mirror of
https://github.com/affaan-m/everything-claude-code.git
synced 2026-05-30 05:35:22 +08:00
04c68e483a
* feat(rules): add rules/react/ track
Five rule files mirroring per-language convention (coding-style,
hooks, patterns, security, testing). Each has `paths:` glob
frontmatter for auto-activation when editing matching files.
- coding-style.md: file extensions, naming, JSX, RSC boundary
- hooks.md: React hooks (NOT Claude Code hooks) — rules-of-hooks,
dep arrays, cleanup, memoization, React 19 additions
- patterns.md: container/presentational split, state location
decision tree, Suspense + error boundaries, forms, data fetching
- security.md: dangerouslySetInnerHTML, unsafe URL schemes,
server-action validation, env-var leaks, CSP
- testing.md: RTL queries, userEvent, async, MSW, axe, anti-patterns
Each file extends typescript/* and common/* rules.
* feat(skills): add react-patterns, react-testing, react-performance
Three new skills under skills/ following the SKILL.md convention.
- react-patterns: React 18/19 idioms — hooks discipline, state
location decision tree, server/client component boundary,
Suspense + error boundaries, form actions (React 19), data
fetching matrix, composition recipes, accessibility-first.
- react-testing: React Testing Library + Vitest/Jest, query
priority order, userEvent, MSW network mocking, axe a11y
assertions, RTL vs Playwright CT boundary, TDD workflow.
- react-performance: 70-rule performance ruleset adapted from
Vercel Labs react-best-practices (MIT) across 8 priority
categories — waterfalls, bundle size, server-side, client
fetch, re-render, rendering, JS micro, advanced patterns.
Includes Lighthouse / Web Vitals mapping and attribution to
upstream.
Cross-links between the three skills and out to frontend-patterns,
accessibility, e2e-testing, tdd-workflow.
* feat(agents): add react-reviewer and react-build-resolver
Two new agents covering React-specific code review and build error
resolution, plus matching .kiro/ mirrors and a routing pointer
edit on typescript-reviewer.
- react-reviewer: slim React-only lanes (hooks rules,
dangerouslySetInnerHTML, unsafe URL schemes, key prop, state
mutation, derived-state-in-effect, server/client component
boundary, accessibility, render performance, Server Action
validation, env-var leaks). Explicitly delegates generic
TypeScript/async/Node concerns to typescript-reviewer. Both
agents should be invoked together on .tsx/.jsx PRs.
- react-build-resolver: React build/bundler/runtime hydration
failures across Vite, webpack, Next.js, CRA, Parcel, esbuild,
Bun, Rsbuild. Handles JSX/TSX compile errors, tsconfig fixes,
Next.js App Router server/client boundary errors, hydration
mismatches, duplicated React copies, Tailwind/PostCSS pipeline.
- .kiro/agents/react-reviewer.json + react-build-resolver.json:
Kiro IDE format mirrors following the per-language precedent.
- typescript-reviewer: routing pointer added to its MEDIUM React
block — defers to /react-review for React-specific concerns
while keeping its block as fallback for repos that only invoke
typescript-reviewer.
All agents carry the standard Prompt Defense Baseline stanza.
* feat(commands): add /react-review /react-build /react-test
Three new slash commands invoking the React agents.
- /react-review: invokes react-reviewer. Documents the routing
rule with typescript-reviewer — both should run together on
TSX/JSX PRs. Lists CRITICAL/HIGH/MEDIUM rule categories and
the automated checks (eslint with react-hooks + jsx-a11y,
tsc --noEmit, npm audit).
- /react-build: invokes react-build-resolver. Documents bundler
detection, common failure patterns, fix strategy, and stop
conditions.
- /react-test: enforces TDD with React Testing Library + Vitest
or Jest, behavior-focused queries, userEvent + MSW patterns,
axe accessibility assertions, coverage targets.
Each command file has the required description: frontmatter and
follows the per-language command convention (cpp-test, go-test,
kotlin-test, etc.).
* chore: wire react track into manifests and stack mappings
- agent.yaml: add react-patterns, react-performance, react-testing
to the skills array; add react-build, react-review, react-test to
the commands array (alphabetically inserted to satisfy the
ci/agent-yaml-surface sync test).
- config/project-stack-mappings.json: extend the `react` stack
entry — add "react" to rules array (was ["common","typescript",
"web"]); add react-patterns, react-performance, react-testing,
accessibility to the skills array.
- docs/COMMAND-REGISTRY.json: bump totalCommands 75 -> 78; add
three new entries (react-build, react-review, react-test) with
primaryAgents / allAgents / skills wiring. react-review's
allAgents includes typescript-reviewer to reflect the dual-agent
routing convention.
