stateful logic | `service`, `utility` |
| `contexts/*.tsx`, `context/*.tsx` | React Context providers and consumers — shared state across component tree | `service`, `state` |
| `pages/*.tsx`, `views/*.tsx` | Page-level components mapped to routes | `ui`, `routing` |
| `utils/*.ts`, `helpers/*.ts` | Pure utility functions — formatting, validation, transformations | `utility` |
| `types/*.ts`, `types/*.d.ts` | TypeScript type definitions and interfaces | `type-definition` |
| `services/*.ts`, `api/*.ts` | API client functions and data-fetching logic | `service` |
| `store/*.ts`, `slices/*.ts` | State management (Redux, Zustand, etc.) | `service`, `state` |
| `constants/*.ts` | Application-wide constants and enums | `config` |
| `__tests__/*.tsx`, `*.test.tsx`, `*.spec.tsx` | Unit and integration tests | `test` |
### Edge Patterns to Look For
**Component composition** — When a parent component renders a child component in its JSX return, create `contains` edges from the parent to the child. These edges represent the component tree hierarchy.
**Hook usage** — When a component or hook imports and calls a custom hook (`useX`), create `depends_on` edges from the consumer to the hook module. Hooks are the primary mechanism for shared logic in React.
**Context provider/consumer** — When a Context provider wraps components, create `publishes` edges from the provider to the context definition. When components call `useContext` or use a custom context hook, create `subscribes` edges from the consumer to the context.
**Props drilling chains** — When props are passed through multiple component layers without being used, create `depends_on` edges along the chain to surface the coupling depth.
### Architectural Layers for React
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:ui` | UI Layer | `components/`, `pages/`, `views/`, layout components |
| `layer:service` | Service Layer | `hooks/`, `contexts/`, `services/`, `api/`, `store/` |
| `layer:types` | Types Layer | `types/`, shared TypeScript interfaces and type definitions |
| `layer:utility` | Utility Layer | `utils/`, `helpers/`, pure functions |
| `layer:config` | Config Layer | `App.tsx`, router configuration, provider setup, constants |
| `layer:test` | Test Layer | `__tests__/`, `*.test.tsx`, `*.spec.tsx` |
### Notable Patterns to Capture in languageLesson
- **Component composition over inheritance**: React favors composing components via props and children rather than class inheritance hierarchies
- **Custom hooks for reusable logic**: Hooks prefixed with `use` extract stateful logic into shareable modules without changing the component tree
- **React.memo for performance**: Components wrapped in `React.memo` skip re-renders when props are unchanged — indicates performance-sensitive paths
- **Controlled vs. uncontrolled components**: Controlled components derive state from props; uncontrolled components manage internal state via refs
- **Render props pattern**: Components that accept a function as children or a render prop to delegate rendering decisions to the consumer

