a8cf2cd941
Milestone-end workflow that compares declared product intent (VISION.md,
RUNBOOKS.md, etc.) against actual code/test/deploy/docs evidence and
emits structured gaps with severity. Soft gates — adds follow-up slices
but doesn't hard-block merge.
Slim port (4 new files + 1 registration) — extracts only the audit
feature itself, not bunker's parallel rewrite of dispatch/prompts/
benchmark-selector that came with it in commit 2aa785475.
Created:
- prompts/product-audit.md — prompt verbatim, gsd_*→sf_* and .gsd→.sf
- tools/product-audit-tool.ts — slim file-write implementation,
atomicWriteAsync to .sf/active/{mid}/
PRODUCT-AUDIT.{json,md}; no DB deps
- bootstrap/product-audit-tool.ts — pi-coding-agent tool registration,
TypeBox schema for sf_product_audit
- workflow-templates/product-audit.md — workflow template
Modified:
- bootstrap/register-extension.ts — 2 lines: import + add to nonCriticalRegistrations
- workflow-templates/registry.json — registry entry
- package.json — version 2.75.0 → 2.75.1
Verdict logic (no-gaps | gaps-found | contract-underspecified) is the
load-bearing innovation: contract-underspecified forces the auditor to
flag unverifiable docs as a real gap rather than rubber-stamping
no-gaps when the product contract is silent.
Out of scope: phase enum changes, dispatch hookup. Wire-up to the phase
machine is a follow-up; the prompt + tool + template stand alone.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
167 lines
4.1 KiB
JSON
167 lines
4.1 KiB
JSON
{
|
|
"version": 1,
|
|
"templates": {
|
|
"full-project": {
|
|
"name": "Full Project",
|
|
"description": "Complete SF workflow with roadmap, milestones, slices, and full ceremony",
|
|
"file": "full-project.md",
|
|
"phases": ["init", "discuss", "plan", "execute", "verify"],
|
|
"triggers": [
|
|
"new project",
|
|
"greenfield",
|
|
"from scratch",
|
|
"build an app",
|
|
"create a new"
|
|
],
|
|
"artifact_dir": ".sf/",
|
|
"estimated_complexity": "high",
|
|
"requires_project": true
|
|
},
|
|
"bugfix": {
|
|
"name": "Bug Fix",
|
|
"description": "Triage, reproduce, fix, test, and ship a bug fix",
|
|
"file": "bugfix.md",
|
|
"phases": ["triage", "fix", "verify", "ship"],
|
|
"triggers": [
|
|
"bug",
|
|
"issue",
|
|
"fix",
|
|
"broken",
|
|
"regression",
|
|
"error",
|
|
"crash",
|
|
"failing",
|
|
"github.com/*/issues/*"
|
|
],
|
|
"artifact_dir": ".sf/workflows/bugfixes/",
|
|
"estimated_complexity": "low",
|
|
"requires_project": false
|
|
},
|
|
"small-feature": {
|
|
"name": "Small Feature",
|
|
"description": "Lightweight feature development with optional discussion and research",
|
|
"file": "small-feature.md",
|
|
"phases": ["scope", "plan", "implement", "verify"],
|
|
"triggers": [
|
|
"add",
|
|
"feature",
|
|
"implement",
|
|
"build",
|
|
"create",
|
|
"new command",
|
|
"new endpoint"
|
|
],
|
|
"artifact_dir": ".sf/workflows/features/",
|
|
"estimated_complexity": "medium",
|
|
"requires_project": false
|
|
},
|
|
"refactor": {
|
|
"name": "Refactor / Migration",
|
|
"description": "Systematic code transformation with inventory and wave-based execution",
|
|
"file": "refactor.md",
|
|
"phases": ["inventory", "plan", "migrate", "verify"],
|
|
"triggers": [
|
|
"refactor",
|
|
"migrate",
|
|
"rename",
|
|
"restructure",
|
|
"move",
|
|
"reorganize",
|
|
"clean up"
|
|
],
|
|
"artifact_dir": ".sf/workflows/refactors/",
|
|
"estimated_complexity": "medium",
|
|
"requires_project": false
|
|
},
|
|
"spike": {
|
|
"name": "Research Spike",
|
|
"description": "Investigate a question, prototype, and document findings",
|
|
"file": "spike.md",
|
|
"phases": ["scope", "research", "synthesize"],
|
|
"triggers": [
|
|
"research",
|
|
"investigate",
|
|
"explore",
|
|
"spike",
|
|
"compare",
|
|
"evaluate",
|
|
"should we",
|
|
"what if",
|
|
"how does"
|
|
],
|
|
"artifact_dir": ".sf/workflows/spikes/",
|
|
"estimated_complexity": "low",
|
|
"requires_project": false
|
|
},
|
|
"hotfix": {
|
|
"name": "Hotfix",
|
|
"description": "Minimal ceremony: fix the thing, test it, ship it",
|
|
"file": "hotfix.md",
|
|
"phases": ["fix", "ship"],
|
|
"triggers": [
|
|
"hotfix",
|
|
"urgent",
|
|
"critical",
|
|
"asap",
|
|
"production down",
|
|
"p0"
|
|
],
|
|
"artifact_dir": null,
|
|
"estimated_complexity": "minimal",
|
|
"requires_project": false
|
|
},
|
|
"security-audit": {
|
|
"name": "Security Audit",
|
|
"description": "Scan for vulnerabilities, triage findings, remediate, and verify",
|
|
"file": "security-audit.md",
|
|
"phases": ["scan", "triage", "remediate", "re-scan"],
|
|
"triggers": [
|
|
"security",
|
|
"audit",
|
|
"vulnerability",
|
|
"owasp",
|
|
"cve",
|
|
"penetration",
|
|
"hardening"
|
|
],
|
|
"artifact_dir": ".sf/workflows/audits/",
|
|
"estimated_complexity": "medium",
|
|
"requires_project": false
|
|
},
|
|
"dep-upgrade": {
|
|
"name": "Dependency Upgrade",
|
|
"description": "Assess impact, upgrade dependencies, fix breaking changes",
|
|
"file": "dep-upgrade.md",
|
|
"phases": ["assess", "upgrade", "fix", "verify"],
|
|
"triggers": [
|
|
"upgrade",
|
|
"update",
|
|
"dependency",
|
|
"deps",
|
|
"bump",
|
|
"outdated",
|
|
"npm update",
|
|
"renovate"
|
|
],
|
|
"artifact_dir": ".sf/workflows/upgrades/",
|
|
"estimated_complexity": "medium",
|
|
"requires_project": false
|
|
},
|
|
"product-audit": {
|
|
"name": "Product Audit",
|
|
"description": "End-of-milestone soft gate comparing declared product intent against code/test/deploy/docs evidence; emits structured gaps and suggested follow-up slices",
|
|
"file": "product-audit.md",
|
|
"phases": ["audit"],
|
|
"triggers": [
|
|
"product audit",
|
|
"completeness audit",
|
|
"milestone audit",
|
|
"product readiness",
|
|
"product gap"
|
|
],
|
|
"artifact_dir": ".sf/active/",
|
|
"estimated_complexity": "low",
|
|
"requires_project": true
|
|
}
|
|
}
|
|
}
|