chore: Added CLAUDE skills to fix dependency versions and related principles

Author: KubrickCode

.claude/skills/dependancy-management/SKILL.md

@@ -0,0 +1,83 @@
+---
+name: dependency-management
+description: |
+  Enforces fixed version dependency installation across all package managers. Ensures reproducible builds, supply chain security, and stability.
+  Use when: installing packages, updating dependencies, working with package.json/requirements.txt/go.mod/Cargo.toml/pom.xml/build.gradle/composer.json/Gemfile/.csproj, reviewing dependency configurations, configuring CI/CD pipelines
+---
+
+# Dependency Management
+
+## Basic Principles
+
+### Always Use Exact Versions
+
+- Use exact versions only: `package@1.2.3`
+- Forbid: `^1.2.3`, `~1.2.3`, `latest`, `*`, version ranges
+- Exception: Library peerDependencies only
+
+### Lock Files Are Mandatory
+
+- Always commit to version control
+- Forbid manual editing
+- CI/CD must use frozen/locked mode
+
+### Security Audit First
+
+- Check vulnerabilities before installation
+- Automate regular audits
+
+## Installation Commands
+
+```bash
+# Node.js
+npm install --save-exact package@1.2.3
+pnpm add --save-exact package@1.2.3
+yarn add --exact package@1.2.3
+
+# Python
+pip install package==1.2.3
+poetry add package@1.2.3
+
+# Go
+go get package@v1.2.3
+
+# Rust
+cargo add package@=1.2.3
+
+# PHP
+composer require vendor/package:1.2.3
+
+# Ruby (Gemfile)
+gem 'package', '1.2.3'
+
+# Java/Kotlin
+implementation("group:artifact:1.2.3")  # Gradle
+<version>1.2.3</version>                # Maven
+
+# .NET
+dotnet add package PackageName --version 1.2.3
+```
+
+## CI/CD Commands
+
+```bash
+npm ci                          # npm
+pnpm install --frozen-lockfile  # pnpm
+yarn install --frozen-lockfile  # yarn
+poetry install --no-update      # poetry
+go mod verify                   # go
+cargo build --locked            # rust
+composer install --no-update    # php
+bundle install --frozen         # ruby
+dotnet restore --locked-mode    # .NET
+```
+
+## Common Mistakes
+
+| ❌ Wrong                 | ✅ Correct                     |
+| ------------------------ | ------------------------------ |
+| `npm install` (CI)       | `npm ci`                       |
+| `package@latest`         | `package@1.2.3`                |
+| `package@^1.2.3`         | `package@1.2.3`                |
+| Lock file in .gitignore  | Commit lock file               |
+| Manual lock file editing | Regenerate via package manager |

src/extension/package.json

@@ -11,22 +11,22 @@
     "test:ci": "jest --ci --coverage --watchAll=false"
   },
   "devDependencies": {
-    "@jest/globals": "^30.1.2",
-    "@types/jest": "^30.0.0",
+    "@jest/globals": "30.1.2",
+    "@types/jest": "30.0.0",
     "@types/node": "24.3.0",
-    "@types/vscode": "^1.90.0",
+    "@types/vscode": "1.90.0",
     "eslint": "9.37.0",
     "eslint-plugin-import": "2.32.0",
     "eslint-plugin-perfectionist": "4.15.1",
-    "jest": "^30.1.3",
-    "ts-jest": "^29.4.1",
+    "jest": "30.1.3",
+    "ts-jest": "29.4.1",
     "typescript": "5.9.2",
     "typescript-eslint": "8.46.0"
   },
   "dependencies": {
-    "@indic-transliteration/sanscript": "^1.3.3",
-    "convert-layout": "^0.11.1",
-    "tiny-pinyin": "^1.3.2",
-    "wanakana": "^5.3.1"
+    "@indic-transliteration/sanscript": "1.3.3",
+    "convert-layout": "0.11.1",
+    "tiny-pinyin": "1.3.2",
+    "wanakana": "5.3.1"
   }
 }

src/extension/yarn.lock

@@ -388,7 +388,7 @@
   resolved "https://registry.yarnpkg.com/@indic-transliteration/common_maps/-/common_maps-1.0.5.tgz#a63e653fbf6e15e8152086044e1bae2c24c1f3ee"
   integrity sha512-XbWDA5AXGE+Nh4uGr/yN9ZM8avRBy4F1KQL+DLgQGOdsQ390lcW4fga0NSjg4C/rOpMd0rHZv2YFV3Bq3UbpkQ==
 