59
.qoder/skills/understand/frameworks/spring.md
View File

@@ -1,59 +0,0 @@
# Spring Boot Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Spring Boot is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Spring Boot Project Structure
When analyzing a Spring Boot project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `*Application.java`, `*Application.kt` | Application entry point — `@SpringBootApplication` class with `main()` method | `entry-point`, `config` |
| `*Controller.java`, `*RestController.java` | REST controllers — handle HTTP requests, delegate to services | `api-handler` |
| `*Service.java` | Service interfaces — define business operation contracts | `service` |
| `*ServiceImpl.java` | Service implementations — contain business logic | `service` |
| `*Repository.java` | Spring Data repositories — data access interfaces extending JpaRepository/CrudRepository | `data-model` |
| `*Entity.java` | JPA entities — map to database tables via `@Entity` annotation | `data-model` |
| `*DTO.java`, `*Request.java`, `*Response.java` | Data transfer objects — request/response payloads | `type-definition` |
| `*Config.java`, `*Configuration.java` | Configuration classes — `@Configuration` beans, security config, web config | `config` |
| `*Filter.java` | Servlet filters — intercept requests before they reach controllers | `middleware` |
| `*Interceptor.java` | Handler interceptors — pre/post processing around controller methods | `middleware` |
| `*Advice.java`, `*ExceptionHandler.java` | Controller advice — global exception handling and response wrapping | `middleware` |
| `*Mapper.java` | Object mappers — convert between entities and DTOs (MapStruct, ModelMapper) | `utility` |
| `application.yml`, `application.properties` | Application configuration — profiles, datasource, server settings | `config` |
| `*Test.java`, `*Tests.java`, `*IT.java` | Unit tests, integration tests | `test` |
### Edge Patterns to Look For
**@Autowired injection** — When a class injects a dependency via `@Autowired`, constructor injection, or `@Inject`, create `depends_on` edges from the consumer to the injected bean. Constructor injection is preferred and most common in modern Spring.
**Controller-Service-Repository chain** — The canonical call chain is `@RestController` -> `@Service` -> `@Repository`. Create `depends_on` edges along this chain to show the layered architecture.
**@Entity relationships** — When entities define `@OneToMany`, `@ManyToOne`, `@OneToOne`, or `@ManyToMany` annotations, create `depends_on` edges between entity classes with descriptions indicating the relationship type and direction.
**@Configuration bean definitions** — When a `@Configuration` class defines `@Bean` methods, create `configures` edges from the configuration class to the types it produces. These beans become available for injection throughout the application.
### Architectural Layers for Spring Boot
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:api` | API Layer | `*Controller.java`, REST endpoints, API documentation |
| `layer:service` | Service Layer | `*Service.java`, `*ServiceImpl.java`, business logic |
| `layer:data` | Data Layer | `*Repository.java`, `*Entity.java`, JPA mappings, database migrations |
| `layer:types` | Types Layer | `*DTO.java`, `*Request.java`, `*Response.java`, shared value objects |
| `layer:config` | Config Layer | `*Configuration.java`, `application.yml`, security config, `*Application.java` |
| `layer:middleware` | Middleware Layer | `*Filter.java`, `*Interceptor.java`, `*Advice.java`, security filters |
| `layer:test` | Test Layer | `*Test.java`, `*Tests.java`, `*IT.java`, test configuration |
### Notable Patterns to Capture in languageLesson
- **Dependency injection via constructor injection**: Spring favors constructor injection over field injection (`@Autowired` on fields) — it makes dependencies explicit, supports immutability, and simplifies testing
- **Layered architecture (Controller -> Service -> Repository)**: Spring Boot applications follow a strict layered pattern where controllers handle HTTP, services contain business logic, and repositories manage persistence
- **Spring Security filter chain**: Security is implemented as a chain of servlet filters — `SecurityFilterChain` beans configure authentication, authorization, CORS, and CSRF protection
- **JPA entity lifecycle**: Entities transition through states (transient, managed, detached, removed) — understanding this lifecycle is essential for tracing data flow through the persistence layer
- **AOP for cross-cutting concerns**: `@Aspect` classes with `@Before`, `@After`, and `@Around` advice inject behavior at join points — used for logging, transactions (`@Transactional`), and caching (`@Cacheable`)

59
.qoder/skills/understand/frameworks/vue.md
View File

@@ -1,59 +0,0 @@
# Vue Framework Addendum
> Injected into file-analyzer and architecture-analyzer prompts when Vue is detected.
> Do NOT use as a standalone prompt — always appended to the base prompt template.
## Vue Project Structure
When analyzing a Vue project, apply these additional conventions on top of the base analysis rules.
### Canonical File Roles
| File / Pattern | Role | Tags |
|---|---|---|
| `src/App.vue` | Root application component — mounts the top-level layout and router view | `entry-point`, `ui` |
| `src/main.ts`, `src/main.js` | Application bootstrap — creates Vue app instance, registers plugins, mounts to DOM | `entry-point`, `config` |
| `components/*.vue`, `components/**/*.vue` | Reusable UI components | `ui` |
| `views/*.vue`, `pages/*.vue` | Page-level components mapped to routes | `ui`, `routing` |
| `composables/*.ts`, `composables/*.js` | Composable functions — reusable stateful logic using Composition API | `service`, `utility` |
| `store/*.ts`, `stores/*.ts` | State management modules (Pinia stores or Vuex modules) | `service`, `state` |
| `router/*.ts`, `router/index.ts` | Vue Router configuration — route definitions, navigation guards | `config`, `routing` |
| `plugins/*.ts`, `plugins/*.js` | Vue plugin registrations — extend app functionality (i18n, auth, etc.) | `config` |
| `utils/*.ts`, `helpers/*.ts` | Pure utility functions | `utility` |
| `types/*.ts`, `types/*.d.ts` | TypeScript type definitions and interfaces | `type-definition` |
| `api/*.ts`, `services/*.ts` | API client functions and data-fetching logic | `service` |
| `directives/*.ts` | Custom Vue directives | `utility` |
| `tests/*.spec.ts`, `__tests__/*.spec.ts` | Unit and integration tests | `test` |
### Edge Patterns to Look For
**Component parent-child** — When a parent component uses a child component in its `<template>`, create `contains` edges from the parent to the child. Template refs and slot usage further indicate composition relationships.
**Composable usage** — When a component or composable imports and calls a `useX` function, create `depends_on` edges from the consumer to the composable module. Composables are the primary mechanism for shared stateful logic.
**Store actions/getters** — When components or composables import and use a Pinia store (`useXStore()`), create `depends_on` edges from the consumer to the store. Store-to-store dependencies should also be captured.
**Router view mapping** — When `router/index.ts` maps paths to view components, create `configures` edges from the router to each view component. Navigation guards add middleware-like edges.
**Plugin registration** — When `main.ts` calls `app.use(plugin)`, create `configures` edges from the bootstrap file to each plugin.
### Architectural Layers for Vue
Assign nodes to these layers when detected:
| Layer ID | Layer Name | What Goes Here |
|---|---|---|
| `layer:ui` | UI Layer | `components/`, `views/`, `pages/`, layout components |
| `layer:service` | Service Layer | `composables/`, `store/`, `stores/`, `api/`, `services/` |
| `layer:config` | Config Layer | `router/`, `plugins/`, `main.ts`, `App.vue`, configuration files |
| `layer:utility` | Utility Layer | `utils/`, `helpers/`, `directives/`, pure functions |
| `layer:test` | Test Layer | `tests/`, `__tests__/`, `*.spec.ts` |
### Notable Patterns to Capture in languageLesson
- **Composition API over Options API**: Modern Vue favors `setup()` and `<script setup>` with composables, replacing the Options API's data/methods/computed separation
- **Pinia for state management**: Pinia stores provide type-safe, modular state with actions and getters — each store is independently defined and can depend on other stores
- **Vue Router with navigation guards**: `beforeEach`, `beforeEnter`, and `afterEach` guards act as middleware for route transitions — used for authentication and data prefetching
- **Single-file components (.vue)**: Each `.vue` file encapsulates template, script, and style in a single file — the `<script setup>` syntax is the recommended concise form
- **Reactive refs and computed properties**: `ref()` and `reactive()` create reactive state; `computed()` derives values that auto-update — understanding reactivity is key to tracing data flow
- **Provide/inject for deep dependency passing**: `provide()` and `inject()` pass values down the component tree without prop drilling — creates implicit dependencies that should be captured as edges