- CLAUDE.md: add Skills-table row mapping *.tsx / *.jsx /
components/** to react-patterns + react-testing skills and
the /react-review, /react-build, /react-test commands.
* chore(catalog): sync counts to 62 agents / 78 commands / 235 skills
Auto-generated via `node scripts/ci/catalog.js --write --text`
after the react track additions:
- 2 new agents: react-reviewer, react-build-resolver (60 -> 62)
- 3 new commands: react-build, react-review, react-test (75 -> 78)
- 3 new skills: react-patterns, react-performance, react-testing
(232 -> 235)
Files updated by the catalog sync:
- .claude-plugin/plugin.json description string
- .claude-plugin/marketplace.json plugin description
- README.md quick-start summary, project tree, feature parity tables
- README.zh-CN.md quick-start summary
- AGENTS.md project structure summary
- docs/zh-CN/README.md parity table
- docs/zh-CN/AGENTS.md project structure summary
All counts now match the filesystem catalog (verified by
ci/catalog.test.js).
* feat(kiro): add react agent markdown companions to JSON entries
* feat(kiro): add react skills into manifests
* fix(ci): sync catalog counts, registry, and package files for react track
- .claude-plugin/{plugin,marketplace}.json: bump description counts to 62/235/78
- docs/COMMAND-REGISTRY.json: regenerate to include quality-gate and react commands
- package.json: add skills/react-{patterns,performance,testing}/ to files allowlist so npm-publish-surface aligns with install-modules manifest
* fix(react): address PR #2024 review feedback
Critical:
- Remove undefined/.claude/session-aliases.json containing __proto__ prototype-pollution
fixture committed by accident in a7333c14
High:
- agents/react-build-resolver.md: replace brittle `test -o $(grep -l ...)` and
`test -a -n $(grep ...)` detection with explicit `{ ... || grep -q ...; }` so
bundler detection no longer breaks when grep returns empty
- agents/react-build-resolver.md: drop hardcoded `npm i react@^19 react-dom@^19`
remediation; replace with version-agnostic pair-upgrade note that honors the
project's installed major (17/18/19) — surgical fix principle
- commands/react-review.md: guard `tsc --noEmit -p tsconfig.json` with
`[ -f tsconfig.json ] &&` so the review skips cleanly on JS-only projects
Medium:
- rules/react/security.md: correct the React-18-blocks-javascript-URL claim
(React only warns in dev; production navigation is not blocked)
- rules/react/security.md: correct CRA env-var exposure row (CRA exposes
REACT_APP_*, NODE_ENV, PUBLIC_URL — not 'all' variables)
- skills/react-testing/SKILL.md: instantiate QueryClient once outside the
wrapper closure so React Query cache survives re-renders (flaky-test fix)
- skills/react-testing/SKILL.md: restore console.error spy with mockRestore()
in a try/finally so the mock does not leak across tests
- commands/react-test.md: switch outer example-session fence to 4 backticks
so the inner ```tsx/```bash blocks don't prematurely terminate it
* fix(kiro): mirror react-build-resolver react 19 conditional remediation
Discussion r3272907106 flagged the kiro json variant still carrying the hardcoded
'npm i react@^19 react-dom@^19' line that the .md companion already dropped.
Replace with the same conditional, version-agnostic guidance so both variants
stay in sync.
* fix(react): bump react-build example session fence to 4 backticks
Discussion r3272907144 flagged the same nested-fence issue in
commands/react-build.md that we fixed earlier in commands/react-test.md.
The outer triple-backtick text block was being prematurely terminated by
the inner bash/tsx fences inside the Example Session.
* fix(react): bump react-review example usage fence to 4 backticks
Discussion r3272907201 flagged the same nested-fence issue in
commands/react-review.md. The outer triple-backtick text block was
being prematurely terminated by the inner tsx/ts fences inside the
Example Usage transcript.
* fix(docs): clarify commands row as legacy shims in feature parity table
Discussion r3272912003: README comparison table said 'PASS: 78 commands'
while the install-section and quick-start prose use 'legacy command shims'.
Aligned the comparison-table cell to 'PASS: 78 commands (legacy shims)' so
the count word survives the catalog-validator regex while making the legacy
nature explicit.
Widened the catalog comparison-table commands regex to tolerate an optional
parenthetical after the count word, so both the existing 'X commands' and
the new 'X commands (legacy shims)' phrasings validate without breaking
older READMEs/translations.