-"@indic-transliteration/sanscript@^1.3.3":
+"@indic-transliteration/sanscript@1.3.3":
   version "1.3.3"
   resolved "https://registry.yarnpkg.com/@indic-transliteration/sanscript/-/sanscript-1.3.3.tgz#2d70995b8efde50035cd89b0b33516c0e8d8b568"
   integrity sha512-zNGeARmQTPIlubwgEhl/JumpwTPHrdT/cNsQeCL+G67SQmjJe3qRnMIYghXiVt7+KDso/pU1Ky2ZfD/RBISfJQ==
@@ -517,7 +517,7 @@
   resolved "https://registry.yarnpkg.com/@jest/get-type/-/get-type-30.1.0.tgz#4fcb4dc2ebcf0811be1c04fd1cb79c2dba431cbc"
   integrity sha512-eMbZE2hUnx1WV0pmURZY9XoXPkUYjpc55mb0CrhtdWLtzMQPFvu/rZkTLZFTsdaVQa+Tr4eWAteqcUzoawq/uA==
 
-"@jest/globals@30.1.2", "@jest/globals@^30.1.2":
+"@jest/globals@30.1.2":
   version "30.1.2"
   resolved "https://registry.yarnpkg.com/@jest/globals/-/globals-30.1.2.tgz#821cad7d8ef3dc145979088bb0bfbc1f81a5d8ce"
   integrity sha512-teNTPZ8yZe3ahbYnvnVRDeOjr+3pu2uiAtNtrEsiMjVPPj+cXd5E/fr8BL7v/T7F31vYdEHrI5cC/2OoO/vM9A==
@@ -806,7 +806,7 @@
   dependencies:
     "@types/istanbul-lib-report" "*"
 
-"@types/jest@^30.0.0":
+"@types/jest@30.0.0":
   version "30.0.0"
   resolved "https://registry.yarnpkg.com/@types/jest/-/jest-30.0.0.tgz#5e85ae568006712e4ad66f25433e9bdac8801f1d"
   integrity sha512-XTYugzhuwqWjws0CVz8QpM36+T+Dz5mTEBKhNs/esGLnCIlGdRy+Dq78NRjd7ls7r8BC8ZRMOrKlkO1hU0JOwA==
@@ -843,10 +843,10 @@
   resolved "https://registry.yarnpkg.com/@types/stack-utils/-/stack-utils-2.0.3.tgz#6209321eb2c1712a7e7466422b8cb1fc0d9dd5d8"
   integrity sha512-9aEbYZ3TbYMznPdcdr3SmIrLXwC/AKZXQeCf9Pgao5CKb8CyHuEX5jzWPTkvregvhRJHcpRO6BFoGW9ycaOkYw==
 
-"@types/vscode@^1.90.0":
-  version "1.103.0"
-  resolved "https://registry.yarnpkg.com/@types/vscode/-/vscode-1.103.0.tgz#4a0d9777d952992c9ebdbe8dad067032d2fbc1fb"
-  integrity sha512-o4hanZAQdNfsKecexq9L3eHICd0AAvdbLk6hA60UzGXbGH/q8b/9xv2RgR7vV3ZcHuyKVq7b37IGd/+gM4Tu+Q==
+"@types/vscode@1.90.0":
+  version "1.90.0"
+  resolved "https://registry.yarnpkg.com/@types/vscode/-/vscode-1.90.0.tgz#c122384d51bd774cec4aa86ca443858adc9edef2"
+  integrity sha512-oT+ZJL7qHS9Z8bs0+WKf/kQ27qWYR3trsXpq46YDjFqBsMLG4ygGGjPaJ2tyrH0wJzjOEmDyg9PDJBBhWg9pkQ==
 
 "@types/yargs-parser@*":
   version "21.0.3"
@@ -1443,7 +1443,7 @@ concat-map@0.0.1:
   resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
   integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==
 
-convert-layout@^0.11.1:
+convert-layout@0.11.1:
   version "0.11.1"
   resolved "https://registry.yarnpkg.com/convert-layout/-/convert-layout-0.11.1.tgz#823bd72268e1a959f2433348a44a9c7185bba22e"
   integrity sha512-Zy+yE2AqFZUYZxvwS/He7DmnwEahGdy/GyiM33YdxoixyI1YZCYYup2OEYnrhn5r34L9YRa+PZC2ooVmQHY9oQ==
@@ -2868,7 +2868,7 @@ jest-worker@30.1.0:
     merge-stream "^2.0.0"
     supports-color "^8.1.1"
 
-jest@^30.1.3:
+jest@30.1.3:
   version "30.1.3"
   resolved "https://registry.yarnpkg.com/jest/-/jest-30.1.3.tgz#c962290f65c32d44a0624f785b2d780835525a23"
   integrity sha512-Ry+p2+NLk6u8Agh5yVqELfUJvRfV51hhVBRIB5yZPY7mU0DGBmOuFG5GebZbMbm86cdQNK0fhJuDX8/1YorISQ==
@@ -3735,7 +3735,7 @@ test-exclude@^6.0.0:
     glob "^7.1.4"
     minimatch "^3.0.4"
 