47
.qoder/skills/understand/languages/cpp.md
View File

@@ -1,47 +0,0 @@
# C++ Language Prompt Snippet
## Key Concepts
- **Templates**: Function, class, and variadic templates for generic compile-time polymorphism
- **RAII**: Resource Acquisition Is Initialization — tie resource lifetime to object scope
- **Smart Pointers**: `unique_ptr` (exclusive), `shared_ptr` (reference-counted), `weak_ptr` (non-owning)
- **Move Semantics**: Rvalue references (`&&`) and `std::move` for efficient resource transfer
- **Operator Overloading**: Define custom behavior for operators on user-defined types
- **Virtual Functions and Vtable**: Runtime polymorphism through virtual method dispatch tables
- **Namespaces**: Organize symbols and prevent name collisions across translation units
- **Constexpr**: Compile-time evaluation of functions and variables for zero-runtime-cost computation
- **Lambda Expressions**: Anonymous functions with capture lists for closures
- **STL Containers and Algorithms**: Standard containers (vector, map, set) and generic algorithms
- **Concepts (C++20)**: Named constraints on template parameters replacing SFINAE patterns
## Import Patterns
- `#include <system_header>` — include standard library or system headers
- `#include "local_header.h"` — include project-local header files
- `using namespace std` — bring all names from std into scope (avoid in headers)
- `using std::vector` — selectively bring specific names into scope
## File Patterns
- `.h` / `.hpp` — header files containing declarations, templates, and inline definitions
- `.cpp` / `.cc` — implementation files with function definitions and static data
- `CMakeLists.txt` — CMake build system configuration
- `Makefile` — Make-based build rules and targets
- `main.cpp` — program entry point containing `int main()`
## Common Frameworks
- **Qt** — Cross-platform application framework with signal/slot mechanism
- **Boost** — Extensive collection of peer-reviewed portable libraries
- **Catch2** — Header-only testing framework with BDD-style syntax
- **Google Test** — Testing framework with fixtures, assertions, and mocking
- **gRPC** — High-performance RPC framework for service communication
## Example Language Notes
> Uses `std::unique_ptr<T>` for RAII-based ownership, ensuring deterministic cleanup
> when scope exits. The unique pointer cannot be copied, only moved, making ownership
> transfer explicit and preventing accidental double-free errors.
>
> Header/implementation separation (`.h`/`.cpp`) controls compilation boundaries —
> changes to a `.cpp` file only recompile that translation unit, not all includers.

Some files were not shown because too many files have changed in this diff Show More