* Update rules/react/security.md
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
* fix(react): guard tsc in react-build-resolver diagnostic commands
Discussion r3288910205: the agent prompt instructed an unconditional
'tsc --noEmit -p tsconfig.json', which adds noise (or hard-fails) on
JavaScript-only projects with no tsconfig.json or no installed TypeScript.
Replaced with 'test -f tsconfig.json && npx --yes tsc --noEmit -p tsconfig.json'
in both variants:
- agents/react-build-resolver.md
- .kiro/agents/react-build-resolver.json (prompt string mirrored)
Mirrors the same guard already applied to commands/react-review.md in de135f61.
* fix(react): pin tsc resolution to local install in build resolver
Discussion r3289054157: previous fix used 'npx --yes tsc' which auto-installs
the latest TypeScript from npm when none is local, producing version drift
and non-reproducible typecheck results across machines.
Switched to 'npx --no-install tsc' in both variants so the diagnostic uses
only the project's pinned TypeScript and fails fast if it isn't installed:
- agents/react-build-resolver.md
- .kiro/agents/react-build-resolver.json (prompt string mirrored)
* feat(counts): resolve counts for agents, skills...
* fix(ci): regen command registry for golang-testing entry
Removes stale kotlin-patterns entry to satisfy command-registry:check.
* fix: keep local Claude settings out of React track PR
---------
Co-authored-by: AlexisLeDain <a.ledain@docoon.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
Co-authored-by: Affaan Mustafa <affaan@dcube.ai>
7.3 KiB
7.3 KiB
Everything Claude Code (ECC) — 智能体指令
这是一个生产就绪的 AI 编码插件,提供 63 个专业代理、249 项技能、79 条命令以及自动化钩子工作流,用于软件开发。
版本: 2.0.0-rc.1
核心原则
- 智能体优先 — 将领域任务委托给专业智能体
- 测试驱动 — 先写测试再实现,要求 80%+ 覆盖率
- 安全第一 — 绝不妥协安全;验证所有输入
- 不可变性 — 总是创建新对象,永不修改现有对象
- 先规划后执行 — 在编写代码前规划复杂功能
可用智能体
| 代理 | 用途 | 使用时机 |
|---|---|---|
| planner | 实现规划 | 复杂功能、重构 |
| architect | 系统设计与可扩展性 | 架构决策 |
| tdd-guide | 测试驱动开发 | 新功能、错误修复 |
| code-reviewer | 代码质量与可维护性 | 编写/修改代码后 |
| security-reviewer | 漏洞检测 | 提交前、敏感代码 |
| build-error-resolver | 修复构建/类型错误 | 构建失败时 |
| e2e-runner | 端到端 Playwright 测试 | 关键用户流程 |
| refactor-cleaner | 死代码清理 | 代码维护 |
| doc-updater | 文档和代码地图更新 | 更新文档时 |
| docs-lookup | 文档和 API 参考研究 | 库/API 文档问题 |
| cpp-reviewer | C++ 代码审查 | C++ 项目 |
| cpp-build-resolver | C++ 构建错误 | C++ 构建失败 |
| go-reviewer | Go 代码审查 | Go 项目 |
| go-build-resolver | Go 构建错误 | Go 构建失败 |
| kotlin-reviewer | Kotlin 代码审查 | Kotlin/Android/KMP 项目 |
| kotlin-build-resolver | Kotlin/Gradle 构建错误 | Kotlin 构建失败 |
| database-reviewer | PostgreSQL/Supabase 专家 | 模式设计、查询优化 |