-tiny-pinyin@^1.3.2:
+tiny-pinyin@1.3.2:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/tiny-pinyin/-/tiny-pinyin-1.3.2.tgz#ce31f0f3afc2a80ee9df708fc7f4e914854d534a"
   integrity sha512-uHNGu4evFt/8eNLldazeAM1M8JrMc1jshhJJfVRARTN3yT8HEEibofeQ7QETWQ5ISBjd6fKtTVBCC/+mGS6FpA==
@@ -3762,7 +3762,7 @@ ts-api-utils@^2.1.0:
   resolved "https://registry.yarnpkg.com/ts-api-utils/-/ts-api-utils-2.1.0.tgz#595f7094e46eed364c13fd23e75f9513d29baf91"
   integrity sha512-CUgTZL1irw8u29bzrOD/nH85jqyc74D6SshFgujOIA7osm2Rz7dYH77agkx7H4FBNxDq7Cjf+IjaX/8zwFW+ZQ==
 
-ts-jest@^29.4.1:
+ts-jest@29.4.1:
   version "29.4.1"
   resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-29.4.1.tgz#42d33beb74657751d315efb9a871fe99e3b9b519"
   integrity sha512-SaeUtjfpg9Uqu8IbeDKtdaS0g8lS6FT6OzM3ezrDfErPJPHNDo/Ey+VFGP1bQIDfagYDLyRpd7O15XpG1Es2Uw==
@@ -3957,7 +3957,7 @@ walker@^1.0.8:
   dependencies:
     makeerror "1.0.12"
 
-wanakana@^5.3.1:
+wanakana@5.3.1:
   version "5.3.1"
   resolved "https://registry.yarnpkg.com/wanakana/-/wanakana-5.3.1.tgz#e20798fb9687d926d4aad25874bc8e66096818ed"
   integrity sha512-OSDqupzTlzl2LGyqTdhcXcl6ezMiFhcUwLBP8YKaBIbMYW1wAwDvupw2T9G9oVaKT9RmaSpyTXjxddFPUcFFIw==

src/web-view/package.json

@@ -10,39 +10,39 @@
     "preview": "vite preview"
   },
   "dependencies": {
-    "@dnd-kit/core": "^6.3.1",
-    "@dnd-kit/sortable": "^10.0.0",
-    "@dnd-kit/utilities": "^3.2.2",
-    "@radix-ui/react-checkbox": "^1.3.3",
-    "@radix-ui/react-dialog": "^1.1.15",
-    "@radix-ui/react-label": "^2.1.7",
-    "@radix-ui/react-radio-group": "^1.3.8",
-    "@radix-ui/react-slot": "^1.2.3",
-    "@radix-ui/react-tooltip": "^1.2.8",
-    "@tailwindcss/vite": "^4.1.13",
-    "class-variance-authority": "^0.7.1",
-    "clsx": "^2.1.1",
-    "lucide-react": "^0.544.0",
-    "react": "^19.1.1",
-    "react-dom": "^19.1.1",
-    "tailwind-merge": "^3.3.1",
-    "tailwindcss": "^4.1.13"
+    "@dnd-kit/core": "6.3.1",
+    "@dnd-kit/sortable": "10.0.0",
+    "@dnd-kit/utilities": "3.2.2",
+    "@radix-ui/react-checkbox": "1.3.3",
+    "@radix-ui/react-dialog": "1.1.15",
+    "@radix-ui/react-label": "2.1.7",
+    "@radix-ui/react-radio-group": "1.3.8",
+    "@radix-ui/react-slot": "1.2.3",
+    "@radix-ui/react-tooltip": "1.2.8",
+    "@tailwindcss/vite": "4.1.13",
+    "class-variance-authority": "0.7.1",
+    "clsx": "2.1.1",
+    "lucide-react": "0.544.0",
+    "react": "19.1.1",
+    "react-dom": "19.1.1",
+    "tailwind-merge": "3.3.1",
+    "tailwindcss": "4.1.13"
   },
   "devDependencies": {
-    "@eslint/js": "^9.33.0",
-    "@types/react": "^19.1.10",
-    "@types/react-dom": "^19.1.7",
-    "@vitejs/plugin-react": "^5.0.0",
+    "@eslint/js": "9.33.0",
+    "@types/react": "19.1.10",
+    "@types/react-dom": "19.1.7",
+    "@vitejs/plugin-react": "5.0.0",
     "eslint": "9.37.0",
     "eslint-plugin-import": "2.32.0",
     "eslint-plugin-perfectionist": "4.15.1",
     "eslint-plugin-react": "7.37.5",
     "eslint-plugin-react-hooks": "7.0.0",
     "eslint-plugin-react-refresh": "0.4.23",
-    "globals": "^16.3.0",
-    "tw-animate-css": "^1.3.8",
+    "globals": "16.3.0",
+    "tw-animate-css": "1.3.8",
     "typescript": "~5.8.3",
     "typescript-eslint": "8.46.0",
-    "vite": "^7.1.11"
+    "vite": "7.1.11"
   }
 }