| python-reviewer | Python 代码审查 | Python 项目 |
| java-reviewer | Java 和 Spring Boot 代码审查 | Java/Spring Boot 项目 |
| java-build-resolver | Java/Maven/Gradle 构建错误 | Java 构建失败 |
| chief-of-staff | 沟通分类与草拟 | 多渠道邮件、Slack、LINE、Messenger |
| loop-operator | 自主循环执行 | 安全运行循环、监控停滞、干预 |
| harness-optimizer | Harness 配置调优 | 可靠性、成本、吞吐量 |
| rust-reviewer | Rust 代码审查 | Rust 项目 |
| rust-build-resolver | Rust 构建错误 | Rust 构建失败 |
| pytorch-build-resolver | PyTorch 运行时/CUDA/训练错误 | PyTorch 构建/训练失败 |
| typescript-reviewer | TypeScript/JavaScript 代码审查 | TypeScript/JavaScript 项目 |
智能体编排
主动使用智能体,无需用户提示:
- 复杂功能请求 → planner
- 刚编写/修改的代码 → code-reviewer
- 错误修复或新功能 → tdd-guide
- 架构决策 → architect
- 安全敏感代码 → security-reviewer
- 多渠道沟通分流 → chief-of-staff
- 自主循环 / 循环监控 → loop-operator
- 线束配置可靠性及成本 → harness-optimizer
对于独立操作使用并行执行 — 同时启动多个智能体。
安全指南
在任何提交之前:
- 没有硬编码的密钥(API 密钥、密码、令牌)
- 所有用户输入都经过验证
- 防止 SQL 注入(参数化查询)
- 防止 XSS(已清理的 HTML)
- 启用 CSRF 保护
- 已验证身份验证/授权
- 所有端点都有限速
- 错误消息不泄露敏感数据
密钥管理: 绝不硬编码密钥。使用环境变量或密钥管理器。在启动时验证所需的密钥。立即轮换任何暴露的密钥。
如果发现安全问题: 停止 → 使用 security-reviewer 智能体 → 修复 CRITICAL 问题 → 轮换暴露的密钥 → 审查代码库中的类似问题。
编码风格
不可变性(关键): 总是创建新对象,永不修改。返回带有更改的新副本。
文件组织: 许多小文件优于少数大文件。通常 200-400 行,最多 800 行。按功能/领域组织,而不是按类型组织。高内聚,低耦合。
错误处理: 在每个层级处理错误。在 UI 代码中提供用户友好的消息。在服务器端记录详细的上下文。绝不静默地忽略错误。
输入验证: 在系统边界验证所有用户输入。使用基于模式的验证。快速失败并给出清晰的消息。绝不信任外部数据。
代码质量检查清单:
- 函数小巧(<50 行),文件专注(<800 行)
- 没有深层嵌套(>4 层)
- 适当的错误处理,没有硬编码的值
- 可读性强、命名良好的标识符
测试要求
最低覆盖率:80%
测试类型(全部必需):
- 单元测试 — 单个函数、工具、组件
- 集成测试 — API 端点、数据库操作
- 端到端测试 — 关键用户流程
TDD 工作流(强制):
- 先写测试(RED) — 测试应该失败
- 编写最小实现(GREEN) — 测试应该通过
- 重构(IMPROVE) — 验证覆盖率 80%+
故障排除:检查测试隔离 → 验证模拟 → 修复实现(而不是测试,除非测试是错误的)。
开发工作流
- 规划 — 使用规划代理,识别依赖关系和风险,分阶段推进
- 测试驱动开发 — 使用 tdd-guide 代理,先写测试,再实现和重构
- 评审 — 立即使用代码评审代理,解决 CRITICAL/HIGH 级别的问题
- 在适当位置记录知识
- 个人调试笔记、偏好和临时上下文 → 自动记忆
- 团队/项目知识(架构决策、API 变更、操作手册)→ 项目现有文档结构
- 如果当前任务已生成相关文档或代码注释,请勿在其他地方重复相同信息
- 如果没有明显的项目文档位置,在创建新的顶层文件前先询问
- 提交 — 采用约定式提交格式,提供全面的 PR 摘要
Git 工作流
提交格式: <type>: <description> — 类型:feat, fix, refactor, docs, test, chore, perf, ci
PR 工作流: 分析完整的提交历史 → 起草全面的摘要 → 包含测试计划 → 使用 -u 标志推送。
架构模式
API 响应格式: 具有成功指示器、数据负载、错误消息和分页元数据的一致信封。
仓储模式: 将数据访问封装在标准接口(findAll, findById, create, update, delete)后面。业务逻辑依赖于抽象接口,而不是存储机制。
骨架项目: 搜索经过实战检验的模板,使用并行智能体(安全性、可扩展性、相关性)进行评估,克隆最佳匹配,在已验证的结构内迭代。
性能
上下文管理: 对于大型重构和多文件功能,避免使用上下文窗口的最后 20%。敏感性较低的任务(单次编辑、文档、简单修复)可以容忍较高的利用率。
构建故障排除: 使用 build-error-resolver 智能体 → 分析错误 → 增量修复 → 每次修复后验证。
项目结构
agents/ — 63 个专业子代理
skills/ — 249 个工作流技能和领域知识
commands/ — 79 个斜杠命令
hooks/ — 基于触发的自动化
rules/ — 始终遵循的指导方针(通用 + 每种语言)
scripts/ — 跨平台 Node.js 实用工具
mcp-configs/ — 14 个 MCP 服务器配置
tests/ — 测试套件
成功指标
- 所有测试通过且覆盖率 80%+
- 没有安全漏洞
- 代码可读且可维护
- 性能可接受
- 满足用户需求